I know it's bad style to reply to yourself, but here is a first cut of a
patch for these problems.
so long
Norbert
--
Norbert Kiesel <[EMAIL PROTECTED]>
TBD Networks
=== cd /home/nkiesel/work/nessus/nessus-plugins/scripts/
=== /usr/bin/cvs diff -uiw WebSite.nasl frontpage.nasl iis5_sample_path.nasl
owa-anonymous.nasl ows_overflow.nasl perl_cgi.nasl php_overflow.nasl sambar_cgi.nasl
Index: WebSite.nasl
===================================================================
RCS file: /usr/local/cvs/nessus-plugins/scripts/WebSite.nasl,v
retrieving revision 1.18
diff -u -u -i -w -r1.18 WebSite.nasl
--- WebSite.nasl 16 Jan 2003 10:35:06 -0000 1.18
+++ WebSite.nasl 25 Feb 2004 03:59:03 -0000
@@ -86,9 +86,9 @@
port = is_cgi_installed("x1.htm");
if(!port)
{
- is_cgi_installed(command);
- port = is_cgi_installed("x1.htm");
- if(port)security_hole(port);
+ is_cgi_installed(item:command, port:port);
+ res = is_cgi_installed(item:"x1.htm", port:port);
+ if(res)security_hole(port);
}
Index: frontpage.nasl
===================================================================
RCS file: /usr/local/cvs/nessus-plugins/scripts/frontpage.nasl,v
retrieving revision 1.28
diff -u -u -i -w -r1.28 frontpage.nasl
--- frontpage.nasl 6 Feb 2004 15:54:11 -0000 1.28
+++ frontpage.nasl 25 Feb 2004 03:59:03 -0000
@@ -99,9 +99,7 @@
flag = 1;
for (i=0; file[i]; i = i + 1) {
- port = is_cgi_installed(item:file[i], port:port);
- if(!port) flag = 0;
-
+ flag = is_cgi_installed(item:file[i], port:port);
if(get_port_state(port) && flag)
{
soc = open_sock_tcp(port);
Index: iis5_sample_path.nasl
===================================================================
RCS file: /usr/local/cvs/nessus-plugins/scripts/iis5_sample_path.nasl,v
retrieving revision 1.6
diff -u -u -i -w -r1.6 iis5_sample_path.nasl
--- iis5_sample_path.nasl 9 Jan 2004 10:07:47 -0000 1.6
+++ iis5_sample_path.nasl 25 Feb 2004 03:59:03 -0000
@@ -50,5 +50,5 @@
if ( ! get_port_state(port) ) exit(0);
-res = is_cgi_installed("/iissamples/sdk/asp/interaction/ServerVariables_Jscript.asp");
+res =
is_cgi_installed(item:"/iissamples/sdk/asp/interaction/ServerVariables_Jscript.asp",
port:port);
if(res)security_warning(port);
Index: owa-anonymous.nasl
===================================================================
RCS file: /usr/local/cvs/nessus-plugins/scripts/owa-anonymous.nasl,v
retrieving revision 1.11
diff -u -u -i -w -r1.11 owa-anonymous.nasl
--- owa-anonymous.nasl 9 Jan 2004 10:07:52 -0000 1.11
+++ owa-anonymous.nasl 25 Feb 2004 03:59:03 -0000
@@ -90,8 +90,7 @@
cgi = "/exchange/root.asp?acs=anon";
- port = is_cgi_installed(cgi);
- if(port)
+ if(is_cgi_installed(item:cgi, port:port))
{
soc = http_open_socket(port);
req = http_get(item:"/exchange/root.asp?acs=anon", port:port);
Index: ows_overflow.nasl
===================================================================
RCS file: /usr/local/cvs/nessus-plugins/scripts/ows_overflow.nasl,v
retrieving revision 1.16
diff -u -u -i -w -r1.16 ows_overflow.nasl
--- ows_overflow.nasl 17 Dec 2001 15:10:35 -0000 1.16
+++ ows_overflow.nasl 25 Feb 2004 03:59:03 -0000
@@ -72,7 +72,7 @@
if(port)
{
request = string("/ews-bin/fnord?foo=", crap(2048));
- is_cgi_installed(request);
+ is_cgi_installed(item:request, port:port);
sleep(5);
soc = open_sock_tcp(port);
if(!soc)security_hole(port);
Index: perl_cgi.nasl
===================================================================
RCS file: /usr/local/cvs/nessus-plugins/scripts/perl_cgi.nasl,v
retrieving revision 1.13
diff -u -u -i -w -r1.13 perl_cgi.nasl
--- perl_cgi.nasl 17 Dec 2001 15:10:36 -0000 1.13
+++ perl_cgi.nasl 25 Feb 2004 03:59:03 -0000
@@ -55,6 +55,7 @@
# The script code starts here
#
-port = is_cgi_installed("perl?-v");
-if(!port)port = is_cgi_installed("perl.exe?-v");
-if(port)security_hole(port);
+port = get_kb_item("Services/www");
+if (port && (is_cgi_installed(item:"perl?-v", port:port) ||
+ is_cgi_installed(item:"perl.exe?-v", port:port)))
+ security_hole(port);
Index: php_overflow.nasl
===================================================================
RCS file: /usr/local/cvs/nessus-plugins/scripts/php_overflow.nasl,v
retrieving revision 1.15
diff -u -u -i -w -r1.15 php_overflow.nasl
--- php_overflow.nasl 14 Sep 2002 19:12:22 -0000 1.15
+++ php_overflow.nasl 25 Feb 2004 03:59:03 -0000
@@ -62,7 +62,7 @@
if(port)
{
c = string("php.cgi?", crap(32000));
- p2 = is_cgi_installed(c);
+ p2 = is_cgi_installed(item:c, port:port);
if(p2 == 0)
{
security_hole(port);
Index: sambar_cgi.nasl
===================================================================
RCS file: /usr/local/cvs/nessus-plugins/scripts/sambar_cgi.nasl,v
retrieving revision 1.14
diff -u -u -i -w -r1.14 sambar_cgi.nasl
--- sambar_cgi.nasl 28 Jun 2003 17:47:25 -0000 1.14
+++ sambar_cgi.nasl 25 Feb 2004 03:59:03 -0000
@@ -67,9 +67,9 @@
#
# The script code starts here
#
-
-hello = is_cgi_installed("hello.bat");
-echo = is_cgi_installed("echo.bat");
-if(hello) security_hole(hello);
-else if(echo) security_hole(echo);
+port = get_kb_item("Services/www");
+if(!port) exit(0);
+if (is_cgi_installed(item:"hello.bat", port:port) ||
+ is_cgi_installed(item:"echo.bat", port:port))
+ security_hole(port);
=== Exit status: 1
_______________________________________________
Nessus mailing list
[EMAIL PROTECTED]
http://mail.nessus.org/mailman/listinfo/nessus
