Update of /usr/local/cvs/nessus-plugins/scripts
In directory raccoon.nessus.org:/tmp/cvs-serv83335
Added Files:
etherleak.nasl
Log Message:
o Added a check for etherleak (http://www.atstake.com/research/advisories/2003/a010603-1.txt)
WARNING : Only works with Nessus 1.3.1 from CVS (as Nessus 1.3.x is labelled as
WARNING : unstable, this is acceptable).
--- NEW FILE: etherleak.nasl ---
#
# This script was written by Renaud Deraison <deraison@cvs.nessus.org>
#
<a href="0000.html#0008qlink1"># See the Nessus Scripts License for details
#
#
# XXX This script is NASL2-compatible ONLY.
if(description)
{
script_id(11197);
script_version ("$Revision: 1.1 $");
name["english"] = "Etherleak";
script_name(english:name["english"]);
desc["english"] = "
The remote host is vulnerable to an 'Etherleak' -
the remote ethernet driver seems to leak bits of the
content of the memory of the remote operating system.
See also : http://www.atstake.com/research/advisories/2003/a010603-1.txt
Solution : Contact your vendor for a fix
Risk factor : Serious";
script_description(english:desc["english"]);
summary["english"] = "etherleak check";
script_summary(english:summary["english"]);
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2003 Renaud Deraison");
family["english"] = "Misc.";
script_family(english:family["english"]);
exit(0);
}
#
# The script code starts here
#
function probe()
{
ip = forge_ip_packet(ip_p:IPPROTO_ICMP, ip_src:this_host());
icmp = forge_icmp_packet(ip:ip, icmp_type:8, icmp_code:0, icmp_seq:1, icmp_id:1, data:"x");
filter = string("icmp and src host ", get_host_ip(), " and dst host ", this_host());
rep = send_packet(icmp, pcap_filter:filter);
if(!rep)return(NULL);
len = get_ip_element(ip:rep, element:"ip_len");
if(strlen(rep) > len)
{
str="";
for(i=len;i<strlen(rep);i++)
{
str = string(str, rep[i]);
}
return(str);
}
else return(NULL);
}
if(islocalnet())
{
str1 = probe();
str2 = probe();
if(isnull(str1) || isnull(str2))exit(0);
In directory raccoon.nessus.org:/tmp/cvs-serv83335
Added Files:
etherleak.nasl
Log Message:
o Added a check for etherleak (http://www.atstake.com/research/advisories/2003/a010603-1.txt)
WARNING : Only works with Nessus 1.3.1 from CVS (as Nessus 1.3.x is labelled as
WARNING : unstable, this is acceptable).
--- NEW FILE: etherleak.nasl ---
#
# This script was written by Renaud Deraison <deraison@cvs.nessus.org>
#
<a href="0000.html#0008qlink1"># See the Nessus Scripts License for details
#
#
# XXX This script is NASL2-compatible ONLY.
if(description)
{
script_id(11197);
script_version ("$Revision: 1.1 $");
name["english"] = "Etherleak";
script_name(english:name["english"]);
desc["english"] = "
The remote host is vulnerable to an 'Etherleak' -
the remote ethernet driver seems to leak bits of the
content of the memory of the remote operating system.
See also : http://www.atstake.com/research/advisories/2003/a010603-1.txt
Solution : Contact your vendor for a fix
Risk factor : Serious";
script_description(english:desc["english"]);
summary["english"] = "etherleak check";
script_summary(english:summary["english"]);
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2003 Renaud Deraison");
family["english"] = "Misc.";
script_family(english:family["english"]);
exit(0);
}
#
# The script code starts here
#
function probe()
{
ip = forge_ip_packet(ip_p:IPPROTO_ICMP, ip_src:this_host());
icmp = forge_icmp_packet(ip:ip, icmp_type:8, icmp_code:0, icmp_seq:1, icmp_id:1, data:"x");
filter = string("icmp and src host ", get_host_ip(), " and dst host ", this_host());
rep = send_packet(icmp, pcap_filter:filter);
if(!rep)return(NULL);
len = get_ip_element(ip:rep, element:"ip_len");
if(strlen(rep) > len)
{
str="";
for(i=len;i<strlen(rep);i++)
{
str = string(str, rep[i]);
}
return(str);
}
else return(NULL);
}
if(islocalnet())
{
str1 = probe();
str2 = probe();
if(isnull(str1) || isnull(str2))exit(0);