Hi,

I think I may have stumbled over a false positive today. gb_apache_etag_6939.nasl checks Apache responses for the ETag header and it seems to try to split() the whole header and not just the Value of the ETag (which then leads to the array being bigger than intended and triggering max_index()). Not sure if this is the best way to solve the problem (since I've never played around with .nasl files before), but seems to work with the servers I tested it against here.

regards,
Ryan Schulze

# diff -u gb_apache_etag_6939.nasl.orig gb_apache_etag_6939.nasl
--- gb_apache_etag_6939.nasl.orig    2012-05-01 01:10:55.606397458 +0200
+++ gb_apache_etag_6939.nasl    2012-05-01 01:11:11.340146980 +0200
@@ -90,7 +90,7 @@
 etag = eregmatch(pattern:'ETag: "([^"]+)"', string:banner);
 if(isnull(etag[1]))exit(0);

-etag = split(etag, sep:"-",keep:FALSE);
+etag = split(etag[1], sep:"-",keep:FALSE);
 if((max_index(etag)<3))exit(0);

 inode = string("0x",etag[0]);

_______________________________________________
Openvas-discuss mailing list
[email protected]
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Reply via email to