From kost at linux.hr Wed Mar 4 13:29:25 2009 From: kost at linux.hr (Vlatko Kosturjak) Date: Wed, 04 Mar 2009 13:29:25 +0100 Subject: [Openvas-devel] Pcap blocking issue In-Reply-To: References: Message-ID: <49AE7425.2000900@linux.hr> Fixed in r2660 on SVN. Issue #901: http://wald.intevation.org/tracker/index.php?func=detail&aid=901&group_id=29&atid=220 Thanks for helping! s a wrote: > If I am not mistaken nessus used to package pcap with it, and the pcap > was setup to always be non-blocking. Now openvaslibraries uses the pcap > that is already installed on the system and is blocking by default. So > if you call a function that uses pcap such as Tcp_Ping() on an IP adress > that is behind a firewall or down then pcap will block forever waiting > on the first port until the plugin just times out. I believe that the > uses of pcap in openvas were intended to be non-blocking. For example > Looking at bpf_share.c, go to the function bpf_next_tv. Here you see: > > do { > p = (u_char*)pcap_next(pcaps[bpf], &head); > *caplen = head.caplen; > if ( p != NULL ) break; > gettimeofday(&now, NULL); > } while ( !((now.tv_sec > timeout.tv_sec) || > (now.tv_sec == timeout.tv_sec && now.tv_usec >= > timeout.tv_usec ) )); > > The function has built in timeout checks so that if the port has not > responded in the given time it times out, so that tcp_ping for example > can then try the next port in the list. With pcap being blocking that > call to pcap_next blocks forever. The fix is simple and just requires > calling pcap_setnonblock on the pcap device. So, the question is does > openvas require pcap to be blocking or non blocking? Settting it as > non-blocking doesnt appear to break anything. Thoughts? > > ------------------------------------------------------------------------ > Windows Live?: Keep your life in sync. See how it works. > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Openvas-devel mailing list > Openvas-devel at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-devel From openvas-bugs at wald.intevation.org Wed Mar 4 11:43:55 2009 From: openvas-bugs at wald.intevation.org (openvas-bugs@wald.intevation.org) Date: Wed, 4 Mar 2009 11:43:55 +0100 (CET) Subject: [Openvas-devel] =?utf-8?q?=5Bopenvas-Bugs=5D=5B901=5D_pcap=5Ftime?= =?utf-8?q?out_variable_is_ignored=2C_scripts_with_pcap=5Ftimeout_w?= =?utf-8?q?ill_freeze/stall?= Message-ID: <20090304104355.BB8584074A@pyrosoma.intevation.org> Bugs item #901, was opened at 2009-03-04 11:43 Status: Open Priority: 3 Submitted By: Vlatko Kosturjak (kost) Assigned to: Nobody (None) Summary: pcap_timeout variable is ignored, scripts with pcap_timeout will freeze/stall Resolution: None Severity: None Version: None Component: openvas-libnasl Operating System: Linux Product: OpenVAS Hardware: None URL: Initial Comment: Although pcap_timeout is specified, it is ignored. e.g.: rep = send_packet(u, pcap_active:TRUE, pcap_filter:filter, pcap_timeout:1); This causes all NASL scripts which rely on pcap_timeout to freeze/stall until plugin timeout reached. Therefore not executing/checking properly. ---------------------------------------------------------------------- You can respond by visiting: http://wald.intevation.org/tracker/?func=detail&atid=220&aid=901&group_id=29 From michael.wiegand at intevation.de Thu Mar 5 12:49:33 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Thu, 5 Mar 2009 12:49:33 +0100 Subject: [Openvas-devel] Planning openvas-libraries 2.0.2 and 1.0.3 Message-ID: <20090305114933.GD14138@intevation.de> Hello, Yesterday kost committed an important change to openvas-libraries which in my opinion solves a lot of plugin hangs/freezes related to pcap blocking. IMHO this justifies a new release, so I'd like to plan a quick openvas-libraries 2.0.2 release. Since I would like for the release to come out as soon as possible (Friday or Monday), I'd appreciate it if everybody could test the latest SVN revision of openvas-libraries and let me know if this solves some issues for you or produces additional problems. Since kost has thankfully backported this change to the 1.0 branch as well, I'd like to take the opportunity to release openvas-libraries 1.0.3 as well which would include a number of additional backported bugfixes. Please let me know if you have any questions or suggestions. Regards, Michael -- Michael Wiegand | OpenPGP key: D7D049EC | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 206 bytes Desc: not available Url : http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20090305/c36d78ad/attachment.pgp From openvas-bugs at wald.intevation.org Mon Mar 9 22:28:10 2009 From: openvas-bugs at wald.intevation.org (openvas-bugs@wald.intevation.org) Date: Mon, 9 Mar 2009 22:28:10 +0100 (CET) Subject: [Openvas-devel] =?utf-8?q?=5Bopenvas-Bugs=5D=5B910=5D_openvas-lib?= =?utf-8?q?raries_fails_to_compile_on_Solaris_10?= Message-ID: <20090309212810.3E6B040762@pyrosoma.intevation.org> Bugs item #910, was opened at 2009-03-09 14:28 Status: Open Priority: 3 Submitted By: Michelle Schuknecht (mschuk) Assigned to: Nobody (None) Summary: openvas-libraries fails to compile on Solaris 10 Resolution: None Severity: None Version: v2.0.1 Component: openvas-libraries Operating System: Solaris Product: OpenVAS Hardware: None URL: Initial Comment: I receive the following errors when running make: cd libopenvas && make make[1]: Entering directory `/mpool/users/michelle/build/openvas-libraries-2.0.1/libopenvas' /bin/sh /mpool/users/michelle/build/openvas-libraries-2.0.1/libtool gcc -pipe -I../ -DHAVE_CONFIG_H -I. -I/mpool/users/michelle/build/openvas-libraries-2.0.1/include -I/mpool/sfw/openvas/include -I/mpool/sfw/include/glib-2.0 -I/mpool/sfw/lib/glib-2.0/include -DHAVE_CONFIG_H -I/mpool/sfw/include -g -Wall -c plugutils.c *** Warning: inferring the mode of operation is deprecated. *** Future versions of Libtool will require --mode=MODE be specified. mkdir .libs gcc -pipe -I../ -DHAVE_CONFIG_H -I. -I/mpool/users/michelle/build/openvas-libraries-2.0.1/include -I/mpool/sfw/openvas/include -I/mpool/sfw/include/glib-2.0 -I/mpool/sfw/lib/glib-2.0/include -DHAVE_CONFIG_H -I/mpool/sfw/include -g -Wall -c plugutils.c -fPIC -DPIC -o .libs/plugutils.o plugutils.c: In function `addslashes': plugutils.c:101: warning: implicit declaration of function `bzero' plugutils.c: In function `plug_get_fresh_key': plugutils.c:1446: warning: int format, pid_t arg (arg 3) plugutils.c:1453: warning: int format, pid_t arg (arg 3) plugutils.c: In function `plug_set_replace_key': plugutils.c:1526: warning: int format, pid_t arg (arg 3) plugutils.c: In function `shared_socket_acquire': plugutils.c:2045: warning: int format, pid_t arg (arg 3) gcc -pipe -I../ -DHAVE_CONFIG_H -I. -I/mpool/users/michelle/build/openvas-libraries-2.0.1/include -I/mpool/sfw/openvas/include -I/mpool/sfw/include/glib-2.0 -I/mpool/sfw/lib/glib-2.0/include -DHAVE_CONFIG_H -I/mpool/sfw/include -g -Wall -c plugutils.c -o plugutils.o >/dev/null 2>&1 /bin/sh /mpool/users/michelle/build/openvas-libraries-2.0.1/libtool gcc -pipe -I../ -DHAVE_CONFIG_H -I. -I/mpool/users/michelle/build/openvas-libraries-2.0.1/include -I/mpool/sfw/openvas/include -I/mpool/sfw/include/glib-2.0 -I/mpool/sfw/lib/glib-2.0/include -DHAVE_CONFIG_H -I/mpool/sfw/include -g -Wall -c system.c *** Warning: inferring the mode of operation is deprecated. *** Future versions of Libtool will require --mode=MODE be specified. gcc -pipe -I../ -DHAVE_CONFIG_H -I. -I/mpool/users/michelle/build/openvas-libraries-2.0.1/include -I/mpool/sfw/openvas/include -I/mpool/sfw/include/glib-2.0 -I/mpool/sfw/lib/glib-2.0/include -DHAVE_CONFIG_H -I/mpool/sfw/include -g -Wall -c system.c -fPIC -DPIC -o .libs/system.o system.c: In function `emalloc': system.c:58: warning: int format, pid_t arg (arg 3) system.c:83: warning: int format, pid_t arg (arg 3) gcc -pipe -I../ -DHAVE_CONFIG_H -I. -I/mpool/users/michelle/build/openvas-libraries-2.0.1/include -I/mpool/sfw/openvas/include -I/mpool/sfw/include/glib-2.0 -I/mpool/sfw/lib/glib-2.0/include -DHAVE_CONFIG_H -I/mpool/sfw/include -g -Wall -c system.c -o system.o >/dev/null 2>&1 /bin/sh /mpool/users/michelle/build/openvas-libraries-2.0.1/libtool gcc -pipe -I../ -DHAVE_CONFIG_H -I. -I/mpool/users/michelle/build/openvas-libraries-2.0.1/include -I/mpool/sfw/openvas/include -I/mpool/sfw/include/glib-2.0 -I/mpool/sfw/lib/glib-2.0/include -DHAVE_CONFIG_H -I/mpool/sfw/include -g -Wall -c network.c *** Warning: inferring the mode of operation is deprecated. *** Future versions of Libtool will require --mode=MODE be specified. gcc -pipe -I../ -DHAVE_CONFIG_H -I. -I/mpool/users/michelle/build/openvas-libraries-2.0.1/include -I/mpool/sfw/openvas/include -I/mpool/sfw/include/glib-2.0 -I/mpool/sfw/lib/glib-2.0/include -DHAVE_CONFIG_H -I/mpool/sfw/include -g -Wall -c network.c -fPIC -DPIC -o .libs/network.o network.c: In function `nessus_perror': network.c:144: warning: int format, pid_t arg (arg 3) network.c: In function `get_connection_fd': network.c:178: warning: implicit declaration of function `bzero' network.c:184: warning: int format, pid_t arg (arg 3) network.c: In function `nessus_register_connection': network.c:270: warning: int format, pid_t arg (arg 3) network.c: In function `tlserror': network.c:343: warning: int format, pid_t arg (arg 3) network.c: In function `nessus_get_socket_from_connection': network.c:384: warning: int format, pid_t arg (arg 3) network.c: In function `verify_peer_certificate': network.c:577: warning: int format, pid_t arg (arg 3) network.c: In function `load_cert_and_key': network.c:643: warning: int format, pid_t arg (arg 3) network.c:672: warning: int format, pid_t arg (arg 3) network.c: In function `nsend': network.c:1766: warning: int format, pid_t arg (arg 3) gcc -pipe -I../ -DHAVE_CONFIG_H -I. -I/mpool/users/michelle/build/openvas-libraries-2.0.1/include -I/mpool/sfw/openvas/include -I/mpool/sfw/include/glib-2.0 -I/mpool/sfw/lib/glib-2.0/include -DHAVE_CONFIG_H -I/mpool/sfw/include -g -Wall -c network.c -o network.o >/dev/null 2>&1 /bin/sh /mpool/users/michelle/build/openvas-libraries-2.0.1/libtool gcc -pipe -I../ -DHAVE_CONFIG_H -I. -I/mpool/users/michelle/build/openvas-libraries-2.0.1/include -I/mpool/sfw/openvas/include -I/mpool/sfw/include/glib-2.0 -I/mpool/sfw/lib/glib-2.0/include -DHAVE_CONFIG_H -I/mpool/sfw/include -g -Wall -c resolve.c *** Warning: inferring the mode of operation is deprecated. *** Future versions of Libtool will require --mode=MODE be specified. gcc -pipe -I../ -DHAVE_CONFIG_H -I. -I/mpool/users/michelle/build/openvas-libraries-2.0.1/include -I/mpool/sfw/openvas/include -I/mpool/sfw/include/glib-2.0 -I/mpool/sfw/lib/glib-2.0/include -DHAVE_CONFIG_H -I/mpool/sfw/include -g -Wall -c resolve.c -fPIC -DPIC -o .libs/resolve.o gcc -pipe -I../ -DHAVE_CONFIG_H -I. -I/mpool/users/michelle/build/openvas-libraries-2.0.1/include -I/mpool/sfw/openvas/include -I/mpool/sfw/include/glib-2.0 -I/mpool/sfw/lib/glib-2.0/include -DHAVE_CONFIG_H -I/mpool/sfw/include -g -Wall -c resolve.c -o resolve.o >/dev/null 2>&1 /bin/sh /mpool/users/michelle/build/openvas-libraries-2.0.1/libtool gcc -pipe -I../ -DHAVE_CONFIG_H -I. -I/mpool/users/michelle/build/openvas-libraries-2.0.1/include -I/mpool/sfw/openvas/include -I/mpool/sfw/include/glib-2.0 -I/mpool/sfw/lib/glib-2.0/include -DHAVE_CONFIG_H -I/mpool/sfw/include -g -Wall -c arglists.c *** Warning: inferring the mode of operation is deprecated. *** Future versions of Libtool will require --mode=MODE be specified. gcc -pipe -I../ -DHAVE_CONFIG_H -I. -I/mpool/users/michelle/build/openvas-libraries-2.0.1/include -I/mpool/sfw/openvas/include -I/mpool/sfw/include/glib-2.0 -I/mpool/sfw/lib/glib-2.0/include -DHAVE_CONFIG_H -I/mpool/sfw/include -g -Wall -c arglists.c -fPIC -DPIC -o .libs/arglists.o arglists.c: In function `cache_init': arglists.c:77: warning: implicit declaration of function `bzero' gcc -pipe -I../ -DHAVE_CONFIG_H -I. -I/mpool/users/michelle/build/openvas-libraries-2.0.1/include -I/mpool/sfw/openvas/include -I/mpool/sfw/include/glib-2.0 -I/mpool/sfw/lib/glib-2.0/include -DHAVE_CONFIG_H -I/mpool/sfw/include -g -Wall -c arglists.c -o arglists.o >/dev/null 2>&1 /bin/sh /mpool/users/michelle/build/openvas-libraries-2.0.1/libtool gcc -pipe -I../ -DHAVE_CONFIG_H -I. -I/mpool/users/michelle/build/openvas-libraries-2.0.1/include -I/mpool/sfw/openvas/include -I/mpool/sfw/include/glib-2.0 -I/mpool/sfw/lib/glib-2.0/include -DHAVE_CONFIG_H -I/mpool/sfw/include -g -Wall -c ftp_funcs.c *** Warning: inferring the mode of operation is deprecated. *** Future versions of Libtool will require --mode=MODE be specified. gcc -pipe -I../ -DHAVE_CONFIG_H -I. -I/mpool/users/michelle/build/openvas-libraries-2.0.1/include -I/mpool/sfw/openvas/include -I/mpool/sfw/include/glib-2.0 -I/mpool/sfw/lib/glib-2.0/include -DHAVE_CONFIG_H -I/mpool/sfw/include -g -Wall -c ftp_funcs.c -fPIC -DPIC -o .libs/ftp_funcs.o ftp_funcs.c: In function `ftp_get_pasv_address': ftp_funcs.c:130: warning: implicit declaration of function `bzero' ftp_funcs.c:173: error: `AF_INET' undeclared (first use in this function) ftp_funcs.c:173: error: (Each undeclared identifier is reported only once ftp_funcs.c:173: error: for each function it appears in.) make[1]: *** [ftp_funcs.o] Error 1 make[1]: Leaving directory `/mpool/users/michelle/build/openvas-libraries-2.0.1/libopenvas' make: *** [all] Error 2 ---------------------------------------------------------------------- You can respond by visiting: http://wald.intevation.org/tracker/?func=detail&atid=220&aid=910&group_id=29 From kost at linux.hr Wed Mar 11 10:51:43 2009 From: kost at linux.hr (Vlatko Kosturjak) Date: Wed, 11 Mar 2009 10:51:43 +0100 Subject: [Openvas-devel] OpenVAS at Google SoC Message-ID: <49B789AF.8090706@linux.hr> I think OpenVAS as a project should fill application for funding some of the development: http://socghop.appspot.com/ I'm willing to mentor some of the projects for OpenVAS. Deadline for project application is 18th of March. Some of the ideas: - nmap(nse) implementation (think this would be faster this way) - report generation (you can generate report by hosts or by level of risk, etc..) Maybe we can get attention of german universities (and croatian) to get into it. Kost From openvas-bugs at wald.intevation.org Fri Mar 13 12:57:39 2009 From: openvas-bugs at wald.intevation.org (openvas-bugs@wald.intevation.org) Date: Fri, 13 Mar 2009 12:57:39 +0100 (CET) Subject: [Openvas-devel] =?utf-8?q?=5Bopenvas-Bugs=5D=5B911=5D_=5BMandriva?= =?utf-8?q?_2009=5D_linking_fails?= Message-ID: <20090313115739.2A21040798@pyrosoma.intevation.org> Bugs item #911, was opened at 2009-03-13 11:57 Status: Open Priority: 3 Submitted By: Stephan Kleine (bitshuffler) Assigned to: Nobody (None) Summary: [Mandriva 2009] linking fails Resolution: None Severity: None Version: v2.0.1 Component: openvas-libnasl Operating System: Linux Product: OpenVAS Hardware: None URL: Initial Comment: On Mandriva 2009 linking fails cause of undefined gcrv_* references. /bin/sh /usr/src/rpm/BUILD/openvas-libnasl-2.0.1/libtool --silent --mode=link i586-mandriva-linux-gnu-gcc -pipe -O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -fomit-frame-pointer -march=i586 -mtune=generic -fasynchronous-unwind-tables -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -I. -I/usr/src/rpm/BUILD/openvas-libnasl-2.0.1/include -DHAVE_CONFIG_H -Wl,--as-needed -Wl,--no-undefined -lgpgme -lgpg-error -lrpcsvc `/usr/bin/libopenvas-config --libs` `/usr/bin/gpgme-config --libs` -lglib-2.0 -o libopenvasnasl.la nasl_packet_forgery.lo nasl_socket.lo nasl_crypto.lo nasl_crypto2.lo nasl_http.lo nasl_host.lo nasl_text_utils.lo nasl_nessusd_glue.lo nasl_misc_funcs.lo nasl_cmd_exec.lo capture_packet.lo nasl_grammar.tab.lo nasl_tree.lo nasl_var.lo exec.lo lint.lo nasl_lex_ctxt.lo nasl_func.lo nasl_init.lo strutils.lo regex.lo lsearch.lo preparse.lo nasl_signature.lo nasl_debug.lo -rpath /usr/lib \ -version-info 2:1:0 .libs/nasl_crypto.o: In function `nasl_gcrypt_hash': /usr/src/rpm/BUILD/openvas-libnasl-2.0.1/nasl/nasl_crypto.c:48: undefined reference to `gcry_md_get_algo_dlen' /usr/src/rpm/BUILD/openvas-libnasl-2.0.1/nasl/nasl_crypto.c:53: undefined reference to `gcry_md_open' /usr/src/rpm/BUILD/openvas-libnasl-2.0.1/nasl/nasl_crypto.c:63: undefined reference to `gcry_md_setkey' /usr/src/rpm/BUILD/openvas-libnasl-2.0.1/nasl/nasl_crypto.c:73: undefined reference to `gcry_md_write' /usr/src/rpm/BUILD/openvas-libnasl-2.0.1/nasl/nasl_crypto.c:77: undefined reference to `gcry_md_read' /usr/src/rpm/BUILD/openvas-libnasl-2.0.1/nasl/nasl_crypto.c:80: undefined reference to `gcry_md_close' /usr/src/rpm/BUILD/openvas-libnasl-2.0.1/nasl/nasl_crypto.c:56: undefined reference to `gcry_strerror' And so on ... See the attached build log for details. ---------------------------------------------------------------------- You can respond by visiting: http://wald.intevation.org/tracker/?func=detail&atid=220&aid=911&group_id=29 From lists at securityspace.com Sun Mar 15 22:50:33 2009 From: lists at securityspace.com (Thomas Reinke) Date: Sun, 15 Mar 2009 17:50:33 -0400 Subject: [Openvas-devel] Version # checking In-Reply-To: <20090315211610.921744079B@pyrosoma.intevation.org> References: <20090315211610.921744079B@pyrosoma.intevation.org> Message-ID: <49BD7829.5050005@securityspace.com> > + dotnetversion['1.0.one'] = ( dotnetlist[0] == '1' && dotnetlist[1] == '0' && int(dotnetlist[2]) < 3705 ); > + dotnetversion['1.0.two'] = ( l > 3 && dotnetlist[0] == '1' && dotnetlist[1] == '0' && int(dotnetlist[2]) == 3705 && > + int(dotnetlist[3]) < 6021 && int(dotnetlist[3]) > 1000 ); > + dotnetversion['1.0.three'] = ( l > 3 && dotnetlist[0] == 1 && dotnetlist[1] == 0 && dotnetlist[2] == 3705 && dotnetlist[3] < 556 ); > + > + # Microsoft .Net Framework version 1.1 > + dotnetversion['1.1.one'] = ( dotnetlist[0] == '1' && dotnetlist[1] == '1' && int(dotnetlist[2]) < 4322 ); > + dotnetversion['1.1.two'] = ( l > 3 && dotnetlist[0] == '1' && dotnetlist[1] == '1' && int(dotnetlist[2]) == 4322 && > + int(dotnetlist[3]) < 2037 && int(dotnetlist[3]) > 2000 ); > + dotnetversion['1.1.three'] = ( l > 3 && dotnetlist[0] == '1' && dotnetlist[1] == '1' && int(dotnetlist[2]) == 4322 && > + int(dotnetlist[3]) < 1085 ); Just an FYI to all involved, there is a utility routine called "revcomp" available in the include file "revisions-lib.inc" available to all nasl scripts that will make short, easy, work of most version number checking. revcomp(a, b) works similar to strcmp, except that every numeric within the string is sorted by numeric order instead of alphanumeric order. Return values are -1, 0, +1 based on ac, respectively. When checking version number strings, it almost always does the "right" thing. Example usage: 1) Apache version 1.3.11 is vulnerable to a security issue, Apache version 1.3.12 is not vulnerable. if(revcomp(a:installedversion, b:"1.3.12")==-1) { security_note.... } 2) Software version "1.8" and version 1.9" are vulnerable, while versions prior to 1.8 and later than 1.9 are secure. if(revcomp(a, "1.8")>=0 && revcomp(a, "1.9")<=0) { security_note.... } Both of these examples highlight how numeric comparisons of dotted values are important. MANY bugs have been found as a result of the use of regular expressions that treat version 1.3.9 as being greater than 1.3.11 (because 9 was compared to 1). In addition, the routine handles alpha strings correctly: 1.2-etch-9 will succesfully be compared as less than 1.2-etch-10. There are other routines available that do comparable things, but in short, complicated regexs and other mechanisms to handle version number comparisons should, IMHO, can at this point be avoided. They are the source of many problems, are much more difficult to read and code up than the use of available helper functions. Cheers, Thomas From christian.edjenguele at owasp.org Sun Mar 15 23:11:18 2009 From: christian.edjenguele at owasp.org (Christian Eric Edjenguele) Date: Sun, 15 Mar 2009 23:11:18 +0100 Subject: [Openvas-devel] [Openvas-commits] Version # checking In-Reply-To: <49BD7829.5050005@securityspace.com> References: <20090315211610.921744079B@pyrosoma.intevation.org> <49BD7829.5050005@securityspace.com> Message-ID: <49BD7D06.8040905@owasp.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thomas Reinke wrote: >> + dotnetversion['1.0.one'] = ( dotnetlist[0] == '1' && dotnetlist[1] == '0' && int(dotnetlist[2]) < 3705 ); >> + dotnetversion['1.0.two'] = ( l > 3 && dotnetlist[0] == '1' && dotnetlist[1] == '0' && int(dotnetlist[2]) == 3705 && >> + int(dotnetlist[3]) < 6021 && int(dotnetlist[3]) > 1000 ); >> + dotnetversion['1.0.three'] = ( l > 3 && dotnetlist[0] == 1 && dotnetlist[1] == 0 && dotnetlist[2] == 3705 && dotnetlist[3] < 556 ); >> + >> + # Microsoft .Net Framework version 1.1 >> + dotnetversion['1.1.one'] = ( dotnetlist[0] == '1' && dotnetlist[1] == '1' && int(dotnetlist[2]) < 4322 ); >> + dotnetversion['1.1.two'] = ( l > 3 && dotnetlist[0] == '1' && dotnetlist[1] == '1' && int(dotnetlist[2]) == 4322 && >> + int(dotnetlist[3]) < 2037 && int(dotnetlist[3]) > 2000 ); >> + dotnetversion['1.1.three'] = ( l > 3 && dotnetlist[0] == '1' && dotnetlist[1] == '1' && int(dotnetlist[2]) == 4322 && >> + int(dotnetlist[3]) < 1085 ); > > > Just an FYI to all involved, there is a utility routine called > "revcomp" available in the include file "revisions-lib.inc" > available to all nasl scripts that will make short, easy, work > of most version number checking. > > revcomp(a, b) works similar to strcmp, except that every > numeric within the string is sorted by numeric order instead > of alphanumeric order. Return values are -1, 0, +1 based > on ac, respectively. > > When checking version number strings, it almost always does > the "right" thing. > > Example usage: > 1) Apache version 1.3.11 is vulnerable to a security issue, > Apache version 1.3.12 is not vulnerable. > > if(revcomp(a:installedversion, b:"1.3.12")==-1) { > security_note.... > } > > 2) Software version "1.8" and version 1.9" are vulnerable, > while versions prior to 1.8 and later than 1.9 are secure. > > if(revcomp(a, "1.8")>=0 && revcomp(a, "1.9")<=0) { > security_note.... > } > > Both of these examples highlight how numeric comparisons of > dotted values are important. MANY bugs have been found as a result > of the use of regular expressions that treat version 1.3.9 as being > greater than 1.3.11 (because 9 was compared to 1). > > In addition, the routine handles alpha strings correctly: > > 1.2-etch-9 will succesfully be compared as less than > 1.2-etch-10. > > There are other routines available that do comparable things, > but in short, complicated regexs and other mechanisms to handle > version number comparisons should, IMHO, can at this point be > avoided. They are the source of many problems, are much more > difficult to read and code up than the use of available helper > functions. > > Cheers, Thomas > _______________________________________________ > Openvas-commits mailing list > Openvas-commits at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-commits Hello Thomas, This is great, I'm going to refactor the code now. - -- Christian Eric Edjenguele IT Security Software Engineer / IT Enterprise Software Architect Mobile (IT): +39 3408580513 PGP KeyID: 0xB1654498 Key Server: http://pgp.mit.edu - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.9 (GNU/Linux) mQENBEmka7IBCAC5e8/9BlCZR/3XHMO4DWHYoewaODmQypHqPaCfKR+BLTAy8xLZ eVJ0wwNwaLheZeLPfBqu3r/lp58xJhgYHm9gzihfqPbmJh4Dibc/d2XL9UQ1eshs K0JkTlvZtdK5Zo5VmeOZCWlKEMXzlg6HjuYUV4qokqD3qIj6/rhubjtrjlw/XA8P 6pGOFhsDZFXbn+lj80XhRdkObMnmWU6wdgJvEPx1vxvhV9D1sJgZz6FVoXAfTOb3 EjYpluEKdDod46hhF45UJ4Avc8q4DaXxmci5Kdx9rzF2tbvB3Ua6O7l5RaMGNZR2 QtVY65xVxRfAYF+yE3n+YkFQxWGlqVIajry/ABEBAAG0WkNocmlzdGlhbiBFcmlj IEVESkVOR1VFTEUgKElUIFNlY3VyaXR5IFNvZnR3YXJlIEVuZ2luZWVyKSA8Y2hy aXN0aWFuLmVkamVuZ3VlbGVAb3dhc3Aub3JnPokBNgQTAQIAIAUCSaRrsgIbAwYL CQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJENETScWxZUSYS9QH+gOpYUPkon/D/eNm RLCbTaqJhSV6jRH9t+pomm6FiYgphCxDW96OpzA9BieiFEPHhVXAFcHkEBMlk/u0 wILqDNfBoZk3oCq0+/+Zc7z0zRZfgMHwB4czpqhUCrINEjLO0rb2Jff6Hh0C5S9w 8l+x9IiOG9hHNO8ftVr1sNHGDTAWNNZ+pcCt5ROhqiiqnZsvowO1TcDMKEGD9NTW BN+jLFGZRY9/MQsUkWoXBQ8K5S9AP1EPPbSTX68VTj0vINLTk2/XfsJlV9Vd9b7G NkhbAdrvujbqLHDSE3ALpx8sWKg2vPCUAxJJY6S6danpw/XPGKkpcSNfqn4k8sCV e+9MJSu5Ag0ESaRthQEQALEj8eO2WCRqhOHakHhpvGQ4tFEIDS6Z3mnBaNaMc9VM i89LNYvJOgOSnWvIu8EF6Ah+PnhOayb9E3wvH+0nfOwzp6XhDor7h8WLQNL+qzk3 cPxkxdfNDaQdyJclstUqa0nIaPOJgbIRs12N6bCxhAeOKffIkrIdDqjxshTI3S3z fq7choduX8tNHoFzIIl6T+4Q0QXMT8xu5MeBHr+vxlgqNUTWOQn6Q/B6QnrVzWDA gEq4Id45vN4j18iXGqMy8/xWQg3kRHaU563zx8u+7cjV81feMDbQiC6p6nqQHsD4 U07JIVDqjbJESLdeqju6HsNzYKohi/gxhsgouPXdFTrfgkWCklAGwqT7QE0ZnL/t SVC0xpmCLneXAxWGGo27zJKVJ1/iMUgi/i4R+u2K4eQbsBXXYwh0gSxwYReTyr+C 51ugKkvYjTy+U2Fedq3lXEVtnRV02zpO/LlpJR446jRAapVH+ZF9tGMoIHg5hATZ KEzGw9x19/wQSRumTvV0HAQ0lqWW9/0n2VuwI/Sh7YHQ2j/DhyF0blFrooGyIxd2 x5+Xu1PWlYwlUbu7ZsOw1V9cqL5yv5m+w4mL+h8ytHJHHL2Cg8/3qp/QxLT7CnfX fOHAjNxGkS/QfoxEhuSwigPi/Yd51wHcaOLyUdGceOZ79ciQtPgvCFdyrDrfDhSr ABEBAAGJAR8EGAECAAkFAkmkbYUCGwwACgkQ0RNJxbFlRJhbLAgAsCBA7KmGkTmQ mjPNA7Iig8tA5S9fYavbKydNQNxPpL47GLf9V3la4P2/LPLa3rH31Bt+ScfSqAKC 5/geB5BKwmQqRomsQpjhmrpBenPjYrUYG2dEB/BOMvOyvr3dTpWtAg5CwYYnHTNy yJn7dc7whiE94ZxqFdt58K0H5/H449/VHuCJue+uzy0ldrTK8VVpK6uGgrJc5kre 2bpdGVbALpC+yeNMyXCqgGigg9gu1iHXSSGgbQfW+AhsFpiN37fPq8zDNU2C8sp3 4Y45EYRmRCZ+0a9WSRnYALRZFdvjysKfRjP3o4Ax/d4cSi6v2pT93yfoA2TQMkLF E1MQObpE5A== =7VGF - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEcBAEBAgAGBQJJvX0AAAoJENETScWxZUSYjQoH/2uH5nxr4L2P/hMIfm2Zw6gb P1t+soAuDjqMqyuXXZKI0h9DuggQqeDMyLFSlTT/NcDdhB9gjmagSDKpZfxkp6ke bfie2CUgTNIahhHzKjPiKVK+M7JZ3yBQM4C3q5jsZtnlNACasQogifzIlpH0Ztic DpEr6WJhkQfunAu2t7uBXYwkwlkGsiVbW0pLT5T4/SSI/1xjjJ+of5duNcLlCB7B H/6JbIPo42Kh1eeUojvt8WondlO1WMJlxMHuFtOgk/R+Pt+Br+nVYouaYKKcK7Rp 0IJN+X2nIXzxDBBQA8nfxGCCdM+pbav079LigeMrqF2hrIEhQMhqpi0VLJ5Kw0o= =F3jI -----END PGP SIGNATURE----- From jan-oliver.wagner at intevation.de Mon Mar 16 11:27:06 2009 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Mon, 16 Mar 2009 11:27:06 +0100 Subject: [Openvas-devel] OpenVAS at Google SoC In-Reply-To: <49B789AF.8090706@linux.hr> References: <49B789AF.8090706@linux.hr> Message-ID: <200903161127.08919.jan-oliver.wagner@intevation.de> On Mittwoch, 11. M?rz 2009, Vlatko Kosturjak wrote: > I think OpenVAS as a project should fill application for funding some of > the development: > http://socghop.appspot.com/ > > I'm willing to mentor some of the projects for OpenVAS. Deadline for > project application is 18th of March. > > Some of the ideas: > - nmap(nse) implementation (think this would be faster this way) > - report generation (you can generate report by hosts or by level of > risk, etc..) > > Maybe we can get attention of german universities (and croatian) to get > into it. a very good idea. Croatia seems to be reasonable as they just started involving into this.. :-) I'll see if you I can find a german university to involve here, but it is probably too short of notice. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335083-0 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From scott at atomicrocketturtle.com Mon Mar 16 15:46:36 2009 From: scott at atomicrocketturtle.com (Scott R. Shinn) Date: Mon, 16 Mar 2009 10:46:36 -0400 Subject: [Openvas-devel] Openvas-desktop patch Message-ID: <1237214796.395.4.camel@winona> This is a minor change to the .desktop file to add the client entry to Fedora, CentOS and RHEL. "Utility" and "Security" menus dont exist, so i added it to Network, which is the same location Nessus and other scanners use. -Scott --- nessus/OpenVAS-Client.desktop 2008-11-15 12:29:59.000000000 -0500 +++ nessus/OpenVAS-Client.desktop.new 2009-03-16 10:17:34.000000000 -0400 @@ -1,6 +1,6 @@ [Desktop Entry] Type=Application -Categories=Utility;Security; +Categories=Utility;Security;Network Icon=OpenVAS-Client.xpm Exec=OpenVAS-Client Terminal=false From michael.wiegand at intevation.de Mon Mar 16 16:17:08 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Mon, 16 Mar 2009 16:17:08 +0100 Subject: [Openvas-devel] Openvas-desktop patch In-Reply-To: <1237214796.395.4.camel@winona> References: <1237214796.395.4.camel@winona> Message-ID: <20090316151708.GA29982@intevation.de> * Scott Shinn [16. Mar 2009]: > This is a minor change to the .desktop file to add the client entry to > Fedora, CentOS and RHEL. "Utility" and "Security" menus dont exist, so i > added it to Network, which is the same location Nessus and other > scanners use. Thank you for spotting this, I have added your patch to the SVN repository with revision 2804. Regards, Michael -- Michael Wiegand | OpenPGP key: D7D049EC | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 206 bytes Desc: not available Url : http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20090316/30302fa4/attachment.pgp From kost at linux.hr Mon Mar 16 16:34:43 2009 From: kost at linux.hr (Vlatko Kosturjak) Date: Mon, 16 Mar 2009 16:34:43 +0100 Subject: [Openvas-devel] OpenVAS at Google SoC In-Reply-To: <200903161127.08919.jan-oliver.wagner@intevation.de> References: <49B789AF.8090706@linux.hr> <200903161127.08919.jan-oliver.wagner@intevation.de> Message-ID: <49BE7193.8000204@linux.hr> Jan-Oliver Wagner wrote: > On Mittwoch, 11. M?rz 2009, Vlatko Kosturjak wrote: >> I think OpenVAS as a project should fill application for funding some of >> the development: >> http://socghop.appspot.com/ > a very good idea. Croatia seems to be reasonable as they just started involving > into this.. :-) Actually, we're too late for this year (dead line was 13th of March, 18th of March will be results for projects): http://socghop.appspot.com/document/show/program/google/gsoc2009/timeline If nobody did not fill up the application, we will miss SoC this year. Kost From timb at nth-dimension.org.uk Mon Mar 16 19:12:29 2009 From: timb at nth-dimension.org.uk (Tim Brown) Date: Mon, 16 Mar 2009 18:12:29 +0000 Subject: [Openvas-devel] OpenVAS at Google SoC In-Reply-To: <49BE7193.8000204@linux.hr> References: <49B789AF.8090706@linux.hr> <200903161127.08919.jan-oliver.wagner@intevation.de> <49BE7193.8000204@linux.hr> Message-ID: <200903161812.30954.timb@nth-dimension.org.uk> On Monday 16 March 2009 15:34:43 Vlatko Kosturjak wrote: > Jan-Oliver Wagner wrote: > > On Mittwoch, 11. M?rz 2009, Vlatko Kosturjak wrote: > >> I think OpenVAS as a project should fill application for funding some of > >> the development: > >> http://socghop.appspot.com/ > > > > a very good idea. Croatia seems to be reasonable as they just started > > involving > > > into this.. :-) > > Actually, we're too late for this year (dead line was 13th of March, > 18th of March will be results for projects): > http://socghop.appspot.com/document/show/program/google/gsoc2009/timeline > > If nobody did not fill up the application, we will miss SoC this year. We've applied in the past. My experience was that noone at Google was very much interested in OpenVAS then. Some of the work being done on nmap in this area was as a result of a previous SOC. Perhaps as the project reaches some maturity they might be more open, but after my previous efforts I didn't bother submitting this time. Cheers, Tim -- Tim Brown From jan-oliver.wagner at intevation.de Mon Mar 16 22:36:07 2009 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Mon, 16 Mar 2009 22:36:07 +0100 Subject: [Openvas-devel] OpenVAS-Client: Use GRegex instead of internal/system regexp Message-ID: <200903162236.09925.jan-oliver.wagner@intevation.de> Hi, I just stumbled across the regexp stuff in OpenVAS-Client. Since regexp seem to be suppored by GLib, it might make sense to get rid of the source code copies of regexp and of the configure.in headache about regexp. http://library.gnome.org/devel/glib/stable/glib-Perl-compatible-regular-expressions.html Anyone to take a close look whether this makes sense? Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335083-0 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From felix.wolfsteller at intevation.de Tue Mar 17 08:54:16 2009 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Tue, 17 Mar 2009 08:54:16 +0100 Subject: [Openvas-devel] OpenVAS-Client: Use GRegex instead of internal/system regexp In-Reply-To: <200903162236.09925.jan-oliver.wagner@intevation.de> References: <200903162236.09925.jan-oliver.wagner@intevation.de> Message-ID: <200903170854.16551.felix.wolfsteller@intevation.de> On Monday 16 March 2009 22:36:07 Jan-Oliver Wagner wrote: > I just stumbled across the regexp stuff in OpenVAS-Client. > Since regexp seem to be suppored by GLib, it might make > sense to get rid of the source code copies of regexp and of > the configure.in headache about regexp. > > http://library.gnome.org/devel/glib/stable/glib-Perl-compatible-regular-exp >ressions.html > > Anyone to take a close look whether this makes sense? Currently OpenVAS requires a GLib version that supports only support very basic glob-like pattern matches (http://library.gnome.org/devel/glib/2.18/glib-Glob-style-pattern-matching.html). All the sweet stuff came in 2.14. Other than that it makes absolutely sense, not only for the client but for the server as well. -- felix -- Felix Wolfsteller | ++49-541-335 08 3451 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From shawnduffy at gmail.com Tue Mar 17 14:50:07 2009 From: shawnduffy at gmail.com (Shawn Duffy) Date: Tue, 17 Mar 2009 09:50:07 -0400 Subject: [Openvas-devel] OTP Feature Request / Problem Message-ID: <49BFAA8F.7000201@gmail.com> I noticed that the client PLUGIN_INFO command only gets a response if the server has matched the supplied OID with a plugin that's currently loaded. If there is no match, it doesn't respond at all. Are there any plans to change the protocol so that the server will at least respond with some sort of string? Otherwise, lack of a response seems somewhat ambiguous if your writing a client or protocol handler, right? Just a thought as I've been learning to implement the protocol in PHP. I've managed to implement the PLUGIN_INFO command but the lack of response just doesn't feel right. Thanks for all the work on the project! Shawn From christian.edjenguele at owasp.org Tue Mar 17 19:58:21 2009 From: christian.edjenguele at owasp.org (Christian Eric Edjenguele) Date: Tue, 17 Mar 2009 19:58:21 +0100 Subject: [Openvas-devel] [Openvas-commits] r2819 - in trunk/openvas-plugins: . scripts In-Reply-To: <20090317182015.812CC40790@pyrosoma.intevation.org> References: <20090317182015.812CC40790@pyrosoma.intevation.org> Message-ID: <49BFF2CD.4070601@owasp.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 scm-commit at wald.intevation.org wrote: > Author: kost > Date: 2009-03-17 19:20:11 +0100 (Tue, 17 Mar 2009) > New Revision: 2819 > > Modified: > trunk/openvas-plugins/ChangeLog > trunk/openvas-plugins/scripts/remote-MS04-011.nasl > trunk/openvas-plugins/scripts/remote-detect-MDNS.nasl > Log: > fix of "undefined function 'script_require_port'" in scripts/remote-detect-MDNS.nasl > fix of "...has a too long description ..." in scripts/remote-MS04-011.nasl > > YES, scripts, should be TESTED before allowing to go to feed. > > > > Modified: trunk/openvas-plugins/ChangeLog > =================================================================== > --- trunk/openvas-plugins/ChangeLog 2009-03-17 17:51:21 UTC (rev 2818) > +++ trunk/openvas-plugins/ChangeLog 2009-03-17 18:20:11 UTC (rev 2819) > @@ -1,3 +1,12 @@ > +2009-03-17 Vlatko Kosturjak > + * scripts/remote-detect-MDNS.nasl: fix of "undefined function > + 'script_require_port'" > + > + * scripts/remote-MS04-011.nasl: fix of "...has a too long description > + ..." I've tested the script using the interpreter, not the gui client, chrix at darkstar:~/Workspaces/OpenVAS/trunk/openvas-plugins/scripts$ openvas-nasl -D -X remote-MS04-011.nasl ** WARNING : packet forgery will not work ** as NASL is not running as root - -D to parse description and -X to parse for syntax error, and I got no error, this appen when server load the plugin, this is limitation from server side. > + YES, scripts, should be TESTED before allowing to go to feed. > + > 2009-03-17 Michael Meyer > * scripts/mldonkey_www.nasl: > Store more information in KB. > > Modified: trunk/openvas-plugins/scripts/remote-MS04-011.nasl > =================================================================== > --- trunk/openvas-plugins/scripts/remote-MS04-011.nasl 2009-03-17 17:51:21 UTC (rev 2818) > +++ trunk/openvas-plugins/scripts/remote-MS04-011.nasl 2009-03-17 18:20:11 UTC (rev 2819) > @@ -92,8 +92,6 @@ > # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. > # > > - > - > if(description) > { > script_id(101011); > @@ -103,6 +101,7 @@ > script_name(english:name["english"]); > > desc["english"] = " > +Synopsis : > Windows operating system are affected to multiple remote code execution and privileges escalation vulnerabilities. > An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, > including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges. > @@ -122,49 +121,9 @@ > SSL Denial Of Service Vulnerability - CAN-2004-0120 > ASN.1 Double Free Vulnerability - CAN-2004-0123 > > - > - > - > - > Solution : > -Microsoft has released a patch to fix these issues, > -download locations for these patches: > +Microsoft has released a patch to fix these issues. > > -Microsoft Windows NT? Workstation 4.0 Service Pack 6a > -http://www.microsoft.com/downloads/details.aspx?FamilyId=7F1713FC-F95C-43E5-B825-3CF72C1A0A3E&displaylang=en > - > -Microsoft Windows NT Server 4.0 Service Pack 6a > -http://www.microsoft.com/downloads/details.aspx?FamilyId=67A6F461-D2FC-4AA0-957E-3B8DC44F9D79&displaylang=en > - > -Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 > -http://www.microsoft.com/downloads/details.aspx?FamilyId=62CBA527-A827-4777-8641-28092D3AAE4F&displaylang=en > - > -Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, and Microsoft Windows 2000 Service Pack 4 > -http://www.microsoft.com/downloads/details.aspx?FamilyId=0692C27E-F63A-414C-B3EB-D2342FBB6C00&displaylang=en > - > -Microsoft Windows XP and Microsoft Windows XP Service Pack 1 > -http://www.microsoft.com/downloads/details.aspx?FamilyId=3549EA9E-DA3F-43B9-A4F1-AF243B6168F3&displaylang=en > - > -Microsoft Windows XP 64-Bit Edition Service Pack 1 > -http://www.microsoft.com/downloads/details.aspx?FamilyId=C6B55EF2-D9FE-4DBE-AB7D-73A20C82FF73&displaylang=en > - > -Microsoft Windows XP 64-Bit Edition Version 2003 > -http://www.microsoft.com/downloads/details.aspx?FamilyId=C207D372-E883-44A6-A107-6CD2D29FC6F5&displaylang=en > - > -Microsoft Windows Server 2003 > -http://www.microsoft.com/downloads/details.aspx?FamilyId=EAB176D0-01CF-453E-AE7E-7495864E8D8C&displaylang=en > - > -Microsoft Windows Server 2003 64-Bit Edition > -http://www.microsoft.com/downloads/details.aspx?FamilyId=C207D372-E883-44A6-A107-6CD2D29FC6F5&displaylang=en > - > -Microsoft NetMeeting > -http://go.microsoft.com/fwlink/?LinkId=21130 > - > -Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (ME) > -- Review the FAQ section of this bulletin for details about these operating systems. > -- http://www.microsoft.com/technet/security/bulletin/ms04-011.mspx > - > - > Risk factor : Critical"; > > script_description(english:desc["english"]); > > Modified: trunk/openvas-plugins/scripts/remote-detect-MDNS.nasl > =================================================================== > --- trunk/openvas-plugins/scripts/remote-detect-MDNS.nasl 2009-03-17 17:51:21 UTC (rev 2818) > +++ trunk/openvas-plugins/scripts/remote-detect-MDNS.nasl 2009-03-17 18:20:11 UTC (rev 2819) > @@ -60,7 +60,7 @@ > script_copyright(english:"This script is Written by Christian Eric Edjenguele and released under GPL v2 or later"); > family["english"] = "Service detection"; > script_family(english:family["english"]); > -script_require_port("Services/udp/mdns", 5353); > +script_require_ports("Services/udp/mdns", 5353); > > exit(0); > } > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Openvas-commits mailing list > Openvas-commits at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-commits - -- Christian Eric Edjenguele IT Security Software Engineer / IT Enterprise Software Architect Mobile (IT): +39 3408580513 PGP KeyID: 0xB1654498 Key Server: http://pgp.mit.edu - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.9 (GNU/Linux) mQENBEmka7IBCAC5e8/9BlCZR/3XHMO4DWHYoewaODmQypHqPaCfKR+BLTAy8xLZ eVJ0wwNwaLheZeLPfBqu3r/lp58xJhgYHm9gzihfqPbmJh4Dibc/d2XL9UQ1eshs K0JkTlvZtdK5Zo5VmeOZCWlKEMXzlg6HjuYUV4qokqD3qIj6/rhubjtrjlw/XA8P 6pGOFhsDZFXbn+lj80XhRdkObMnmWU6wdgJvEPx1vxvhV9D1sJgZz6FVoXAfTOb3 EjYpluEKdDod46hhF45UJ4Avc8q4DaXxmci5Kdx9rzF2tbvB3Ua6O7l5RaMGNZR2 QtVY65xVxRfAYF+yE3n+YkFQxWGlqVIajry/ABEBAAG0WkNocmlzdGlhbiBFcmlj IEVESkVOR1VFTEUgKElUIFNlY3VyaXR5IFNvZnR3YXJlIEVuZ2luZWVyKSA8Y2hy aXN0aWFuLmVkamVuZ3VlbGVAb3dhc3Aub3JnPokBNgQTAQIAIAUCSaRrsgIbAwYL CQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJENETScWxZUSYS9QH+gOpYUPkon/D/eNm RLCbTaqJhSV6jRH9t+pomm6FiYgphCxDW96OpzA9BieiFEPHhVXAFcHkEBMlk/u0 wILqDNfBoZk3oCq0+/+Zc7z0zRZfgMHwB4czpqhUCrINEjLO0rb2Jff6Hh0C5S9w 8l+x9IiOG9hHNO8ftVr1sNHGDTAWNNZ+pcCt5ROhqiiqnZsvowO1TcDMKEGD9NTW BN+jLFGZRY9/MQsUkWoXBQ8K5S9AP1EPPbSTX68VTj0vINLTk2/XfsJlV9Vd9b7G NkhbAdrvujbqLHDSE3ALpx8sWKg2vPCUAxJJY6S6danpw/XPGKkpcSNfqn4k8sCV e+9MJSu5Ag0ESaRthQEQALEj8eO2WCRqhOHakHhpvGQ4tFEIDS6Z3mnBaNaMc9VM i89LNYvJOgOSnWvIu8EF6Ah+PnhOayb9E3wvH+0nfOwzp6XhDor7h8WLQNL+qzk3 cPxkxdfNDaQdyJclstUqa0nIaPOJgbIRs12N6bCxhAeOKffIkrIdDqjxshTI3S3z fq7choduX8tNHoFzIIl6T+4Q0QXMT8xu5MeBHr+vxlgqNUTWOQn6Q/B6QnrVzWDA gEq4Id45vN4j18iXGqMy8/xWQg3kRHaU563zx8u+7cjV81feMDbQiC6p6nqQHsD4 U07JIVDqjbJESLdeqju6HsNzYKohi/gxhsgouPXdFTrfgkWCklAGwqT7QE0ZnL/t SVC0xpmCLneXAxWGGo27zJKVJ1/iMUgi/i4R+u2K4eQbsBXXYwh0gSxwYReTyr+C 51ugKkvYjTy+U2Fedq3lXEVtnRV02zpO/LlpJR446jRAapVH+ZF9tGMoIHg5hATZ KEzGw9x19/wQSRumTvV0HAQ0lqWW9/0n2VuwI/Sh7YHQ2j/DhyF0blFrooGyIxd2 x5+Xu1PWlYwlUbu7ZsOw1V9cqL5yv5m+w4mL+h8ytHJHHL2Cg8/3qp/QxLT7CnfX fOHAjNxGkS/QfoxEhuSwigPi/Yd51wHcaOLyUdGceOZ79ciQtPgvCFdyrDrfDhSr ABEBAAGJAR8EGAECAAkFAkmkbYUCGwwACgkQ0RNJxbFlRJhbLAgAsCBA7KmGkTmQ mjPNA7Iig8tA5S9fYavbKydNQNxPpL47GLf9V3la4P2/LPLa3rH31Bt+ScfSqAKC 5/geB5BKwmQqRomsQpjhmrpBenPjYrUYG2dEB/BOMvOyvr3dTpWtAg5CwYYnHTNy yJn7dc7whiE94ZxqFdt58K0H5/H449/VHuCJue+uzy0ldrTK8VVpK6uGgrJc5kre 2bpdGVbALpC+yeNMyXCqgGigg9gu1iHXSSGgbQfW+AhsFpiN37fPq8zDNU2C8sp3 4Y45EYRmRCZ+0a9WSRnYALRZFdvjysKfRjP3o4Ax/d4cSi6v2pT93yfoA2TQMkLF E1MQObpE5A== =7VGF - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEcBAEBAgAGBQJJv/LDAAoJENETScWxZUSY9hEH/0zP4wv/ceoAcMgkCtuLFWsY mZvW5ijE8qGftXhqqclaxfUUfsPhhiIzb5nG/UqPAJ3BB+vMp0swux+U72LZK/6W MXbt0/8JXhTE7apzETwWxAVo3x6y44maSe1+W3qqgSFlr0OmP30vH5gzb6kCpcpd foO9Ot09zJgwoGWvsId8BU4QlownVu4+NwqKi2CydE4g53y1ZOjYhxpZAnl7/GJ2 l3xxTIjycu+Z22cDd9Ap1ZjmTjpc4GXb8mnlbLmYRHnomVdt2zmCkzrdMcQP7hXH dwMPEeJDJuFKpZIDCo8DH9QYnGGyjniX3rokTeH/quBD2FPa1toAtCtoGefo1KI= =CTY7 -----END PGP SIGNATURE----- From kost at linux.hr Tue Mar 17 20:49:12 2009 From: kost at linux.hr (Vlatko Kosturjak) Date: Tue, 17 Mar 2009 20:49:12 +0100 Subject: [Openvas-devel] [Openvas-commits] r2819 - in trunk/openvas-plugins: . scripts In-Reply-To: <49BFF2CD.4070601@owasp.org> References: <20090317182015.812CC40790@pyrosoma.intevation.org> <49BFF2CD.4070601@owasp.org> Message-ID: <49BFFEB8.7050305@linux.hr> Hello Christian Eric! Christian Eric Edjenguele wrote: >> YES, scripts, should be TESTED before allowing to go to feed. > I've tested the script using the interpreter, not the gui client, > chrix at darkstar:~/Workspaces/OpenVAS/trunk/openvas-plugins/scripts$ > openvas-nasl -D -X remote-MS04-011.nasl > ** WARNING : packet forgery will not work > ** as NASL is not running as root > -D to parse description and -X to parse for syntax error, and I got no > error, this appen when server load the plugin, this is limitation from > server side. Yes, you're right. Such errors are not detectable by openvas-nasl, but only with openvasd. I guess we need to have more robust testing procedures. I think that errors like these ones we can easily avoid by having additional testing procedures with openvasd. Kost From jan-oliver.wagner at intevation.de Wed Mar 18 08:43:35 2009 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Wed, 18 Mar 2009 08:43:35 +0100 Subject: [Openvas-devel] OTP Feature Request / Problem In-Reply-To: <49BFAA8F.7000201@gmail.com> References: <49BFAA8F.7000201@gmail.com> Message-ID: <200903180843.35921.jan-oliver.wagner@intevation.de> Hello Shawn, On Tuesday 17 March 2009 14:50:07 Shawn Duffy wrote: > I noticed that the client PLUGIN_INFO command only gets a response if > the server has matched the supplied OID with a plugin that's currently > loaded. If there is no match, it doesn't respond at all. Are there any > plans to change the protocol so that the server will at least respond > with some sort of string? Otherwise, lack of a response seems somewhat > ambiguous if your writing a client or protocol handler, right? > > Just a thought as I've been learning to implement the protocol in PHP. > I've managed to implement the PLUGIN_INFO command but the lack of > response just doesn't feel right. well, first of all we work on the new OMP that really makes a difference to the old NTP and finally gets rid of the design flaws. OTP inherited a couple of these flaws because we did not want to introduce too many changes during first improvements. See here for more about OMP: http://www.openvas.org/openvas-cr-28.html NTP/OTP are not designed with strict Question->Answer scheme. Its more like a stream where you though things in and have to fish things from. Perhaps you see the reason why we want to get rid of this ;-) I'd like to hear some more voices on whether it still makes sense to improve OTP ins some details? Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From openvas-bugs at wald.intevation.org Tue Mar 17 20:40:18 2009 From: openvas-bugs at wald.intevation.org (openvas-bugs@wald.intevation.org) Date: Tue, 17 Mar 2009 20:40:18 +0100 (CET) Subject: [Openvas-devel] =?utf-8?q?=5Bopenvas-Bugs=5D=5B913=5D_Dialog_box_?= =?utf-8?q?with_error_is_displayed_when_trying_to_execute_task=2E?= Message-ID: <20090317194018.C4F4840782@pyrosoma.intevation.org> Bugs item #913, was opened at 2009-03-17 20:40 Status: Open Priority: 3 Submitted By: Vlatko Kosturjak (kost) Assigned to: Nobody (None) Summary: Dialog box with error is displayed when trying to execute task. Resolution: None Severity: minor Version: v2.0.2 Component: openvas-client Operating System: Linux Product: OpenVAS Hardware: None URL: Initial Comment: Clean install. When trying to execute the task in OpenVAS client following error is displayed via dialog box (and in message log): Error: Can't open /home/login/.openvas/.ssh/.logins: No such file or directory Of course it can't open because it's fresh install and it is first run of OpenVAS client. It should: a) create that empty file or b) silently ignore the error It is latest (stable) version of OpenVAS client (2.0.2). ---------------------------------------------------------------------- You can respond by visiting: http://wald.intevation.org/tracker/?func=detail&atid=220&aid=913&group_id=29 From openvas-bugs at wald.intevation.org Thu Mar 19 11:59:46 2009 From: openvas-bugs at wald.intevation.org (openvas-bugs@wald.intevation.org) Date: Thu, 19 Mar 2009 11:59:46 +0100 (CET) Subject: [Openvas-devel] =?utf-8?q?=5Bopenvas-Bugs=5D=5B914=5D_NVTs_not_ex?= =?utf-8?q?ecuted_if_dependencies_not_met?= Message-ID: <20090319105946.0B56D2C04C@pyrosoma.intevation.org> Bugs item #914, was opened at 2009-03-19 11:59 Status: Open Priority: 3 Submitted By: Jan-Oliver Wagner (jan) Assigned to: Nobody (None) Summary: NVTs not executed if dependencies not met Resolution: None Severity: major Version: None Component: openvas-server Operating System: None Product: OpenVAS Hardware: None URL: Initial Comment: I observed the problem that I selected a single plugin with a couple of dependendies and run it. I receive an empty report (just within 1 second). openvasd.messages says: [Thu Mar 19 11:33:38 2009][8975] user jan : testing XXX.YYY (192.168.XXX.XXX) [25650] [Thu Mar 19 11:33:38 2009][25650] Finished testing XXX.YYY. Time : 0.09 secs [Thu Mar 19 11:33:38 2009][8975] user jan : test complete [Thu Mar 19 11:33:38 2009][8975] Total time to scan all hosts : 0 seconds [Thu Mar 19 11:33:38 2009][8975] user jan : Kept alive connection The openvasd.dump shows quite some entries like Thu Mar 19 11:33:38 2009][8975] scheduler: XXX.nasl depends on YYY.nasl which could not be found, thus this dependency is not considered for execution sequence IMHO the user MUST be informed properly that the execution of the NVT was not done. ---------------------------------------------------------------------- You can respond by visiting: http://wald.intevation.org/tracker/?func=detail&atid=220&aid=914&group_id=29 From openvas-bugs at wald.intevation.org Thu Mar 19 12:05:27 2009 From: openvas-bugs at wald.intevation.org (openvas-bugs@wald.intevation.org) Date: Thu, 19 Mar 2009 12:05:27 +0100 (CET) Subject: [Openvas-devel] =?utf-8?q?=5Bopenvas-Bugs=5D=5B915=5D_OpenVAS_ser?= =?utf-8?q?ver_scheduler_reports_about_irrelevant_not-met_dependenc?= =?utf-8?q?ies?= Message-ID: <20090319110527.8B1B440786@pyrosoma.intevation.org> Bugs item #915, was opened at 2009-03-19 12:05 Status: Open Priority: 3 Submitted By: Jan-Oliver Wagner (jan) Assigned to: Nobody (None) Summary: OpenVAS server scheduler reports about irrelevant not-met dependencies Resolution: None Severity: normal Version: None Component: openvas-server Operating System: None Product: OpenVAS Hardware: None URL: Initial Comment: I enabled a single NVT with a depencendy (which is not met). When executing the scan, not only this unmet dependency is reported in opevasd.messages, but also a couple of other. I wonder why the scheduler looks at those other NVTs at all. It is not necessary. To me this says the scheduler is suboptimal implemented. ---------------------------------------------------------------------- You can respond by visiting: http://wald.intevation.org/tracker/?func=detail&atid=220&aid=915&group_id=29 From openvas-bugs at wald.intevation.org Thu Mar 19 13:28:09 2009 From: openvas-bugs at wald.intevation.org (openvas-bugs@wald.intevation.org) Date: Thu, 19 Mar 2009 13:28:09 +0100 (CET) Subject: [Openvas-devel] =?utf-8?q?=5Bopenvas-Bugs=5D=5B916=5D_Caching_=28?= =?utf-8?q?store=29_mechnism_limits_OpenVAS_too_much?= Message-ID: <20090319122809.0AE8414237@pyrosoma.intevation.org> Bugs item #916, was opened at 2009-03-19 13:28 Status: Open Priority: 3 Submitted By: Jan-Oliver Wagner (jan) Assigned to: Nobody (None) Summary: Caching (store) mechnism limits OpenVAS too much Resolution: None Severity: normal Version: None Component: openvas-server Operating System: None Product: OpenVAS Hardware: None URL: Initial Comment: The store.c module that handles the cache uses fixed length for various dynamic items of a NASL script (e.g. description or required_keys). Just increasing the size of the cache struct makes the cache increase in size dramatically. The rapid startup of the server should be made possible with a superior caching mechanism that allows dynamic length of descriptions, etc. ---------------------------------------------------------------------- You can respond by visiting: http://wald.intevation.org/tracker/?func=detail&atid=220&aid=916&group_id=29 From michael.wiegand at intevation.de Fri Mar 20 08:58:17 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Fri, 20 Mar 2009 08:58:17 +0100 Subject: [Openvas-devel] [Openvas-commits] r2835 - trunk/openvas-plugins/scripts In-Reply-To: <20090318212407.98AF740792@pyrosoma.intevation.org> References: <20090318212407.98AF740792@pyrosoma.intevation.org> Message-ID: <20090320075817.GA7662@intevation.de> Hello Eric, I think there is a bug in remote-detect-MSdotNET-version.nasl: I'm running it against an Apache target on Linux and I'm getting a security note consisting of only the string " and " from you script. Could you fix this? Regards, Michael * scm-commit at wald.intevation.org [18. Mar 2009]: > Author: edjenguele > Date: 2009-03-18 22:24:02 +0100 (Wed, 18 Mar 2009) > New Revision: 2835 > > Modified: > trunk/openvas-plugins/scripts/remote-detect-MSdotNET-version.nasl > Log: > Fix Regex for version handling : thanks to Chandra for that regex :) > TODO: > * some script that I've committed use this plugin as a dependency > as they report the vulnerability based on the exact version of .net > and this script report the complete exact version string. > * use the revisions-lib.inc by Thomas Reinke to compare these versions string > > > Modified: trunk/openvas-plugins/scripts/remote-detect-MSdotNET-version.nasl > =================================================================== > --- trunk/openvas-plugins/scripts/remote-detect-MSdotNET-version.nasl 2009-03-18 13:42:27 UTC (rev 2834) > +++ trunk/openvas-plugins/scripts/remote-detect-MSdotNET-version.nasl 2009-03-18 21:24:02 UTC (rev 2835) > @@ -70,49 +70,50 @@ > > include("misc_func.inc"); > include("http_func.inc"); > +include("http_keepalive.inc"); > > -iis_servers = get_kb_list("Services/www"); > > # request a non existant random page > -# test page in browser: http://www.camstar.com/000111222.aspx > - > -page = string(rand() + '.aspx'); > +page = string(rand() + ".aspx"); > > -foreach port (iis_servers) > -{ > - soc = open_sock_tcp(port); > - qry = strcat('GET /' , page , ' HTTP/1.0\r\n\r\n'); > - > - req = http_get(item:qry, port:port); > - send(socket:soc, data:req); > +port = get_http_port(default:80); > + > +request = string( > + "GET /", page, " HTTP/1.0\r\n", > + "User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; OpenVAS)\r\n", > + "Accept-Language: en-us,en;q=0.5\r\n", > + "Keep-Alive: 300\r\n", > + "Connection: keep-alive\r\n", > + "Content-Type: application/x-www-form-urlencoded\r\n\r\n" > + ); > > + > + > # Get back the response > - reply = recv(socket:soc, length:1204); > + response = http_keepalive_send_recv(port:port, data:request, bodyonly:1); > + report = ''; > > # Get the ASP.NET Microsoft .Net Framework version > - # a tipical response from test page above > + # a response example: > # Version Information: Microsoft .NET Framework Version:2.0.50727.1433; ASP.NET Version:2.0.50727.1433 > - dotNet_header = egrep(pattern:"Microsoft .NET Framework Version:([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)", string:reply, icase:TRUE); > - aspNet_header = egrep(pattern:"ASP.NET Version:([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)", string:reply, icase:TRUE); > + dotNet_header = eregmatch(pattern:"Microsoft .NET Framework Version:([0-9.]+)",string:response, icase:TRUE); > + aspNet_header = eregmatch(pattern:"ASP.NET Version:([0-9.]+)",string:response, icase:TRUE); > > - if(('Version Information' >< response) && dotNet_header) > - dotnetversion = ereg_replace(string:response, pattern:dotNet_header,"\1"); > - report = "Detected Microsoft .NET Framework version: " + dotnetversion; > + if(('Version Information' >< response) && dotNet_header){ > + report = "OpenVAS was able to Detected " + dotNet_header[0]; > + > + # save informations into the kb > + set_kb_item(name:"dotNET/install", value:TRUE); > + set_kb_item(name:"dotNET/port", value:port); > + set_kb_item(name:"dotNet/version", value:dotNet_header[1]); > + } > > - if(aspNET_header) > - aspnetversion = ereg_replace(string:response, pattern:aspNet_header,"\1"); > - report += "Detected ASP .NET version: " + aspnetversion; > + if(aspNET_header >< response){ > + report += " and " + aspNet_header[0]; > > # save informations into the kb > - set_kb_item(name:"dotNET/installed", value:TRUE); > set_kb_item(name:"aspNET/installed", value:TRUE); > - set_kb_item(name:"dotNET/version", value:dotnetversion); > - set_kb_item(name:"aspNET/version", value:aspnetversion); > - set_kb_item(name:"dotNET/port", value:port); > - > - # report all gathered informations > - security_note(port:port, data:report); > - > - > -} > - > + set_kb_item(name:"aspNET/version", value:aspNet_header[1]); > + } > + # report all gathered informations > + security_note(port:port, data:report); > > _______________________________________________ > Openvas-commits mailing list > Openvas-commits at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-commits -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 206 bytes Desc: not available Url : http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20090320/306a12ff/attachment.pgp From christian.edjenguele at owasp.org Fri Mar 20 09:19:56 2009 From: christian.edjenguele at owasp.org (Christian Edjenguele) Date: Fri, 20 Mar 2009 09:19:56 +0100 Subject: [Openvas-devel] [Openvas-commits] r2835 - trunk/openvas-plugins/scripts In-Reply-To: <20090320075817.GA7662@intevation.de> References: <20090318212407.98AF740792@pyrosoma.intevation.org> <20090320075817.GA7662@intevation.de> Message-ID: Ah yes, this is beacause I've checked the .Net version and ASP version separately and concatenate the result in the report string with report += ...+ "and" + .... Then added the report string in the report function with security_note(port:port, data:report); this is if .Net or ASP was not found, the report string will always be "and". It's a minor fix, but I don't have my personal notebook here as I'm at work, I'll fix that at 7.00 pm after the work. Regards. On Fri, Mar 20, 2009 at 8:58 AM, Michael Wiegand < michael.wiegand at intevation.de> wrote: > Hello Eric, > > I think there is a bug in remote-detect-MSdotNET-version.nasl: I'm > running it against an Apache target on Linux and I'm getting a security > note consisting of only the string " and " from you script. Could you > fix this? > > Regards, > > Michael > > * scm-commit at wald.intevation.org [18. Mar 2009]: > > Author: edjenguele > > Date: 2009-03-18 22:24:02 +0100 (Wed, 18 Mar 2009) > > New Revision: 2835 > > > > Modified: > > trunk/openvas-plugins/scripts/remote-detect-MSdotNET-version.nasl > > Log: > > Fix Regex for version handling : thanks to Chandra for that regex :) > > TODO: > > * some script that I've committed use this plugin as a dependency > > as they report the vulnerability based on the exact version of .net > > and this script report the complete exact version string. > > * use the revisions-lib.inc by Thomas Reinke to compare these versions > string > > > > > > Modified: > trunk/openvas-plugins/scripts/remote-detect-MSdotNET-version.nasl > > =================================================================== > > --- trunk/openvas-plugins/scripts/remote-detect-MSdotNET-version.nasl > 2009-03-18 13:42:27 UTC (rev 2834) > > +++ trunk/openvas-plugins/scripts/remote-detect-MSdotNET-version.nasl > 2009-03-18 21:24:02 UTC (rev 2835) > > @@ -70,49 +70,50 @@ > > > > include("misc_func.inc"); > > include("http_func.inc"); > > +include("http_keepalive.inc"); > > > > -iis_servers = get_kb_list("Services/www"); > > > > # request a non existant random page > > -# test page in browser: http://www.camstar.com/000111222.aspx > > - > > -page = string(rand() + '.aspx'); > > +page = string(rand() + ".aspx"); > > > > -foreach port (iis_servers) > > -{ > > - soc = open_sock_tcp(port); > > - qry = strcat('GET /' , page , ' HTTP/1.0\r\n\r\n'); > > - > > - req = http_get(item:qry, port:port); > > - send(socket:soc, data:req); > > +port = get_http_port(default:80); > > + > > +request = string( > > + "GET /", page, " HTTP/1.0\r\n", > > + "User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; OpenVAS)\r\n", > > + "Accept-Language: en-us,en;q=0.5\r\n", > > + "Keep-Alive: 300\r\n", > > + "Connection: keep-alive\r\n", > > + "Content-Type: application/x-www-form-urlencoded\r\n\r\n" > > + ); > > > > + > > + > > # Get back the response > > - reply = recv(socket:soc, length:1204); > > + response = http_keepalive_send_recv(port:port, data:request, > bodyonly:1); > > + report = ''; > > > > # Get the ASP.NET Microsoft .Net Framework version > > - # a tipical response from test page above > > + # a response example: > > # Version Information: Microsoft .NET Framework > Version:2.0.50727.1433; ASP.NET Version:2.0.50727.1433 > > - dotNet_header = egrep(pattern:"Microsoft .NET Framework > Version:([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)", string:reply, icase:TRUE); > > - aspNet_header = egrep(pattern:"ASP.NETVersion:([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)", string:reply, icase:TRUE); > > + dotNet_header = eregmatch(pattern:"Microsoft .NET Framework > Version:([0-9.]+)",string:response, icase:TRUE); > > + aspNet_header = eregmatch(pattern:"ASP.NETVersion:([0-9.]+)",string:response, icase:TRUE); > > > > - if(('Version Information' >< response) && dotNet_header) > > - dotnetversion = ereg_replace(string:response, > pattern:dotNet_header,"\1"); > > - report = "Detected Microsoft .NET Framework version: " + > dotnetversion; > > + if(('Version Information' >< response) && dotNet_header){ > > + report = "OpenVAS was able to Detected " + > dotNet_header[0]; > > + > > + # save informations into the kb > > + set_kb_item(name:"dotNET/install", value:TRUE); > > + set_kb_item(name:"dotNET/port", value:port); > > + set_kb_item(name:"dotNet/version", value:dotNet_header[1]); > > + } > > > > - if(aspNET_header) > > - aspnetversion = ereg_replace(string:response, > pattern:aspNet_header,"\1"); > > - report += "Detected ASP .NET version: " + > aspnetversion; > > + if(aspNET_header >< response){ > > + report += " and " + aspNet_header[0]; > > > > # save informations into the kb > > - set_kb_item(name:"dotNET/installed", value:TRUE); > > set_kb_item(name:"aspNET/installed", value:TRUE); > > - set_kb_item(name:"dotNET/version", value:dotnetversion); > > - set_kb_item(name:"aspNET/version", value:aspnetversion); > > - set_kb_item(name:"dotNET/port", value:port); > > - > > - # report all gathered informations > > - security_note(port:port, data:report); > > - > > - > > -} > > - > > + set_kb_item(name:"aspNET/version", value:aspNet_header[1]); > > + } > > + # report all gathered informations > > + security_note(port:port, data:report); > > > > _______________________________________________ > > Openvas-commits mailing list > > Openvas-commits at wald.intevation.org > > http://lists.wald.intevation.org/mailman/listinfo/openvas-commits > > -- > Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de > Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 > Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner > -- -- Christian Eric Edjenguele IT Security Software Engineer / Enterprise Software Architect Mobile: +39 3408580513 PGP KeyID: B1654498 Primary Key Server: pgp.mit.edu -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20090320/2713a006/attachment-0001.html From swurth at astaro.com Tue Mar 24 12:34:32 2009 From: swurth at astaro.com (Sven Wurth) Date: Tue, 24 Mar 2009 04:34:32 -0700 Subject: [Openvas-devel] make openvas-libnasl-1.0.1 problems Message-ID: <13A7D16E6BC8794CB20DF8218B944BB20EC50394@dhost002-54.dex002.intermedia.net> Jan, it's quite a long time ago, but here are news now ... I tried to use lenny and etch, both with the same failure: "error: too few arguments to function 'nasllex'" And this was also with new libnasl-2.0.1. As requested I attached nasl_grammar.tab.c and nasl_grammar.y. Thanks, regards Sven On Mittwoch, 20. August 2008, Sven Wurth wrote: > I have a problem with making openvas-libnasl-1.0.1 on my Debian Lenny. > I attached the output of my "make". > > Any ideas? not yet. Can you send nasl_grammar.tab.c and nasl_grammar.y so I can compare with my files. Ther might be some difference. If you have Etch as well, you can try comaprison yourself, it is just a guess it might be in these two files. Best Jan -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabr??ck Amtsgericht Osnabr??ck, HR B 18998 http://www.intevation.de/ Gesch??ftsf??hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner [Openvas-devel] make openvas-libnasl-1.0.1 problems Sven Wurth swurth at astaro.com Wed Aug 20 15:27:38 CEST 2008 Previous message: [Openvas-devel] openvasd - bug in OpenVAS server, right after portscan Next message: [Openvas-devel] make openvas-libnasl-1.0.1 problems Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] Hi openvas ML, I have a problem with making openvas-libnasl-1.0.1 on my Debian Lenny. I attached the output of my "make". Any ideas? best regards Sven ----------------------------------------------------------------------------------------- make[1]: Entering directory `/root/openvas-libnasl-1.0.1/nasl' /bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c nasl_packet_forgery.c /bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c nasl_socket.c /bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c nasl_crypto.c nasl_crypto.c: In function 'nasl_gcrypt_hash': nasl_crypto.c:76: warning: pointer targets in passing argument 1 of 'nasl_strndup' differ in signedness /bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c -DNESSUS_STATE_DIR=\"/usr/local/var\" nasl_crypto2.c /bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c nasl_http.c /bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c nasl_host.c /bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c nasl_text_utils.c /bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c nasl_nessusd_glue.c /bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c nasl_misc_funcs.c ^[OH/bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c -DNESSUS_STATE_DIR=\"/usr/local/var\" nasl_cmd_exec.c /bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c capture_packet.c bison -d -v -t -p nasl nasl_grammar.y nasl_grammar.y:47 parser name defined to default :"parse" /bin/sh /root/openvas-libnasl-1.0.1/libtool --silent gcc -pipe -g -O2 -Wall -I../include `/usr/bin/libopenvas-config --cflags` `/usr/bin/gpgme-config --cflags` -DNESSUS_EXTENSIONS -I. -I/root/openvas-libnasl-1.0.1/include -DHAVE_CONFIG_H -c nasl_grammar.tab.c /usr/share/bison++/bison.cc: In function 'naslparse': /usr/share/bison++/bison.cc:730: error: too few arguments to function 'nasllex' make[1]: *** [nasl_grammar.tab.o] Error 1 make[1]: Leaving directory `/root/openvas-libnasl-1.0.1/nasl' make: *** [all] Error 2 -------------- next part -------------- A non-text attachment was scrubbed... Name: nasl_grammar.y Type: application/octet-stream Size: 26756 bytes Desc: nasl_grammar.y Url : http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20090324/dd9580bd/nasl_grammar-0001.obj -------------- next part -------------- A non-text attachment was scrubbed... Name: nasl_grammar.tab.c Type: application/octet-stream Size: 90855 bytes Desc: nasl_grammar.tab.c Url : http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20090324/dd9580bd/nasl_grammar.tab-0001.obj From michael.wiegand at intevation.de Wed Mar 25 08:24:45 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Wed, 25 Mar 2009 08:24:45 +0100 Subject: [Openvas-devel] make openvas-libnasl-1.0.1 problems In-Reply-To: <13A7D16E6BC8794CB20DF8218B944BB20EC50394@dhost002-54.dex002.intermedia.net> References: <13A7D16E6BC8794CB20DF8218B944BB20EC50394@dhost002-54.dex002.intermedia.net> Message-ID: <20090325072444.GA25375@intevation.de> * Sven Wurth [25. Mar 2009]: > it's quite a long time ago, but here are news now ... > > I tried to use lenny and etch, both with the same failure: "error: too few arguments to function 'nasllex'" > And this was also with new libnasl-2.0.1. > > As requested I attached nasl_grammar.tab.c and nasl_grammar.y. At a first glance, I would guess that this is related to the fact that you seem to be using bison++. I'm routinely compiling openvas-libnasl on both etch and lenny systems and have never encountered this issue with bison (instead of bison++). There might be some incompatibilities between bison and bison++. Could you replace bison++ with bison on your test system and let me know if it works? Regards, Michael -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 206 bytes Desc: not available Url : http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20090325/6ce2fe2e/attachment.pgp From swurth at astaro.com Wed Mar 25 08:47:23 2009 From: swurth at astaro.com (Sven Wurth) Date: Wed, 25 Mar 2009 00:47:23 -0700 Subject: [Openvas-devel] make openvas-libnasl-1.0.1 problems In-Reply-To: <20090325072444.GA25375@intevation.de> References: <13A7D16E6BC8794CB20DF8218B944BB20EC50394@dhost002-54.dex002.intermedia.net> <20090325072444.GA25375@intevation.de> Message-ID: <13A7D16E6BC8794CB20DF8218B944BB20ECE8AEF@dhost002-54.dex002.intermedia.net> Michael, thanks, purging the bison++ solved my problem under etch, lenny and testing. regards Sven -----Original Message----- From: Michael Wiegand [mailto:michael.wiegand at intevation.de] Sent: Wednesday, March 25, 2009 8:25 AM To: Sven Wurth Cc: openvas-devel at wald.intevation.org Subject: Re: Re: [Openvas-devel] make openvas-libnasl-1.0.1 problems * Sven Wurth [25. Mar 2009]: > it's quite a long time ago, but here are news now ... > > I tried to use lenny and etch, both with the same failure: "error: too few arguments to function 'nasllex'" > And this was also with new libnasl-2.0.1. > > As requested I attached nasl_grammar.tab.c and nasl_grammar.y. At a first glance, I would guess that this is related to the fact that you seem to be using bison++. I'm routinely compiling openvas-libnasl on both etch and lenny systems and have never encountered this issue with bison (instead of bison++). There might be some incompatibilities between bison and bison++. Could you replace bison++ with bison on your test system and let me know if it works? Regards, Michael -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From michael.wiegand at intevation.de Wed Mar 25 09:00:51 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Wed, 25 Mar 2009 09:00:51 +0100 Subject: [Openvas-devel] make openvas-libnasl-1.0.1 problems In-Reply-To: <13A7D16E6BC8794CB20DF8218B944BB20ECE8AEF@dhost002-54.dex002.intermedia.net> References: <13A7D16E6BC8794CB20DF8218B944BB20EC50394@dhost002-54.dex002.intermedia.net> <20090325072444.GA25375@intevation.de> <13A7D16E6BC8794CB20DF8218B944BB20ECE8AEF@dhost002-54.dex002.intermedia.net> Message-ID: <20090325080051.GB25375@intevation.de> * Sven Wurth [25. Mar 2009]: > Michael, > thanks, purging the bison++ solved my problem under etch, lenny and testing. Glad to hear my guess was correct. :) I have filed a bug report for this issue (http://bugs.openvas.org/917), I hope to have a workaround or a solution in place by the time the next openvas-libnasl version is released. If there is anything you want to add to the bug report, please feel free to do so. Thank you for spotting this issue! Regards, Michael -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 206 bytes Desc: not available Url : http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20090325/bc9c0666/attachment.pgp From openvas-bugs at wald.intevation.org Wed Mar 25 08:57:43 2009 From: openvas-bugs at wald.intevation.org (openvas-bugs@wald.intevation.org) Date: Wed, 25 Mar 2009 08:57:43 +0100 (CET) Subject: [Openvas-devel] =?utf-8?q?=5Bopenvas-Bugs=5D=5B917=5D_openvas-lib?= =?utf-8?q?nasl_fails_to_compile_if_bison++_is_present?= Message-ID: <20090325075743.B64E840781@pyrosoma.intevation.org> Bugs item #917, was opened at 2009-03-25 08:57 Status: Open Priority: 3 Submitted By: Michael Wiegand (mwiegand) Assigned to: Michael Wiegand (mwiegand) Summary: openvas-libnasl fails to compile if bison++ is present Resolution: Accepted As Bug Severity: minor Version: v2.0.1 Component: openvas-libnasl Operating System: Linux Product: None Hardware: None URL: Initial Comment: During the build process, the openvas-libnasl Makefile calls the "bison" executable to generate the nasl_grammar.tab.c file. This works if the executable is provided by the bison package, but fails in Debian (and possibly other distributions) if it is provided by bison++. The bug leads to the following error message: /usr/share/bison++/bison.cc: In function 'naslparse': /usr/share/bison++/bison.cc:730: error: too few arguments to function 'nasllex' make[1]: *** [nasl_grammar.tab.o] Error 1 make[1]: Leaving directory `/root/openvas-libnasl-1.0.1/nasl' make: *** [all] Error 2 As a workaround, openvas-libnasl should check for the correct bison executable during configuration and alert the user if bison++ is found. If compatibility with bison++ is desired, the incompatibilities prevent the build should be addressed. This bug was first described by Sven Wurth. ---------------------------------------------------------------------- You can respond by visiting: http://wald.intevation.org/tracker/?func=detail&atid=220&aid=917&group_id=29 From felix.wolfsteller at intevation.de Thu Mar 26 09:19:55 2009 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Thu, 26 Mar 2009 09:19:55 +0100 Subject: [Openvas-devel] openvas-client: proposal to increase libgtk- version requirement Message-ID: <200903260919.55582.felix.wolfsteller@intevation.de> I propose that openvas-client requires GTK+ 2.6 (currently 2.4). This would allow for some cleanups in the code base. This newer GTK+-Version does not force us to increase the GLib requirements (>=2.6). Debian etch ships with version 2.8 (http://packages.debian.org/etch/libgtk2.0-0) which in turn requires GLib 2.12. I am quite sure that most other distros ship with a more recent version as well, as GTK+ 2.6.0 was released in dec 2004. Any objections? I ask because I realized that actually in my contributed code some gtk 2.6 functions are used - since openvas-client 2.0.1 -- felix -- Felix Wolfsteller | ++49-541-335 08 3451 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From geoff at galitz.org Thu Mar 26 09:58:38 2009 From: geoff at galitz.org (Geoff Galitz) Date: Thu, 26 Mar 2009 09:58:38 +0100 Subject: [Openvas-devel] doc work for OpenVAS Message-ID: <9902F1D995E74B78AFE7ECC6703983A5@geoffPC> Has any work been done on the English documentation in the last few months? I saw some activity on the list about it. I am a native English speaker and I have some time right now to contribute. I have experience in technical writing as part of my larger role as a systems engineer for the past 20 years and I even have experience with the old nessus 1.x and 2.x codebase. -geoff --------------------------------- Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ From michael.wiegand at intevation.de Thu Mar 26 10:12:19 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Thu, 26 Mar 2009 10:12:19 +0100 Subject: [Openvas-devel] doc work for OpenVAS In-Reply-To: <9902F1D995E74B78AFE7ECC6703983A5@geoffPC> References: <9902F1D995E74B78AFE7ECC6703983A5@geoffPC> Message-ID: <20090326091219.GB13022@intevation.de> * Geoff Galitz [26. Mar 2009]: > Has any work been done on the English documentation in the last few months? > I saw some activity on the list about it. Jon Bebeau (JBebeau at CASTLEGARDE.COM) and Anne Henmi (hobbes at tigertribe.org) have recently offered their help. > I am a native English speaker and I have some time right now to contribute. > I have experience in technical writing as part of my larger role as a > systems engineer for the past 20 years and I even have experience with the > old nessus 1.x and 2.x codebase. Sounds great, thanks a lot for your offer! Doing some proofreading is probably the best way to start, but if you have already identified an area where you would like to work on, feel free to do so. Please coordinate your efforts with Anne and Jon to avoid duplicate work. Anne is currently working on the introduction if I'm not mistaken, I'm not sure which area Jon is working on. Please use the public mailing list (like this one, openvas-devel) to coordiniate. Again, thanks for your offer; if you have any questions or suggestions, feel free to contact me or the list. You are of course more than welcome to join us on IRC in #openvas on irc.oftc.net. Regards, Michael -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 206 bytes Desc: not available Url : http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20090326/9f5935b2/attachment.pgp From geoff at galitz.org Thu Mar 26 10:38:19 2009 From: geoff at galitz.org (Geoff Galitz) Date: Thu, 26 Mar 2009 10:38:19 +0100 Subject: [Openvas-devel] doc work for OpenVAS In-Reply-To: <20090326091219.GB13022@intevation.de> References: <9902F1D995E74B78AFE7ECC6703983A5@geoffPC> <20090326091219.GB13022@intevation.de> Message-ID: <4C1BAC8D48A349C393205DED9AFBD29E@geoffPC> > Please coordinate your efforts with Anne and Jon to avoid duplicate > work. Anne is currently working on the introduction if I'm not mistaken, > I'm not sure which area Jon is working on. Please use the public mailing > list (like this one, openvas-devel) to coordiniate. Will do. > Again, thanks for your offer; if you have any questions or suggestions, > feel free to contact me or the list. You are of course more than welcome > to join us on IRC in #openvas on irc.oftc.net. My pleasure. From geoff at galitz.org Thu Mar 26 10:45:32 2009 From: geoff at galitz.org (Geoff Galitz) Date: Thu, 26 Mar 2009 10:45:32 +0100 Subject: [Openvas-devel] EN doc copyediting Message-ID: <80A7A8478B024BDAB8907A79E762B137@geoffPC> Hi Jon and Anne. I'd be happy to start copyediting/proofing this week. Let me know which sections are currently available. --------------------------------- Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ From michael.wiegand at intevation.de Thu Mar 26 10:46:59 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Thu, 26 Mar 2009 10:46:59 +0100 Subject: [Openvas-devel] openvas-client: proposal to increase libgtk- version requirement In-Reply-To: <200903260919.55582.felix.wolfsteller@intevation.de> References: <200903260919.55582.felix.wolfsteller@intevation.de> Message-ID: <20090326094659.GC13022@intevation.de> * Felix Wolfsteller [26. Mar 2009]: > I propose that openvas-client requires GTK+ 2.6 (currently 2.4). > > Any objections? No objections from my side, +1. Regards, Michael -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 206 bytes Desc: not available Url : http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20090326/6ed441ee/attachment.pgp From labeneator at gmail.com Thu Mar 26 11:15:46 2009 From: labeneator at gmail.com (Laban Mwangi) Date: Thu, 26 Mar 2009 13:15:46 +0300 Subject: [Openvas-devel] openvas-client: proposal to increase libgtk- version requirement In-Reply-To: <20090326094659.GC13022@intevation.de> References: <200903260919.55582.felix.wolfsteller@intevation.de> <20090326094659.GC13022@intevation.de> Message-ID: <1238062546.4386.16.camel@hyperion.penguinlabs.co.ke> From the few reviews I've read, 2.6 looks good :) +1 On Thu, 2009-03-26 at 10:46 +0100, Michael Wiegand wrote: > * Felix Wolfsteller [26. Mar 2009]: > > I propose that openvas-client requires GTK+ 2.6 (currently 2.4). > > > > Any objections? > > No objections from my side, +1. > > Regards, > > Michael > > _______________________________________________ > Openvas-devel mailing list > Openvas-devel at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-devel -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part Url : http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20090326/b01cac0b/attachment.pgp From hobbes at vaxer.net Thu Mar 26 15:38:05 2009 From: hobbes at vaxer.net (HObbES) Date: Thu, 26 Mar 2009 07:38:05 -0700 Subject: [Openvas-devel] EN doc copyediting In-Reply-To: <80A7A8478B024BDAB8907A79E762B137@geoffPC> References: <80A7A8478B024BDAB8907A79E762B137@geoffPC> Message-ID: <20090326143805.GA30182@maple.vaxer.net> Hi Geoff, The introduction needs to be written, and I probably won't be able to get to it soon, so if you want to start with that feel free. :) We should probably get our efforts coordinated as there are three of us willing to do doc work, and it would be nice if we can each focus on these. Other than the compendium, are there any other English docs? -Anne This one time, Geoff Galitz wrote: > > > Hi Jon and Anne. > > I'd be happy to start copyediting/proofing this week. Let me know which > sections are currently available. > > > --------------------------------- > Geoff Galitz > Blankenheim NRW, Germany > http://www.galitz.org/ > http://german-way.com/blog/ > > > > _______________________________________________ > Openvas-devel mailing list > Openvas-devel at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-devel -- It is proverbial that from (\`--/') _ _______ .-r-. a hungry tiger and an >.~.\ `` ` `,`,`. ,'_'~`. affectionate woman there is (v_," ; `,-\ ; : ; \/,-~) \ no escape. -Ernest Bramah `--'_..),-/ ' ' '_.>-' )`.`.__.') hobbes at vaxer dot net ((,((,__..'~~~~~~((,__..' `-..-'fL From JBebeau at CASTLEGARDE.COM Thu Mar 26 15:46:35 2009 From: JBebeau at CASTLEGARDE.COM (Jon Bebeau) Date: Thu, 26 Mar 2009 10:46:35 -0400 Subject: [Openvas-devel] EN doc copyediting In-Reply-To: <20090326143805.GA30182@maple.vaxer.net> References: <80A7A8478B024BDAB8907A79E762B137@geoffPC> <20090326143805.GA30182@maple.vaxer.net> Message-ID: Hello all, I'm ready to help on the EN documentation. I don't know who will coordinate this process but if one of you has taken charge of this set of updates, that is fine with me. I still consider myself a newcomer and with that I am more than willing to take direction from someone more involved with the project. At any rate, I await marching orders. I can proof, create and edit copy, just point me in the right direction. Jon Bebeau Tampa Florida USA -----Original Message----- From: openvas-devel-bounces at wald.intevation.org [mailto:openvas-devel-bounces at wald.intevation.org] On Behalf Of HObbES Sent: Thursday, March 26, 2009 10:38 AM To: Geoff Galitz Cc: openvas-devel at wald.intevation.org Subject: Re: [Openvas-devel] EN doc copyediting Hi Geoff, The introduction needs to be written, and I probably won't be able to get to it soon, so if you want to start with that feel free. :) We should probably get our efforts coordinated as there are three of us willing to do doc work, and it would be nice if we can each focus on these. Other than the compendium, are there any other English docs? -Anne This one time, Geoff Galitz wrote: > > > Hi Jon and Anne. > > I'd be happy to start copyediting/proofing this week. Let me know which > sections are currently available. > > > --------------------------------- > Geoff Galitz > Blankenheim NRW, Germany > http://www.galitz.org/ > http://german-way.com/blog/ > > > > _______________________________________________ > Openvas-devel mailing list > Openvas-devel at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-devel -- It is proverbial that from (\`--/') _ _______ .-r-. a hungry tiger and an >.~.\ `` ` `,`,`. ,'_'~`. affectionate woman there is (v_," ; `,-\ ; : ; \/,-~) \ no escape. -Ernest Bramah `--'_..),-/ ' ' '_.>-' )`.`.__.') hobbes at vaxer dot net ((,((,__..'~~~~~~((,__..' `-..-'fL _______________________________________________ Openvas-devel mailing list Openvas-devel at wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel From jan-oliver.wagner at intevation.de Thu Mar 26 17:36:29 2009 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Thu, 26 Mar 2009 17:36:29 +0100 Subject: [Openvas-devel] Planning openvas-client 2.0.3 Message-ID: <200903261736.31171.jan-oliver.wagner@intevation.de> Hello, the new Severity Override Feature is now ready within the OpenVAS-Client Report Browser. It is a oftern requested feature, e.g. to mark false positives, and easily apply this again to the subsequent scans. We like to get it to a broader user base and and hope for some feedback before we integrate the severity overrides into the report exports. Translations: A couple of languages is out of sync. Please drop a note if you like to help out here and we can guide you how to update translations. GTK+: Seems it is generally accepted to go from GTK+ 2.4 to GTK+ 2.6. Any known show stoppers or other upcoming feature that should be in the new release? Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335083-0 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jan-oliver.wagner at intevation.de Thu Mar 26 21:24:05 2009 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Thu, 26 Mar 2009 21:24:05 +0100 Subject: [Openvas-devel] Planning openvas-plugins 1.0.6 release Message-ID: <200903262124.05936.jan-oliver.wagner@intevation.de> Hello, as we approach the number of 10.000 NVTs, it seems like a good time to have a new release of the the module. In fact it is not really necessary because the new NVTs are available from the OpenVAS NVT feed every day. However, a couple of C-Plugins have been removed, which is good. Any last wishes or proposals before the release? Together with this release I'd like to discontinue support for openvas-plugin <= 1.0.2. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From michael.wiegand at intevation.de Fri Mar 27 08:32:29 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Fri, 27 Mar 2009 08:32:29 +0100 Subject: [Openvas-devel] EN doc copyediting In-Reply-To: References: <80A7A8478B024BDAB8907A79E762B137@geoffPC> <20090326143805.GA30182@maple.vaxer.net> Message-ID: <20090327073229.GA16535@intevation.de> > Other than the compendium, are there any other English docs? Another (probably worthwhile) area would be the messages displayed by OpenVAS-Client. They could certainly use some improvements in both grammar and style. Since we are preparing a new OpenVAS-Client release right now, feedback in this area is very important to us. Just open OpenVAS-Client, use it and look around a little. If you find something that is difficult to understand for the average user, spelled wrong or just ugly please do let us know. Regards, Michael -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 206 bytes Desc: not available Url : http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20090327/efdac97e/attachment.pgp From openvas-bugs at wald.intevation.org Fri Mar 27 10:22:50 2009 From: openvas-bugs at wald.intevation.org (openvas-bugs@wald.intevation.org) Date: Fri, 27 Mar 2009 10:22:50 +0100 (CET) Subject: [Openvas-devel] =?utf-8?q?=5Bopenvas-Bugs=5D=5B928=5D_OpenVAS-ser?= =?utf-8?q?ver_does_not_update_or_ignores_cache_when_NVT_=28scripts?= =?utf-8?q?=29_changed?= Message-ID: <20090327092250.B8BE6407F0@pyrosoma.intevation.org> Bugs item #928, was opened at 2009-03-27 09:22 Status: Open Priority: 3 Submitted By: Felix Wolfsteller (felix) Assigned to: Nobody (None) Summary: OpenVAS-server does not update or ignores cache when NVT (scripts) changed Resolution: None Severity: normal Version: v2.0.2 Component: openvas-server Operating System: Linux Product: OpenVAS Hardware: All URL: Initial Comment: When a NVT changed, the server is stopped and restarted, these changes in the script are not reflected. I remember a different behaviour from previous versions, but not sure about that. Reproduce: ---------- Start server. Stop server. Change e.g. description string of a nvt (.nasl script). Start server. So long I verified only with inspection via client, but got hints that indeed the cache file (.desc) is not updated. ---------------------------------------------------------------------- You can respond by visiting: http://wald.intevation.org/tracker/?func=detail&atid=220&aid=928&group_id=29 From jan-oliver.wagner at intevation.de Fri Mar 27 14:41:49 2009 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Fri, 27 Mar 2009 14:41:49 +0100 Subject: [Openvas-devel] Greenbone: OpenVAS for enterprises Message-ID: <200903271441.52104.jan-oliver.wagner@intevation.de> Dear OpenVAS developers, I'd like to provide a short notice about the progress of the company Greenbone Networks GmbH which is offering professional services based on OpenVAS. Our product "Greenbone Security Feed" is now available to pilot customers and partners. We are currently assembling a partner network and collecting a couple of interesting ideas. Needless to say that Greenbone's business model is completely in line with Free Software. Thus our developments etc. are contributed to the OpenVAS community. For more information see http://www.greenbone.net All the best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335083-0 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From geoff at galitz.org Sun Mar 29 18:52:26 2009 From: geoff at galitz.org (Geoff Galitz) Date: Sun, 29 Mar 2009 18:52:26 +0200 Subject: [Openvas-devel] EN doc copyediting In-Reply-To: <20090326143805.GA30182@maple.vaxer.net> References: <80A7A8478B024BDAB8907A79E762B137@geoffPC> <20090326143805.GA30182@maple.vaxer.net> Message-ID: <12A4E91173AC4E7B9D94AFC9EE1941A1@geoffPC> Were you envisioning writing a whole new introduction, or editing the current introduction for content and proofing? -geoff --------------------------------- Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ -----Original Message----- From: HObbES [mailto:hobbes at vaxer.net] Sent: Donnerstag, 26. M?rz 2009 15:38 To: Geoff Galitz Cc: openvas-devel at wald.intevation.org Subject: Re: [Openvas-devel] EN doc copyediting Hi Geoff, The introduction needs to be written, and I probably won't be able to get to it soon, so if you want to start with that feel free. :) We should probably get our efforts coordinated as there are three of us willing to do doc work, and it would be nice if we can each focus on these. Other than the compendium, are there any other English docs? -Anne From michael.wiegand at intevation.de Mon Mar 30 08:29:34 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Mon, 30 Mar 2009 08:29:34 +0200 Subject: [Openvas-devel] [Openvas-commits] r2941 - in trunk/openvas-manager: . src/tests In-Reply-To: <20090328131242.22DA8407F5@pyrosoma.intevation.org> References: <20090328131242.22DA8407F5@pyrosoma.intevation.org> Message-ID: <20090330062934.GB25646@intevation.de> * scm-commit at wald.intevation.org [28. Mar 2009]: > Author: mattm > Date: 2009-03-28 14:12:41 +0100 (Sat, 28 Mar 2009) > New Revision: 2941 > > + char* user = getenv ("OPENVAS_TEST_USER"); /* RATS: ignore */ If you are adding RATS: ignore tags it is generally a good idea to provide some sort of explanation as to why this RATS hit should be ignored. The circumstances might be obvious to you and me, but somebody else looking into the code might wonder why we ignore RATS here. A one-line comment could save newcomers some head-scratching. ;) I know there are some unexplained RATS: ignore tags in the code, even a few I am to blame for. But new tags, as a rule, should always include an explanation. Regards, Michael -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available Url : http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20090330/d3d49757/attachment.pgp From michael.wiegand at intevation.de Mon Mar 30 08:35:39 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Mon, 30 Mar 2009 08:35:39 +0200 Subject: [Openvas-devel] EN doc copyediting In-Reply-To: References: <20090327073229.GA16535@intevation.de> Message-ID: <20090330063539.GC25646@intevation.de> * Jon Bebeau [28. Mar 2009]: > Hello Michael, > > I will be happy to review the Client for language / grammar. Is there > a version you would like me to review, perhaps 2.0.2 or is there a > more current version? Thank you for your offer! OpenVAS-Client 2.0.2 is the current release, this would be a good version to review. We added a few new strings after the 2.0.2 release, but the overwhelming majority has not changed. Could you make sure to send your mails to openvas-devel as well in the future? That way, they wont run the risk of getting buried in my inbox and other translators/developers will know which area you're currently working on. Looking forward to your review, Michael -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available Url : http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20090330/b13c55bd/attachment.pgp From openvas at markwallis.id.au Mon Mar 30 09:04:14 2009 From: openvas at markwallis.id.au (Mark Wallis) Date: Mon, 30 Mar 2009 18:04:14 +1100 Subject: [Openvas-devel] Planning openvas-client 2.0.3 In-Reply-To: <200903261736.31171.jan-oliver.wagner@intevation.de> References: <200903261736.31171.jan-oliver.wagner@intevation.de> Message-ID: Hi Jan, On 27/03/2009, at 3:36 AM, Jan-Oliver Wagner wrote: > the new Severity Override Feature is now ready within the > OpenVAS-Client Report Browser. > > We like to get it to a broader user base and and hope for some > feedback before we integrate the severity overrides into the report > exports. Is there any documentation available (even just at a high level) on the way to use this feature ? I had a little bit of a play today and to me it wasn't 100% obvious. Things like, how do you view false positives after marking them as such, etc. Abit of an overview may help drive user feedback. Thanks, Mark. From felix.wolfsteller at intevation.de Mon Mar 30 09:15:22 2009 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Mon, 30 Mar 2009 09:15:22 +0200 Subject: [Openvas-devel] Planning openvas-client 2.0.3 In-Reply-To: References: <200903261736.31171.jan-oliver.wagner@intevation.de> Message-ID: <200903300915.22393.felix.wolfsteller@intevation.de> Hi Mark > Is there any documentation available (even just at a high level) on > the way to use this feature ? I had a little bit of a play today and > to me it wasn't 100% obvious. Things like, how do you view false > positives after marking them as such, etc. Indeed there is not. It will be covered in the Compendium soon, though. I quickly outline the workflow (you need to use the GUI): * Scan. * Scan again (allows you later to see differences easier). * Select the report. * In the report-tree-view (on the right side in the GUI...), right click on an issue to add a "severity override". * Edit the severity and supply a reason. * In the Report-Menu, click on "Override Severities". Now, the table and the report-tree-view should be updated with the new numbers. Some icons and the textual information about an issue (GUI, very right) should inform that you changed the severity. thanks for feedback -- felix On Monday 30 March 2009 09:04:14 Mark Wallis wrote: > Hi Jan, > > On 27/03/2009, at 3:36 AM, Jan-Oliver Wagner wrote: > > the new Severity Override Feature is now ready within the > > OpenVAS-Client Report Browser. > > > > We like to get it to a broader user base and and hope for some > > feedback before we integrate the severity overrides into the report > > exports. > > Is there any documentation available (even just at a high level) on > the way to use this feature ? I had a little bit of a play today and > to me it wasn't 100% obvious. Things like, how do you view false > positives after marking them as such, etc. > > Abit of an overview may help drive user feedback. > > Thanks, > Mark. > _______________________________________________ > Openvas-devel mailing list > Openvas-devel at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-devel -- Felix Wolfsteller | ++49-541-335 08 3451 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From openvas at markwallis.id.au Mon Mar 30 09:19:28 2009 From: openvas at markwallis.id.au (Mark Wallis) Date: Mon, 30 Mar 2009 18:19:28 +1100 Subject: [Openvas-devel] Planning openvas-client 2.0.3 In-Reply-To: <200903300915.22393.felix.wolfsteller@intevation.de> References: <200903261736.31171.jan-oliver.wagner@intevation.de> <200903300915.22393.felix.wolfsteller@intevation.de> Message-ID: On 30/03/2009, at 6:15 PM, Felix Wolfsteller wrote: > I quickly outline the workflow (you need to use the GUI): Thanks Felix, thats very helpful. I'll have another play tomorrow. Regards, Mark. From felix.wolfsteller at intevation.de Tue Mar 31 10:07:55 2009 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Tue, 31 Mar 2009 10:07:55 +0200 Subject: [Openvas-devel] [openvas-libraries] Testing needed: Disabled check for non-printable chars in msgs. Message-ID: <200903311007.55184.felix.wolfsteller@intevation.de> Hi With revision 2958 I disabled replacement of 'non-printable' chars in the text associated with security (log,debug,note,warning,hole) messages. As N/OTP lacked mentioning a standard for encoding and/or escaping, prior to this change it was not possible to send messages that contained e.g. 'special' french accentuated characters or german Umlauts within security messages. (this issue will be resolved with -> OMP http://openvas.org/openvas-cr-28.html). It is unclear why this string- filtering took place (at other channels - e.g. when the plugin-list is sent - it does not). I thus would kindly ask you to test whether still all issues are reported and everything behaves as wished or if other objections exist. Thank you -- felix -- Felix Wolfsteller | ++49-541-335 08 3451 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From matt at mundell.ukfsn.org Tue Mar 31 14:03:36 2009 From: matt at mundell.ukfsn.org (Matthew Mundell) Date: 31 Mar 2009 12:02:36 -0001 Subject: [Openvas-devel] [Openvas-commits] r2941 - in trunk/openvas-manager: . src/tests In-Reply-To: Message of Mon, 30 Mar 2009 08:29:34 +0200. <20090330062934.GB25646@intevation.de> Message-ID: <20090331120300.587E4DEBC7@mail.ukfsn.org> > I know there are some unexplained RATS: ignore tags in the code, even a > few I am to blame for. But new tags, as a rule, should always include an > explanation. Thanks for the nudge. I've removed the annotations from that example and explained the others. I'd appreciate opinions on the Splint annotations too, if anyone has any. From hobbes at vaxer.net Tue Mar 31 17:37:17 2009 From: hobbes at vaxer.net (HObbES) Date: Tue, 31 Mar 2009 08:37:17 -0700 Subject: [Openvas-devel] EN doc copyediting In-Reply-To: <12A4E91173AC4E7B9D94AFC9EE1941A1@geoffPC> References: <80A7A8478B024BDAB8907A79E762B137@geoffPC> <20090326143805.GA30182@maple.vaxer.net> <12A4E91173AC4E7B9D94AFC9EE1941A1@geoffPC> Message-ID: <20090331153717.GA21422@maple.vaxer.net> Have you looked through the compendium? There is an introduction section with nothing to it at all :) -Anne This one time, Geoff Galitz wrote: > > > > Were you envisioning writing a whole new introduction, or editing the > current introduction for content and proofing? > > -geoff > > > > > --------------------------------- > Geoff Galitz > Blankenheim NRW, Germany > http://www.galitz.org/ > http://german-way.com/blog/ > > -----Original Message----- > From: HObbES [mailto:hobbes at vaxer.net] > Sent: Donnerstag, 26. M?rz 2009 15:38 > To: Geoff Galitz > Cc: openvas-devel at wald.intevation.org > Subject: Re: [Openvas-devel] EN doc copyediting > > Hi Geoff, > > The introduction needs to be written, and I probably won't be able to get to > it soon, so if you want to start with that feel free. :) > > We should probably get our efforts coordinated as there are three of us > willing to do doc work, and it would be nice if we can each focus on these. > > Other than the compendium, are there any other English docs? > > -Anne > > -- It is proverbial that from (\`--/') _ _______ .-r-. a hungry tiger and an >.~.\ `` ` `,`,`. ,'_'~`. affectionate woman there is (v_," ; `,-\ ; : ; \/,-~) \ no escape. -Ernest Bramah `--'_..),-/ ' ' '_.>-' )`.`.__.') hobbes at vaxer dot net ((,((,__..'~~~~~~((,__..' `-..-'fL From timb at nth-dimension.org.uk Tue Mar 31 23:00:03 2009 From: timb at nth-dimension.org.uk (Tim Brown) Date: Tue, 31 Mar 2009 22:00:03 +0100 Subject: [Openvas-devel] SMB authentication problems... Message-ID: <200903312200.04382.timb@nth-dimension.org.uk> All, Attached is a patch which essentially provides a forward port of Nessus's old LM/NTLM et al routines for SMB (with some minor changes to use GNU TLS where possible). These were taken from a Nessus 2.0.9 tar ball I had to hand. They seem broken but if we merge this patch at least we'll have a starting point to fix whatever bugs may exist. I'll take a further look when I get a chance but in the meantime if anyone wants to have a play, feel free. Cheers, Tim -- Tim Brown -------------- next part -------------- A non-text attachment was scrubbed... Name: patch Type: text/x-diff Size: 26500 bytes Desc: not available Url : http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20090331/c3f464b7/patch-0001.bin From timb at nth-dimension.org.uk Tue Mar 31 23:23:45 2009 From: timb at nth-dimension.org.uk (Tim Brown) Date: Tue, 31 Mar 2009 22:23:45 +0100 Subject: [Openvas-devel] SMB authentication problems... In-Reply-To: <200903312200.04382.timb@nth-dimension.org.uk> References: <200903312200.04382.timb@nth-dimension.org.uk> Message-ID: <200903312223.46436.timb@nth-dimension.org.uk> On Tuesday 31 March 2009 22:00:03 Tim Brown wrote: > Attached is a patch which essentially provides a forward port of Nessus's > old LM/NTLM et al routines for SMB (with some minor changes to use GNU TLS > where possible). These were taken from a Nessus 2.0.9 tar ball I had to > hand. They seem broken but if we merge this patch at least we'll have a > starting point to fix whatever bugs may exist. I'll take a further look > when I get a chance but in the meantime if anyone wants to have a play, > feel free. The reason this is needed is essentially: 2.2.3 "changes by Nicolas Pouvesle : - Replaced the functions in libnasl/nasl/smb_crypt.* by crypt_func.nasl" crypt_func.nasl does appear to be available, but that and the smb_nt.inc files which use it seem a little dubiously licensed. Cheers, Tim -- Tim Brown