Hello,
I'd tried to open "Web application abuses" script family configuration
in GSA Scan Config Menu("Edit Network Vulnerability Test Families").
And I got "Internal error: get_config_family:xxxx (GSA 4.0.0)"
I check gsad debug log and I found some NVT script using "&" charactor
in the script_xref( ). so I modified & to & and Internal error
resolved.
below is NVT list.
------------------------------------------------------------------------
[Script Family: CISCO]
./2013/gb_cisco_nx_os_62858.nasl
[Script Family: Denial of Service]
./gb_etherape_rpc_call_parsing_dos_vuln.nasl
[Script Family: General]
./2013/gb_junos_cve_2012_3817.nasl
./2013/gb_junos_cve_2013_6170.nasl
./secpod_mcafee_prdts_sec_bypass_vuln_lin.nasl
[Script Family: Web Servers]
./2013/gb_apache_scoreboard_sec_bypass_vuln_win.nasl
[Script Family: Web application abuses]
./2013/gb_mcafee_epolicy_orchestrator_mult_vuln01_aug13.nasl
./2013/gb_mcafee_epolicy_orchestrator_mult_vuln02_aug13.nasl
./2013/gb_mcafee_epolicy_orchestrator_sec_bypass_vuln.nasl
./gb_awstats_45210.nasl
./gb_hp_performance_insight_49096.nasl
./gb_wikihelp_41309.nasl
./gb_dell_kace_2000_backdoor.nasl
./secpod_tikiwiki_sec_bypass_vuln.nasl
./gb_wikihelp_41306.nasl
./secpod_php_address_book_mult_xss_vuln.nasl
./modperl_cve_2009_0796.nasl
========= ./2013/gb_apache_scoreboard_sec_bypass_vuln_win.nasl
==================
--- ./2013/gb_apache_scoreboard_sec_bypass_vuln_win.nasl
2013-11-21 11:36:19.639311813 +0900
+++
/var/lib/openvas/plugins/./2013/gb_apache_scoreboard_sec_bypass_vuln_win.nasl
2013-11-21 11:36:45.980180728 +0900
@@ -98,7 +98,7 @@
script_description(desc);
script_xref(name : "URL" , value : "http://www.osvdb.org/78293";);
- script_xref(name : "URL" , value :
"http://svn.apache.org/viewvc?view=revision&revision=1230065";);
+ script_xref(name : "URL" , value :
"http://svn.apache.org/viewvc?view=revision&revision=1230065";);
script_xref(name : "URL" , value :
"http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown";);
script_summary("Check for the version of Apache HTTP Server on Windows");
script_category(ACT_GATHER_INFO);
========= ./2013/gb_junos_cve_2012_3817.nasl ==================
--- ./2013/gb_junos_cve_2012_3817.nasl 2013-11-20 22:31:01.111037622 +0900
+++ /var/lib/openvas/plugins/./2013/gb_junos_cve_2012_3817.nasl
2013-11-20 22:28:00.073065413 +0900
@@ -81,7 +81,7 @@
Solution:
" + tag_solution;
- script_xref(name:"URL",
value:"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10556";);
+ script_xref(name:"URL",
value:"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10556";);
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/54658";);
script_tag(name:"risk_factor", value:"High");
========= ./2013/gb_mcafee_epolicy_orchestrator_mult_vuln01_aug13.nasl
==================
--- ./2013/gb_mcafee_epolicy_orchestrator_mult_vuln01_aug13.nasl
2013-11-21 13:56:39.205053312 +0900
+++
/var/lib/openvas/plugins/./2013/gb_mcafee_epolicy_orchestrator_mult_vuln01_aug13.nasl
2013-11-21 13:56:51.877470726 +0900
@@ -102,7 +102,7 @@
script_xref(name : "URL" , value : "http://www.osvdb.com/92801";);
script_xref(name : "URL" , value : "http://secunia.com/advisories/53196";);
script_xref(name : "URL" , value : "http://www.kb.cert.org/vuls/id/209131";);
- script_xref(name : "URL" , value :
"https://kc.mcafee.com/corporate/index?page=content&id=SB10042";);
+ script_xref(name : "URL" , value :
"https://kc.mcafee.com/corporate/index?page=content&id=SB10042";);
script_summary("Check the vulnerable versions of McAfee ePolicy
Orchestrator");
script_category(ACT_GATHER_INFO);
script_copyright("This script is Copyright (C) 2013 Greenbone
Networks GmbH");
========= ./2013/gb_cisco_nx_os_62858.nasl ==================
--- ./2013/gb_cisco_nx_os_62858.nasl 2013-11-15 01:52:08.000000000 +0900
+++ /var/lib/openvas/plugins/./2013/gb_cisco_nx_os_62858.nasl
2013-11-20 21:53:06.604006255 +0900
@@ -76,7 +76,7 @@
" + tag_solution;
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/62858";);
- script_xref(name:"URL",
value:"http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtn13055";);
+ script_xref(name:"URL",
value:"http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtn13055";);
script_tag(name:"risk_factor", value:"Medium");
script_tag(name:"last_modification", value:"$Date: 2013-10-27
11:12:02 +0100 (So, 27. Okt 2013) $");
========= ./2013/gb_mcafee_epolicy_orchestrator_mult_vuln02_aug13.nasl
==================
--- ./2013/gb_mcafee_epolicy_orchestrator_mult_vuln02_aug13.nasl
2013-11-21 14:02:29.128596313 +0900
+++
/var/lib/openvas/plugins/./2013/gb_mcafee_epolicy_orchestrator_mult_vuln02_aug13.nasl
2013-11-21 14:02:40.164960319 +0900
@@ -109,7 +109,7 @@
script_xref(name : "URL" , value : "http://www.osvdb.com/95192";);
script_xref(name : "URL" , value : "http://secunia.com/advisories/54143";);
script_xref(name : "URL" , value :
"http://www.exploit-db.com/exploits/26807";);
- script_xref(name : "URL" , value :
"https://kc.mcafee.com/corporate/index?page=content&id=KB78824";);
+ script_xref(name : "URL" , value :
"https://kc.mcafee.com/corporate/index?page=content&id=KB78824";);
script_summary("Check the vulnerable versions of McAfee ePolicy
Orchestrator");
script_category(ACT_GATHER_INFO);
script_copyright("This script is Copyright (C) 2013 Greenbone
Networks GmbH");
========= ./2013/gb_junos_cve_2013_6170.nasl ==================
--- ./2013/gb_junos_cve_2013_6170.nasl 2013-11-20 22:28:32.290128245 +0900
+++ /var/lib/openvas/plugins/./2013/gb_junos_cve_2013_6170.nasl
2013-11-20 22:28:48.530663915 +0900
@@ -79,7 +79,7 @@
Solution:
" + tag_solution;
- script_xref(name:"URL",
value:"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10548";);
+ script_xref(name:"URL",
value:"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10548";);
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/62973";);
script_xref(name:"URL", value:"http://secunia.com/advisories/55216";);
========= ./2013/gb_mcafee_epolicy_orchestrator_sec_bypass_vuln.nasl
==================
--- ./2013/gb_mcafee_epolicy_orchestrator_sec_bypass_vuln.nasl
2013-11-21 14:32:17.227581527 +0900
+++
/var/lib/openvas/plugins/./2013/gb_mcafee_epolicy_orchestrator_sec_bypass_vuln.nasl
2013-11-21 14:33:10.429336455 +0900
@@ -97,7 +97,7 @@
script_description(desc);
script_xref(name : "URL" , value : "http://www.osvdb.com/84885";);
script_xref(name : "URL" , value :
"http://cxsecurity.com/cveshow/CVE-2012-4594";);
- script_xref(name : "URL" , value :
"https://kc.mcafee.com/corporate/index?page=content&id=SB10025";);
+ script_xref(name : "URL" , value :
"https://kc.mcafee.com/corporate/index?page=content&id=SB10025";);
script_summary("Check the vulnerable versions of McAfee ePolicy
Orchestrator");
script_category(ACT_GATHER_INFO);
script_copyright("This script is Copyright (C) 2013 Greenbone
Networks GmbH");
========= ./secpod_mcafee_prdts_sec_bypass_vuln_lin.nasl ==================
--- ./secpod_mcafee_prdts_sec_bypass_vuln_lin.nasl 2013-11-21
11:22:07.519203072 +0900
+++ /var/lib/openvas/plugins/./secpod_mcafee_prdts_sec_bypass_vuln_lin.nasl
2013-11-21 11:22:35.624129509 +0900
@@ -87,7 +87,7 @@
script_xref(name : "URL" , value : "http://secunia.com/advisories/34949";);
script_xref(name : "URL" , value :
"http://blog.zoller.lu/2009/04/case-for-av-bypassesevasions.html";);
script_xref(name : "URL" , value :
"http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html";);
- script_xref(name : "URL" , value :
"https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT";);
+ script_xref(name : "URL" , value :
"https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT";);
exit(0);
}
========= ./gb_awstats_45210.nasl ==================
--- ./gb_awstats_45210.nasl 2013-11-21 11:55:19.320907214 +0900
+++ /var/lib/openvas/plugins/./gb_awstats_45210.nasl 2013-11-21
11:55:50.301931902 +0900
@@ -71,7 +71,7 @@
}
script_xref(name : "URL" , value : "https://www.securityfocus.com/bid/45210";);
script_xref(name : "URL" , value :
"http://awstats.sourceforge.net/docs/awstats_changelog.txt";);
- script_xref(name : "URL" , value :
"http://sourceforge.net/tracker/?func=detail&aid=2537928&group_id=13764&atid=113764";);
+ script_xref(name : "URL" , value :
"http://sourceforge.net/tracker/?func=detail&aid=2537928&group_id=13764&atid=113764";);
script_xref(name : "URL" , value : "http://awstats.sourceforge.net/";);
exit(0);
}
========= ./gb_hp_performance_insight_49096.nasl ==================
--- ./gb_hp_performance_insight_49096.nasl 2013-11-21
13:37:59.824127459 +0900
+++ /var/lib/openvas/plugins/./gb_hp_performance_insight_49096.nasl
2013-11-21 13:38:12.948560416 +0900
@@ -75,7 +75,7 @@
}
script_xref(name : "URL" , value : "http://www.securityfocus.com/bid/49096";);
script_xref(name : "URL" , value :
"https://h10078.www1.hp.com/cda/hpms/display/main/hpms_content.jsp?zn=bto&cp=1-11-15-119^1211_4000_100";);
- script_xref(name : "URL" , value :
"http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02942411&ac.admitted=1312903473487.876444892.199480143";);
+ script_xref(name : "URL" , value :
"http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02942411&ac.admitted=1312903473487.876444892.199480143";);
exit(0);
}
========= ./gb_wikihelp_41309.nasl ==================
--- ./gb_wikihelp_41309.nasl 2013-11-21 14:53:57.702480984 +0900
+++ /var/lib/openvas/plugins/./gb_wikihelp_41309.nasl 2013-11-21
14:54:30.475562085 +0900
@@ -70,7 +70,7 @@
script_tag(name : "summary" , value : tag_summary);
}
script_xref(name : "URL" , value : "https://www.securityfocus.com/bid/41309";);
- script_xref(name : "URL" , value :
"http://sourceforge.net/tracker/?func=detail&atid=1296085&aid=3025530&group_id=307693";);
+ script_xref(name : "URL" , value :
"http://sourceforge.net/tracker/?func=detail&atid=1296085&aid=3025530&group_id=307693";);
script_xref(name : "URL" , value : "http://sourceforge.net/projects/wwh/";);
exit(0);
}
========= ./gb_dell_kace_2000_backdoor.nasl ==================
--- ./gb_dell_kace_2000_backdoor.nasl 2013-11-21 13:29:18.334924619 +0900
+++ /var/lib/openvas/plugins/./gb_dell_kace_2000_backdoor.nasl
2013-11-21 13:29:33.931439187 +0900
@@ -60,7 +60,7 @@
script_tag(name : "summary" , value : tag_summary);
}
script_xref(name : "URL" , value : "http://www.kb.cert.org/vuls/id/135606";);
- script_xref(name : "URL" , value :
"http://www.kace.com/support/kb/index.php?action=artikel&id=1120&artlang=en";);
+ script_xref(name : "URL" , value :
"http://www.kace.com/support/kb/index.php?action=artikel&id=1120&artlang=en";);
exit(0);
}
========= ./gb_etherape_rpc_call_parsing_dos_vuln.nasl ==================
--- ./gb_etherape_rpc_call_parsing_dos_vuln.nasl 2013-11-20
22:08:55.995325196 +0900
+++ /var/lib/openvas/plugins/./gb_etherape_rpc_call_parsing_dos_vuln.nasl
2013-11-20 22:09:35.608631810 +0900
@@ -83,7 +83,7 @@
script_xref(name : "URL" , value :
"http://etherape.sourceforge.net/NEWS.html";);
script_xref(name : "URL" , value :
"http://www.openwall.com/lists/oss-security/2011/09/19/4";);
script_xref(name : "URL" , value :
"http://www.openwall.com/lists/oss-security/2011/09/22/1";);
- script_xref(name : "URL" , value :
"http://sourceforge.net/tracker/?func=detail&aid=3309061&group_id=2712&atid=102712";);
+ script_xref(name : "URL" , value :
"http://sourceforge.net/tracker/?func=detail&aid=3309061&group_id=2712&atid=102712";);
exit(0);
}
========= ./secpod_tikiwiki_sec_bypass_vuln.nasl ==================
--- ./secpod_tikiwiki_sec_bypass_vuln.nasl 2013-11-21
14:47:43.322130858 +0900
+++ /var/lib/openvas/plugins/./secpod_tikiwiki_sec_bypass_vuln.nasl
2013-11-21 14:47:59.358658082 +0900
@@ -86,7 +86,7 @@
script_tag(name : "summary" , value : tag_summary);
}
script_xref(name : "URL" , value :
"http://xforce.iss.net/xforce/xfdb/40347";);
- script_xref(name : "URL" , value :
"http://sourceforge.net/tracker/index.php?func=detail&aid=748739&group_id=64258&atid=506846";);
+ script_xref(name : "URL" , value :
"http://sourceforge.net/tracker/index.php?func=detail&aid=748739&group_id=64258&atid=506846";);
exit(0);
}
========= ./gb_wikihelp_41306.nasl ==================
--- ./gb_wikihelp_41306.nasl 2013-11-21 14:53:52.394305496 +0900
+++ /var/lib/openvas/plugins/./gb_wikihelp_41306.nasl 2013-11-21
14:54:12.770977704 +0900
@@ -73,7 +73,7 @@
script_tag(name : "summary" , value : tag_summary);
}
script_xref(name : "URL" , value : "https://www.securityfocus.com/bid/41306";);
- script_xref(name : "URL" , value :
"http://sourceforge.net/tracker/?func=detail&atid=1296085&aid=3025530&group_id=307693";);
+ script_xref(name : "URL" , value :
"http://sourceforge.net/tracker/?func=detail&atid=1296085&aid=3025530&group_id=307693";);
script_xref(name : "URL" , value : "http://sourceforge.net/projects/wwh/";);
exit(0);
}
========= ./secpod_php_address_book_mult_xss_vuln.nasl ==================
--- ./secpod_php_address_book_mult_xss_vuln.nasl 2013-11-21
14:42:53.588574589 +0900
+++ /var/lib/openvas/plugins/./secpod_php_address_book_mult_xss_vuln.nasl
2013-11-21 14:43:13.781239563 +0900
@@ -88,7 +88,7 @@
script_xref(name : "URL" , value : "http://secunia.com/advisories/49212";);
script_xref(name : "URL" , value :
"http://xforce.iss.net/xforce/xfdb/75703";);
script_xref(name : "URL" , value :
"http://www.exploit-db.com/exploits/18899";);
- script_xref(name : "URL" , value :
"http://sourceforge.net/tracker/?func=detail&aid=3527242&group_id=157964&atid=805929";);
+ script_xref(name : "URL" , value :
"http://sourceforge.net/tracker/?func=detail&aid=3527242&group_id=157964&atid=805929";);
exit(0);
}
========= ./modperl_cve_2009_0796.nasl ==================
--- ./modperl_cve_2009_0796.nasl 2013-11-21 12:15:47.741429956 +0900
+++ /var/lib/openvas/plugins/./modperl_cve_2009_0796.nasl
2013-11-21 13:12:06.292880081 +0900
@@ -70,7 +70,7 @@
script_tag(name : "summary" , value : tag_summary);
}
script_xref(name : "URL" , value : "http://www.securityfocus.com/bid/34383";);
- script_xref(name : "URL" , value :
"http://mail-archives.apache.org/mod_mbox/perl-advocacy/200904.mbox/<[email protected]>");
+ script_xref(name : "URL" , value :
"http://mail-archives.apache.org/mod_mbox/perl-advocacy/200904.mbox/<[email protected]>";);
exit(0);
}
_______________________________________________
Openvas-plugins mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
