[Openvas-commits] r12983 - in trunk/openvas-plugins: . scripts

scm-commit at wald.intevation.org scm-commit at wald.intevation.org
Thu Mar 8 15:06:23 CET 2012 

Author: mattm
Date: 2012-03-08 15:06:22 +0100 (Thu, 08 Mar 2012)
New Revision: 12983

Modified:
   trunk/openvas-plugins/ChangeLog
   trunk/openvas-plugins/scripts/nmap.nasl
Log:
	* scripts/nmap.nasl: Remove the preference "UDP port scan" when the
	OpenVAS version is >= 5.rc.  Instead always enable UDP scanning so that
	the port list determines whether UDP ports are scanned.  For OpenVAS <=
	5.beta the preference and the old behaviour remain.

Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2012-03-08 13:52:24 UTC (rev 12982)
+++ trunk/openvas-plugins/ChangeLog	2012-03-08 14:06:22 UTC (rev 12983)
@@ -1,3 +1,10 @@
+2012-02-08  Matthew Mundell <matthew.mundell at greenbone.net>
+
+	* scripts/nmap.nasl: Remove the preference "UDP port scan" when the
+	OpenVAS version is >= 5.rc.  Instead always enable UDP scanning so that
+	the port list determines whether UDP ports are scanned.  For OpenVAS <=
+	5.beta the preference and the old behaviour remain.
+
 2012-03-08  Bernhard Herzog  <bh at intevation.de>
 
 	* extra/build_oid_map: Also search for nasl-files in
@@ -192,7 +199,7 @@
 
 	* scripts/secpod_ssl_ciphers.nasl:
 	Moved reporting to gb_secpod_ssl_ciphers_noweak_report.nasl
-	and scripts/gb_secpod_ssl_ciphers_weak_report.nasl. 
+	and scripts/gb_secpod_ssl_ciphers_weak_report.nasl.
 
 2012-03-01  Jan-Oliver Wagner <jan-oliver.wagner at greenbone.net>
 

Modified: trunk/openvas-plugins/scripts/nmap.nasl
===================================================================
--- trunk/openvas-plugins/scripts/nmap.nasl	2012-03-08 13:52:24 UTC (rev 12982)
+++ trunk/openvas-plugins/scripts/nmap.nasl	2012-03-08 14:06:22 UTC (rev 12983)
@@ -71,7 +71,13 @@
  script_add_preference(name:"TCP scanning technique :", type:"radio", 
   value:"connect();SYN scan;FIN scan;Xmas Tree scan;Null scan");
 
- script_add_preference(name:"UDP port scan", type:"checkbox", value: "no");
+ # This preference has been dropped since OpenVAS 5 RC, so that port lists
+ # entirely control whether UDP is scanned.
+ split = split(OPENVAS_VERSION, sep:'.', keep:FALSE);
+ if (int(split[0]) < 5)
+   script_add_preference(name:"UDP port scan", type:"checkbox", value: "no");
+ else if ((int(split[0]) == 5) && strstr(OPENVAS_VERSION, "beta"))
+   script_add_preference(name:"UDP port scan", type:"checkbox", value: "no");
  script_add_preference(name:"Service scan", type:"checkbox", value: "no");
  script_add_preference(name:"RPC port scan", type:"checkbox", value: "no");
  script_add_preference(name:"Identify the remote OS", type:"checkbox", value: "no");
@@ -212,11 +218,22 @@
   }
  }
 
+ split = split(OPENVAS_VERSION, sep:'.', keep:FALSE);
+ if ((int(split[0]) > 5)
+     || ((int(split[0]) == 5) && !strstr(OPENVAS_VERSION, "beta")))
+ {
+  argv[i++] = "-sU";
+ }
+
  # UDP & RPC scans or fingerprinting may kill a buggy IP stack
  if (! safe)
  {
-  p = script_get_preference("UDP port scan");
-  if ("yes" >< p) argv[i++] = "-sU";
+  if (int(split[0]) < 5
+      || ((int(split[0]) == 5) && strstr(OPENVAS_VERSION, "beta")))
+  {
+   p = script_get_preference("UDP port scan");
+   if ("yes" >< p) argv[i++] = "-sU";
+  }
   p = script_get_preference("Service scan");
   if ("yes" >< p) argv[i++] = "-sV";
   p = script_get_preference("RPC port scan");

More information about the Openvas-commits mailing list