[Openvas-discuss] Scanning a hostname with more then three dots

rm4dillo D rm4dillo at gmail.com
Thu Jun 21 12:59:44 CEST 2012


Well, after fixing this bug, I encountered a second issue ; the
scanner overwrites my target's hostname by performing a reverse lookup
on it's IP address ( "www.target.com" == lookup ==> "123.123.123.123"
== reverse lookup ==>  "virtual.hosting.com").

I was able to fix this by applying the following patch :

--- hosts_gatherer.c	(revision 13635)
+++ hosts_gatherer.c	(working copy)
@@ -192,7 +192,7 @@
           }
         else
           {
-            if (host->hostname && (!hg_valid_ip_addr (host->hostname)))
+            if (host->hostname)
               {
                 strncpy (hostname, host->hostname, sz - 1);
               }

as I don't thing that "hostname" has to be a valid IP address.

The only comment I could found about this code was the following
commit message "First set of changes to openvas-libraries towards IPv6
support."

Rm4dillo

On Thu, Jun 21, 2012 at 11:41 AM, rm4dillo D <rm4dillo at gmail.com> wrote:
> Great ! Thank you !
>
> On Tue, Jun 19, 2012 at 5:42 PM, Matthew Mundell
> <matthew.mundell at greenbone.net> wrote:
>>> I've been trying to create a target using the following hostname
>>> "a.b.c.example.com" (4 dots) but it didn't work while
>>> "b.c.example.com" (3 dots)  works. This seems to be due to the
>>> following check which is mistakenly applied even if the host is
>>> alphanumeric. I think it should be moved somewhere deeper in
>>> "validate_host".
>>>
>>>     openvas-manager-3.0.1-modified/src/manage_sql.c (validate_host):
>>>
>>>         21448 : if (g_strv_length (split) > 4)
>>>         21449 :  return 1;
>>
>> Thanks.  That was solved in trunk r13492 on 2012-05-24.  I've now
>> backported to the openvas-manager-3.0 branch (r13621) so it should appear
>> in the next stable release.
>>
>> --
>> Greenbone Networks GmbH
>> Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460
>> Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner



More information about the Openvas-discuss mailing list