*** Harry Johnston wrote: > I'm looking at script ID 101008, XRMS_CVE-2008-3664.nasl, > > https://wald.intevation.org/scm/viewvco.php/scripts/2009/XRMS_CVE-2008-3664.nasl?revision=15&root=openvas-nvts&view=markup > > > This is the code I think is wrong: > > function xssExploit(install_path) > { > [...] > req = http_get(port:port, item:string(path, php)); > > There is no variable named "path" defined in the script and the function > argument install_path is not used.
Fixed in r628. > (Is there a better place to report this sort of bug than the mailing list?) There is also our bug tracker at https://wald.intevation.org/tracker/?group_id=29 but writing a mail to openvas-plugins is a often faster... Thanks for reporting! Micha -- Michael Meyer OpenPGP Key: 0xAF069E9152A6EFA6 http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-plugins mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
