>
> Message: 2
> Date: Thu, 12 Mar 2009 16:12:55 +0530
> From: "Chandrashekhar B"
> Subject: Re: [Openvas-plugins] help on nasl
> To: ,
>
> Message-ID: <6bcbf723d32046d09c6b551f4df17...@bchandra>
> Content-Type: text/plain; charset="us-ascii"
>
> Christian,
>
> What's 'X' supposed to do in ln 80? Guess, you wanted it to be '*' ?
accoring to the documentation
(http://www.virtualblueness.net/nasl..html#tth_sEc2.7.1) the 'x' operator must
repeat the string 'x times' or not ?
>
> Chandra.
>
> -----Original Message-----
> From: [email protected]
> [mailto:[email protected]] On Behalf Of Christian
> Eric Edjenguele
> Sent: Tuesday, March 10, 2009 6:23 PM
> To: [email protected]
> Subject: [Openvas-plugins] help on nasl
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello I'm writing a nvt to fingerprint os through MDNS on windows, I got
> an error, see screenshot attached for details.
>
> any suggestion ?
> Thanks.
> - --
> Christian Eric Edjenguele
> IT Security Software Engineer / IT Enterprise Software Architect
> Mobile (IT): +39 3408580513
> PGP KeyID: 0xB1654498
> Key Server: http://pgp.mit.edu
> - -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: GnuPG v1.4.9 (GNU/Linux)
>
> mQENBEmka7IBCAC5e8/9BlCZR/3XHMO4DWHYoewaODmQypHqPaCfKR+BLTAy8xLZ
> eVJ0wwNwaLheZeLPfBqu3r/lp58xJhgYHm9gzihfqPbmJh4Dibc/d2XL9UQ1eshs
> K0JkTlvZtdK5Zo5VmeOZCWlKEMXzlg6HjuYUV4qokqD3qIj6/rhubjtrjlw/XA8P
> 6pGOFhsDZFXbn+lj80XhRdkObMnmWU6wdgJvEPx1vxvhV9D1sJgZz6FVoXAfTOb3
> EjYpluEKdDod46hhF45UJ4Avc8q4DaXxmci5Kdx9rzF2tbvB3Ua6O7l5RaMGNZR2
> QtVY65xVxRfAYF+yE3n+YkFQxWGlqVIajry/ABEBAAG0WkNocmlzdGlhbiBFcmlj
> IEVESkVOR1VFTEUgKElUIFNlY3VyaXR5IFNvZnR3YXJlIEVuZ2luZWVyKSA8Y2hy
> aXN0aWFuLmVkamVuZ3VlbGVAb3dhc3Aub3JnPokBNgQTAQIAIAUCSaRrsgIbAwYL
> CQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJENETScWxZUSYS9QH+gOpYUPkon/D/eNm
> RLCbTaqJhSV6jRH9t+pomm6FiYgphCxDW96OpzA9BieiFEPHhVXAFcHkEBMlk/u0
> wILqDNfBoZk3oCq0+/+Zc7z0zRZfgMHwB4czpqhUCrINEjLO0rb2Jff6Hh0C5S9w
> 8l+x9IiOG9hHNO8ftVr1sNHGDTAWNNZ+pcCt5ROhqiiqnZsvowO1TcDMKEGD9NTW
> BN+jLFGZRY9/MQsUkWoXBQ8K5S9AP1EPPbSTX68VTj0vINLTk2/XfsJlV9Vd9b7G
> NkhbAdrvujbqLHDSE3ALpx8sWKg2vPCUAxJJY6S6danpw/XPGKkpcSNfqn4k8sCV
> e+9MJSu5Ag0ESaRthQEQALEj8eO2WCRqhOHakHhpvGQ4tFEIDS6Z3mnBaNaMc9VM
> i89LNYvJOgOSnWvIu8EF6Ah+PnhOayb9E3wvH+0nfOwzp6XhDor7h8WLQNL+qzk3
> cPxkxdfNDaQdyJclstUqa0nIaPOJgbIRs12N6bCxhAeOKffIkrIdDqjxshTI3S3z
> fq7choduX8tNHoFzIIl6T+4Q0QXMT8xu5MeBHr+vxlgqNUTWOQn6Q/B6QnrVzWDA
> gEq4Id45vN4j18iXGqMy8/xWQg3kRHaU563zx8u+7cjV81feMDbQiC6p6nqQHsD4
> U07JIVDqjbJESLdeqju6HsNzYKohi/gxhsgouPXdFTrfgkWCklAGwqT7QE0ZnL/t
> SVC0xpmCLneXAxWGGo27zJKVJ1/iMUgi/i4R+u2K4eQbsBXXYwh0gSxwYReTyr+C
> 51ugKkvYjTy+U2Fedq3lXEVtnRV02zpO/LlpJR446jRAapVH+ZF9tGMoIHg5hATZ
> KEzGw9x19/wQSRumTvV0HAQ0lqWW9/0n2VuwI/Sh7YHQ2j/DhyF0blFrooGyIxd2
> x5+Xu1PWlYwlUbu7ZsOw1V9cqL5yv5m+w4mL+h8ytHJHHL2Cg8/3qp/QxLT7CnfX
> fOHAjNxGkS/QfoxEhuSwigPi/Yd51wHcaOLyUdGceOZ79ciQtPgvCFdyrDrfDhSr
> ABEBAAGJAR8EGAECAAkFAkmkbYUCGwwACgkQ0RNJxbFlRJhbLAgAsCBA7KmGkTmQ
> mjPNA7Iig8tA5S9fYavbKydNQNxPpL47GLf9V3la4P2/LPLa3rH31Bt+ScfSqAKC
> 5/geB5BKwmQqRomsQpjhmrpBenPjYrUYG2dEB/BOMvOyvr3dTpWtAg5CwYYnHTNy
> yJn7dc7whiE94ZxqFdt58K0H5/H449/VHuCJue+uzy0ldrTK8VVpK6uGgrJc5kre
> 2bpdGVbALpC+yeNMyXCqgGigg9gu1iHXSSGgbQfW+AhsFpiN37fPq8zDNU2C8sp3
> 4Y45EYRmRCZ+0a9WSRnYALRZFdvjysKfRjP3o4Ax/d4cSi6v2pT93yfoA2TQMkLF
> E1MQObpE5A==
> =7VGF
> - -----END PGP PUBLIC KEY BLOCK-----
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iQEcBAEBAgAGBQJJtmKYAAoJENETScWxZUSY780H/jERGYucMuj/BIPAjzFHRr37
> +gWWOF83plQCQ6UJhSGfzf0HSHpFKag6XwJ8Yq1piSk9E2qNfV8nB2NI0y0XxPUD
> cL1YDn0275zN+c8Otlvvi0o78xd2AVAIpki8O8jc/zR5beZMpFT9xDGPAogKCFbw
> RkIao07R/p40GXukihA6uhlmEojoXB3hVV8hnWBNXV3YbVdxn4PlS0GvikZKMTsh
> cfOIqzhuDBiNrQ+IV1irh0D9xCtu/7FI2coOxqvrDjEHlCz/lIH1IMfxLceRV83d
> PNL10Zn6g0zBSK7X0HesW/62CuRksivOfphdhWZTlVnFQE6MnIU4atWOSkui8Gk=
> =oogL
> -----END PGP SIGNATURE-----
>
>
>
> ------------------------------
>
> Message: 3
> Date: Thu, 12 Mar 2009 16:15:07 +0530
> From: "Chandrashekhar B"
> Subject: Re: [Openvas-plugins] bug in php detection scripts
> To: "'Vlatko Kosturjak'" , "'openvas-plugins'"
>
> Message-ID: <3fe1a4912a75412d8347ead7d1a88...@bchandra>
> Content-Type: text/plain; charset="us-ascii"
>
> Hello Kost,
>
> Thanks for reporting. There's actually another KB item called "PHP/Port" set
> along with "PHP/Version" which is being used in some scripts and some aren't
> using it. We are addressing this now.
>
> Thanks,
> Chandra.
>
>
> -----Original Message-----
> From: [email protected]
> [mailto:[email protected]] On Behalf Of Vlatko
> Kosturjak
> Sent: Thursday, March 12, 2009 3:19 PM
> To: openvas-plugins
> Subject: [Openvas-plugins] bug in php detection scripts
>
> Hello!
>
> Imagine following scenario. I have 5 web/http ports on single IP
> address. one have PHP and it is vulnerable, but it will report all 5
> http ports are prone to php vulnerability.
>
> It's because it sets general PHP/Version variable and I get that all
> http ports are vulnerable.
>
> It would be good (and correct) to put PHP under following hieararchy:
> www//phpversion=x.x.x
>
> Currently it is bugged and reports the non-existant vulnerabilities to
> other ports. Specifically
> secpod_php_sec_bypass_n_file_write_vuln_900184.nasl
> and
> gb_php_detect.nasl
>
> Kost
> _______________________________________________
> Openvas-plugins mailing list
> [email protected]
> http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
>
>
>
> ------------------------------
>
> _______________________________________________
> Openvas-plugins mailing list
> [email protected]
> http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
>
>
> End of Openvas-plugins Digest, Vol 16, Issue 2
> **********************************************
_______________________________________________
Openvas-plugins mailing list
[email protected]
http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
