Hello Goran,
*** Goran Li?ina <[email protected]> wrote:
> openca_html_injection.nasl is finished (in attachment).
>
> Waiting for your comments.
Ok... :-)
| function is_vulnerable(version) {
Have a look at 'version_func.inc'. You can do:
| include("version_func.inc");
|
| [...]
|
| if(version_is_less_equal(version: version, test_version: "0.9.2")) {
No need to reinvent the wheel. :-)
| match = eregmatch(pattern:'OpenCA Server Version (([[:digit:]]\\.?)+)',
| string:res);
I know that there exist 'OpenCA Server Version' with a '-rc[0-9]'
suffix. Eg: 'OpenCA Server Version 0.9.3-rc1'. Is it ok, that you ignore
the 'rc'-part in your script? IMHO you should at least set the "full"
version (including the rc-part) in KB.
Micha
_______________________________________________
Openvas-plugins mailing list
[email protected]
http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
