Hi micha,
thanks a lot,
you're patch is ok :
i test on cacti env. where docs/CHANGELOG is available and i got :
Cacti Version '0.8.7h' was detected on the remote host
and when file not available : Cacti Version 'unknown' was detected
on the remote host
we will have to look digger to check plugins using this function, and
check if they expect result with a 404 code.
But I will still proposed you a patch for the cacti plugin,
from my point of vue, the cpe build was wrong
for version 0.8.7h -> cpe:/a:cacti:cacti:0.8.7h:h was built when
suitable should be : cpe:/a:cacti:cacti:0.8.7h
according cve definition and cpe list found here :
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-5223
--- cacti_detect.nasl 2013-07-31 18:18:39.789108945 +0200
+++ cacti_detect.nasl.new 2013-07-31 18:17:55.289198034 +0200
@@ -121,7 +121,7 @@
set_kb_item(name: string("www/", port, "/cacti"), value:
tmp_version);
## build cpe and store it as host_detail
- cpe = build_cpe(value:tmp_version, exp:"^([0-9.]+([a-z0-9]+)?)",
base:"cpe:/a:cacti:cacti:");
+ cpe = build_cpe(value:tmp_version, exp:"^([0-9.]+[a-z]{0,1})",
base:"cpe:/a:cacti:cacti:");
if(!isnull(cpe))
register_host_detail(name:"App", value:cpe, nvt:SCRIPT_OID,
desc:SCRIPT_DESC);
@@ -129,10 +129,9 @@
info += string(vers);
info += string("' was detected on the remote host\n");
- desc = desc + info;
if(report_verbosity > 0) {
- security_note(port:port,data:string(desc));
+ security_note(port:port,data:string(info));
exit(0);
}
}
i also reduce the output to only send info.
have fun during vacation.
There is a problem with your patch when docs/CHANGELOG is
available (The pattern for the version check will match the "1.1" in
"HTTP/1.1").
I would suggest the following patch to http_keepalive.inc:
---
/home/mime/openvas/svn/trunk/openvas-plugins/scripts/http_keepalive.inc
2013-03-19 13:22:48.997573760 +0100
+++ /var/lib/openvas/plugins/http_keepalive.inc 2013-07-31
16:34:00.243223815 +0200
@@ -293,7 +293,7 @@
}
headers = http_recv_headers2(socket:__ka_socket);
}
-
+ if(!fetch404 && ereg(pattern:"^HTTP/.* 404", string:headers))
return;
return http_keepalive_recv_body(headers: headers,
bodyonly:bodyonly);
}
Could you test this patch? I'm still on vacation until next Monday
and have
no time for deeper testing at the moment.
Thanks for your reports and your patch!
Micha
--
"Le saviez-vous ? la technologie d'ITrust va sécuriser le cloud
français"
| Sébastien AUCOUTURIER | Responsable R&D
| ITrust | 55 L'Occitane 31670 LABEGE
| Email: [email protected]
| Fixe Sdt. 05.67.34.67.80
| IT Security Services & SaaS Editor
_______________________________________________
Openvas-plugins mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
