Author: jan
Date: 2007-07-28 23:57:42 +0200 (Sat, 28 Jul 2007)
New Revision: 333
Removed:
trunk/openvas-plugins/licenses/
trunk/openvas-plugins/scripts/bind_stub_res.nasl
trunk/openvas-plugins/scripts/iplanet_data_snag.nasl
trunk/openvas-plugins/scripts/kazaa_network.nasl
trunk/openvas-plugins/scripts/opendchub.nasl
trunk/openvas-plugins/scripts/overnet.nasl
trunk/openvas-plugins/scripts/winmx_detect2.nasl
Modified:
trunk/openvas-plugins/ChangeLog
trunk/openvas-plugins/MANIFEST
Log:
* MANIFEST: updated.
* scripts/bind_stub_res.nasl, scripts/iplanet_data_snag.nasl,
scripts/kazaa_network.nasl, scripts/opendchub.nasl,
scripts/overnet.nasl, scripts/winmx_detect2.nasl:
Temporarily removed because confirmation that they
are indeed under GPL is still open.
* licenses/Tenable_License.txt, licenses/README.txt,
licenses/: Removed because nothing applies to this license
anymore.
Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog 2007-07-28 21:35:47 UTC (rev 332)
+++ trunk/openvas-plugins/ChangeLog 2007-07-28 21:57:42 UTC (rev 333)
@@ -4,6 +4,22 @@
2007-07-28 Jan-Oliver Wagner <[EMAIL PROTECTED]>
+ * scripts/bind_stub_res.nasl, scripts/iplanet_data_snag.nasl,
+ scripts/kazaa_network.nasl, scripts/opendchub.nasl,
+ scripts/overnet.nasl, scripts/winmx_detect2.nasl:
+ Temporarily removed because confirmation that they
+ are indeed under GPL is still open.
+
+ * licenses/Tenable_License.txt, licenses/README.txt,
+ licenses/: Removed because nothing applies to this license
+ anymore.
+
+2007-07-28 Jan-Oliver Wagner <[EMAIL PROTECTED]>
+
+ * MANIFEST: updated.
+
+2007-07-28 Jan-Oliver Wagner <[EMAIL PROTECTED]>
+
Doing the 0.9.0 release.
* VERSION: Set to 0.9.0.
Modified: trunk/openvas-plugins/MANIFEST
===================================================================
--- trunk/openvas-plugins/MANIFEST 2007-07-28 21:35:47 UTC (rev 332)
+++ trunk/openvas-plugins/MANIFEST 2007-07-28 21:57:42 UTC (rev 333)
@@ -16,8 +16,6 @@
INSTALL
install-sh
libtool
-licenses/README.txt
-licenses/Tenable_License.txt
Makefile
MANIFEST
openvas.tmpl.in
Deleted: trunk/openvas-plugins/scripts/bind_stub_res.nasl
===================================================================
--- trunk/openvas-plugins/scripts/bind_stub_res.nasl 2007-07-28 21:35:47 UTC
(rev 332)
+++ trunk/openvas-plugins/scripts/bind_stub_res.nasl 2007-07-28 21:57:42 UTC
(rev 333)
@@ -1,50 +0,0 @@
-#
-# (C) Tenable Network Security
-#
-
-
-if(description)
-{
- script_id(11857);
- script_bugtraq_id(6186);
- script_version("$Revision$");
- script_cve_id("CVE-2002-0029");
- if(defined_func("script_xref"))script_xref(name:"IAVA", value:"2002-A-0012");
-
- name["english"] = "BIND Buffer overflows in the DNS stub resolver library ";
- script_name(english:name["english"]);
-
- desc["english"] = "
-The remote BIND 4.x server, according to its version number, is vulnerable to
a
-buffer overflow in the DNS stub resolver library.
-
-Solution : upgrade to latest or patched version of BIND
-Risk factor : High";
-
-
-
- script_description(english:desc["english"]);
-
- summary["english"] = "Checks that BIND is not version 4.9.2 through 4.9.10";
- script_summary(english:summary["english"]);
-
- script_category(ACT_GATHER_INFO);
-
-
- script_copyright(english:"This script is Copyright (C) Tenable Security",
- francais:"Ce script est Copyright (C) Tenable Security");
- family["english"] = "Gain root remotely";
- family["francais"] = "Passer root � distance";
- script_family(english:family["english"], francais:family["francais"]);
-
- script_dependencie("bind_version.nasl");
- script_require_keys("bind/version");
- exit(0);
-}
-
-vers = get_kb_item("bind/version");
-if(!vers)exit(0);
-if (vers =~ "^4\.9\.[2-9]") security_hole(53);
-if (vers =~ "^4\.9\.10") security_hole(53);
-
-
Deleted: trunk/openvas-plugins/scripts/iplanet_data_snag.nasl
===================================================================
--- trunk/openvas-plugins/scripts/iplanet_data_snag.nasl 2007-07-28
21:35:47 UTC (rev 332)
+++ trunk/openvas-plugins/scripts/iplanet_data_snag.nasl 2007-07-28
21:57:42 UTC (rev 333)
@@ -1,61 +0,0 @@
-#
-# (C) Tenable Network Security
-#
-
-if (description) {
- script_id(11856);
- if(defined_func("script_xref"))script_xref(name:"IAVA", value:"2001-a-0007");
- script_bugtraq_id(6826);
- script_version("$Revision$");
- script_cve_id("CVE-2001-0327");
- if(defined_func("script_xref"))script_xref(name:"IAVA", value:"2002-A-0012");
-
-
- name["english"] = "iPlanet unauthorized sensitive data retrieval";
-
- script_name(english:name["english"]);
-
- desc["english"] = "
-The remote iPlanet webserver (according to it's version number) is vulnerable
-to a bug wherein a remote user can retrieve sensitive data from memory
-allocation pools, or cause a denial of service against the server.
-
-*** Since OpenVAS solely relied on the banner of this server,
-*** (and iPlanet 4 does not include the SP level in the banner),
-*** to issue this alert, this may be a false positive.
-
-Solution : Update to iPlanet 4.1 SP7 or newer
-
-More information :
http://www.atstake.com/research/advisories/2001/a041601-1.txt
-
-Risk factor : High";
-
-
-
- script_description(english:desc["english"]);
-
- summary["english"] = "Check for vulnerable version of iPlanet Webserver";
- script_summary(english:summary["english"]);
-
- script_category(ACT_GATHER_INFO);
-
-
- script_copyright(english:"This script is Copyright (C) Tenable Security");
- family["english"] = "Gain root remotely";
- script_family(english:family["english"]);
- script_dependencie("find_service.nes", "http_version.nasl");
- script_require_keys("www/iplanet");
- script_require_ports("Services/www", 80);
- exit(0);
-}
-
-include("http_func.inc");
-
-
-
-port = get_http_port(default:80);
-
-mybanner = get_http_banner(port:port);
-if(!mybanner)exit(0);
-
-if(egrep(pattern:"^Server: *Netscape-Enterprise/(4\.[01][^0-9])",
string:mybanner))security_hole(port);
Deleted: trunk/openvas-plugins/scripts/kazaa_network.nasl
===================================================================
--- trunk/openvas-plugins/scripts/kazaa_network.nasl 2007-07-28 21:35:47 UTC
(rev 332)
+++ trunk/openvas-plugins/scripts/kazaa_network.nasl 2007-07-28 21:57:42 UTC
(rev 333)
@@ -1,52 +0,0 @@
-#
-# (C) Tenable Network Security
-#
-# there is already a nice Kazaa check by Nessus...however, it relies on
registry read access...this check
-# works even without registry access...
-
-if(description)
-{
- script_id(11844);
- script_bugtraq_id(7680);
- script_version("$Revision$");
- name["english"] = "Kazaa P2P check";
- script_name(english:name["english"]);
- script_cve_id("CVE-2003-0397");
- desc["english"] = "
-The remote server seems to be a Kazaa Peer-to-Peer client,
-which may not be suitable for a business environment.
-
-In addition, there is rumoured to be a remote exploit against Kazaa clients up
to 2.0.2. While this has not been confirmed, the reporting sources are
credible.
-
-Solution : Uninstall this software
-Risk factor : Low";
-
-
- script_description(english:desc["english"]);
-
- summary["english"] = "Determines if the remote system is running Kazaa";
- script_summary(english:summary["english"]);
-
- script_category(ACT_GATHER_INFO);
-
- script_copyright(english:"This script is Copyright (C) 2003 Tenable
Security");
- family["english"] = "Peer-To-Peer File Sharing";
- script_family(english:family["english"]);
-
- exit(0);
-}
-
-
-
-
-port = 6699;
-if(!get_udp_port_state(port))exit(0);
-req = raw_string(0x27,0x00,0x00,0x00,0xA9,0x80,0x4B,0x61,0x5A,0x61,0x41,0x00);
-soc = open_sock_udp(port);
-send(socket:soc, data:req);
-r = recv(socket:soc, length:256);
-if (strlen(r) == 21) security_warning(port);
-exit(0);
-
-
-
Deleted: trunk/openvas-plugins/scripts/opendchub.nasl
===================================================================
--- trunk/openvas-plugins/scripts/opendchub.nasl 2007-07-28 21:35:47 UTC
(rev 332)
+++ trunk/openvas-plugins/scripts/opendchub.nasl 2007-07-28 21:57:42 UTC
(rev 333)
@@ -1,70 +0,0 @@
-#
-# (C) Tenable Network Security
-#
-
-
-if(description)
-{
- script_id(15834);
- script_cve_id("CVE-2004-1127");
- script_bugtraq_id(11747);
- script_version("$Revision$");
- name["english"] = "Open DC Hub Remote Buffer Overflow Vulnerability";
- script_name(english:name["english"]);
-
- desc["english"] = "
-The remote host is running a version of Open DC Hub, a peer-to-peer
-file sharing application, which is vulnerable to a remote buffer
-overflow. A successful exploit would allow a remote attacker to execute
-code on the remote host.
-
-It must be noted that the remote attacker needs administrative access to
-this application.
-
-Solution : None at this time.
-Risk factor : Medium";
-
-
-
- script_description(english:desc["english"]);
-
- summary["english"] = "Determines if the remote system is running Open DC Hub";
- script_summary(english:summary["english"]);
-
- script_category(ACT_GATHER_INFO);
-
- script_copyright(english:"This script is Copyright (C) 2004 Tenable
Security");
- family["english"] = "Peer-To-Peer File Sharing";
- script_family(english:family["english"]);
- script_dependencie("find_service.nes","find_service2.nasl");
- exit(0);
-}
-
-port = get_kb_item("Services/DirectConnectHub");
-if ( port )
-{
- sock = open_sock_tcp (port);
- if ( ! sock ) exit(0);
-
- data = recv (socket:sock, length:4000);
- if (egrep (pattern:"This hub is running version
0\.([0-6]\.[0-9]+|7\.([0-9][^0-9]|1[0-4])) of Open DC Hub", string:data))
- {
- security_warning(port);
- exit(0);
- }
-}
-else
-{
- port = get_kb_item("Services/opendchub");
- if ( !port ) exit(0);
-
- sock = open_sock_tcp (port);
- if ( ! sock ) exit(0);
-
- data = recv (socket:sock, length:4000);
- if (egrep (pattern:"Open DC Hub, version
0\.([0-6]\.[0-9]+|7\.([0-9][^0-9]|1[0-4])), administrators port", string:data))
- {
- security_warning(port);
- exit(0);
- }
-}
Deleted: trunk/openvas-plugins/scripts/overnet.nasl
===================================================================
--- trunk/openvas-plugins/scripts/overnet.nasl 2007-07-28 21:35:47 UTC (rev
332)
+++ trunk/openvas-plugins/scripts/overnet.nasl 2007-07-28 21:57:42 UTC (rev
333)
@@ -1,48 +0,0 @@
-#
-# (C) Tenable Network Security
-#
-
-
-if(description)
-{
- script_id(11845);
- script_version("$Revision$");
- name["english"] = "Overnet P2P check";
- script_name(english:name["english"]);
-
- desc["english"] = "
-The remote server seems to be a Overnet Peer-to-Peer client,
-which may not be suitable for a business environment.
-
-Solution : Uninstall this software
-Risk factor : Low";
-
-
-
- script_description(english:desc["english"]);
-
- summary["english"] = "Determines if the remote system is running Overnet";
- script_summary(english:summary["english"]);
-
- script_category(ACT_GATHER_INFO);
-
- script_copyright(english:"This script is Copyright (C) 2003 Tenable
Security");
- family["english"] = "Peer-To-Peer File Sharing";
- script_family(english:family["english"]);
-
- exit(0);
-}
-
-
-
-
-port = 5768;
-if(!get_udp_port_state(port))exit(0);
-req =
raw_string(0xE3,0x0C,0xAB,0xA3,0xD7,0x95,0x39,0xE5,0x8C,0x49,0xEA,0xAB,0xEB,0x4F,0xA5,0x50,0xB8,0xF4,0xDD,0x9A,0x3E,0xD0,0x89,0x1F,0x00);
-soc = open_sock_udp(port);
-send(socket:soc, data:req);
-r = recv(socket:soc, length:256);
-if (r) security_warning(port);
-exit(0);
-
-
Deleted: trunk/openvas-plugins/scripts/winmx_detect2.nasl
===================================================================
--- trunk/openvas-plugins/scripts/winmx_detect2.nasl 2007-07-28 21:35:47 UTC
(rev 332)
+++ trunk/openvas-plugins/scripts/winmx_detect2.nasl 2007-07-28 21:57:42 UTC
(rev 333)
@@ -1,48 +0,0 @@
-#
-# (C) Tenable Network Security
-#
-
-# there is already a nice WinMX check by Nessus...however, it relies on
registry read access...this check
-# works even without registry access...the anomaly is that when you connect to
a WinMX client on port 6699
-# immediatly after the handshake, the client send a PSH packet with a single
byte of data set to "1"
-
-if(description)
-{
- script_id(11847);
- script_version("$Revision$");
-# script_cve_id("CVE-MAP-NOMATCH");
- name["english"] = "WinMX P2P check";
- script_name(english:name["english"]);
-
- desc["english"] = "
-The remote server seems to be a WinMX Peer-to-Peer client,
-which may not be suitable for a business environment.
-
-Solution : Uninstall this software
-Risk factor : Low";
-
-
-
- script_description(english:desc["english"]);
-
- summary["english"] = "Determines if the remote system is running WinMX";
- script_summary(english:summary["english"]);
-
- script_category(ACT_GATHER_INFO);
-
- script_copyright(english:"This script is Copyright (C) 2003 Tenable
Security");
- family["english"] = "Peer-To-Peer File Sharing";
- script_family(english:family["english"]);
-
- exit(0);
-}
-
-
-
-
-port = 6699;
-if(!get_port_state(port))exit(0);
-soc = open_sock_tcp(port);
-r = recv(socket:soc, min:1, length:256);
-if ( strlen(r) == 1 && r == "1" ) security_warning(port);
-exit(0);
_______________________________________________
Openvas-commits mailing list
[email protected]
http://lists.wald.intevation.org/mailman/listinfo/openvas-commits
