I have been working on this nasl for,, well, on and off a year now.
The broken nasl will timeout without reporting, fill up the HD with error messages so it
needed to be fixed.
Problem is, on an NT or Win2k host with a very large number of shares (> 215) the smb_read()
function returns a very trashed 4360 byte buffer.
with the way the nasl tries to strip out the names, and comments, it ends going off the deep
end... Literly.. filling up the nessusd.dump with 2 to 3gb of trash, and causing the nasl to
timeout (thus preventing ANY reports on that host)
I have come up with a compromise:
If the number of shares is > 215, we do this:
1) we print a warning
2) we limit the nuber of reported shares to 215 (the 216th share is blanks of nulls anyway)
3) we do NOT report the 'comment' section (its below the 216th share in trashed buffer)
Patches enclosed, against the current cvs.
--
Michael Scheidell
SECNAP Network Security, LLC
Sales: 866-SECNAPNET / (1-866-732-6276)
Main: 561-368-9561 / www.secnap.net
Security Engineering positions available
The broken nasl will timeout without reporting, fill up the HD with error messages so it
needed to be fixed.
Problem is, on an NT or Win2k host with a very large number of shares (> 215) the smb_read()
function returns a very trashed 4360 byte buffer.
with the way the nasl tries to strip out the names, and comments, it ends going off the deep
end... Literly.. filling up the nessusd.dump with 2 to 3gb of trash, and causing the nasl to
timeout (thus preventing ANY reports on that host)
I have come up with a compromise:
If the number of shares is > 215, we do this:
1) we print a warning
2) we limit the nuber of reported shares to 215 (the 216th share is blanks of nulls anyway)
3) we do NOT report the 'comment' section (its below the 216th share in trashed buffer)
Patches enclosed, against the current cvs.
--
Michael Scheidell
SECNAP Network Security, LLC
Sales: 866-SECNAPNET / (1-866-732-6276)
Main: 561-368-9561 / www.secnap.net
Security Engineering positions available
Attached Files:
-
num_shares.diff.txt (1.40 KB)