[Openvas-devel] [openvas-Bugs][6336] Linking of Several CVE References

Fri May 18 11:43:54 CEST 2012

Bugs item #6336, was opened at 2012-05-18 11:43 by Joerg Gerschuetz
You can respond by visiting: 
https://wald.intevation.org/tracker/?func=detail&atid=220&aid=6336&group_id=29

Status: Open
Priority: 3
Submitted By: Joerg Gerschuetz (sniffermaster)
Assigned to: Nobody (None)
Summary: Linking of Several CVE References 
Architecture: 64 Bit
Product: OpenVAS
Operating System: Linux
Component: gsa
Version: v3.0.1
Severity: minor
Resolution: None
Hardware: None
URL: 

Initial Comment:
When there are several CVE references in a scan report only the first CVE is linked correctly, e.g.:

High (CVSS: 10.0) 
NVT: Default community names of the SNMP Agent (OID: 1.3.6.1.4.1.25623.1.0.10264) 
SNMP Agent responded as expected with community name: public
References
CVE: CVE-1999-0517, CVE-1999-0186, CVE-1999-0254, CVE-1999-0516  
BID: 11237, 10576, 177, 2112, 6825, 7081, 7212, 7317, 9681, 986 
Other: 
 IAVA:2001-B-0001 

The first one is linked correctly as:
http://192.168.10.201/omp?cmd=get_info&info_type=cve&info_name=CVE-1999-0517&token=6f1b3041-ef41-473c-b14c-c0d0048532c9

The second and the following are linked with:
http://192.168.10.201/omp?cmd=get_info&info_type=cve&info_name=%20CVE-1999-0186&token=6f1b3041-ef41-473c-b14c-c0d0048532c9
These links are invalid and result in an error:
Unknown vulnerability
Failed to find name ' CVE-1999-0186'

The correct link would be 
"&info_name=CVE-1999-0186"
without "%20" before CVE

Using
http://192.168.10.201/omp?cmd=get_info&info_type=cve&info_name=CVE-1999-0186&token=6f1b3041-ef41-473c-b14c-c0d0048532c9
display the desired CVE information!

Most probably the %20 comes from the listing of the CVEs, where the SPACE after the comma is included in constructing the link.

----------------------------------------------------------------------

You can respond by visiting: 
https://wald.intevation.org/tracker/?func=detail&atid=220&aid=6336&group_id=29