[Openvas-devel] [openvas-Bugs][951] Newlines in script_name() cause serious problems

Jan-Oliver Wagner jan-oliver.wagner at intevation.de
Thu Apr 9 21:29:33 CEST 2009


Hi,

this affects the 1.0.6 release of openvas-plugins for one script.
I removed the script quickly from the feed.

Does this problem justify a new release of openvas-plugins?

Alternatively we could recommed to use a improved server
so this problem can not happen anymore.

On Thursday 09 April 2009 21:21:25 openvas-bugs at wald.intevation.org wrote:
> Bugs item #951, was opened at 2009-04-09 21:21
> Status: Open
> Priority: 4
> Submitted By: Jan-Oliver Wagner (jan)
> Assigned to: Nobody (None)
> Summary: Newlines in script_name() cause serious problems
> Resolution: None
> Severity: major
> Version: v2.0
> Component: None
> Operating System: All
> Product: OpenVAS
> Hardware: None
> URL:
>
>
> Initial Comment:
> In case a script_name() has a string with a newline, eg:
>
> script_name(english:"Xplode 'module_wrapper.asp' SQL Injection and Cross
> Site Scripting Vulnerabilities ");
>
> then the client, when connecting will issue error like this:
>
> Could not parse 1.3.6.1.4.1.25623.1.0.100113 <|> Xplode
> 'module_wrapper.asp' SQL Injection and Cross Site Scripting Vulnerabilities
>
> Could not parse               <|> infos <|> This script is Copyright (C)
> 2009 Mi; Risk factor : Medium <|> Determine if Xplode is prone to XSS and
> SQL-injection vulnerabilities <|> Web application abuses <|> 1.0 <|> NOCVE
> <|> 34419 <|> NOXREF <|> NOSIGNKEYS <|> NOTAG
>
> add_md5sum_to_plugin: Unknown plugin 1.3.6.1.4.1.25623.1.0.100113
>
>
>
> Probably it is best to practice input sanitizing in script_name, so that
> newlines are turned into spaces or so.
>
> I am not sure though where the actual problem turns into effect.
> Maybe OTP protocol and later on the client.
> But there also seem to occur some problems on the
> server side.

-- 
Dr. Jan-Oliver Wagner | ++49-541-335 08 30  |  http://www.intevation.de/
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner


More information about the Openvas-devel mailing list