Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Nessus>
  3. plugins
Tektronics printers "backdoors"
arboi at noos
Aug 13, 2002, 5:48 AM
Post #1 of 2 (711 views)
Permalink
Would these patches be safer/usefull?

Attached Files:

Re: Tektronics printers "backdoors" [ In reply to ]
arboi at noos
Aug 13, 2002, 6:00 AM
Post #2 of 2 (681 views)
Permalink
> Would these patches be safer/useful?

Sorry. Something happened between my mailer and the server :-\

-----------------------------------------------------------------------------
diff -b -w -r1.10 ncl_items.nasl
17c17
< The file /ncl_items.html exists on the remote system.
---
> The file /ncl_items.html or /ncl_subjects.html exist on the remote system.
50,51c50,51
< summary["english"] = "Checks for the presence of /ncl_items.html";
< summary["francais"] = "Vérifie la présence de /ncl_items.html";
---
> summary["english"] = "Checks for the presence of /ncl_*.html";
> summary["francais"] = "Vérifie la présence de /ncl_*.html";
72,74c72,78
< cgi = "/ncl_items.html?SUBJECT=1";
< port = is_cgi_installed(cgi);
< if(port)security_hole(port);
---
> port = get_kb_item("Services/www");
> if (! port) port = 80;
> if (! get_port_state(port)) exit(0);
>
> if (is_cgi_installed(item: "/ncl_items.html?SUBJECT=1", port: port) ||
> is_cgi_installed(item: "/ncl_subjects.html", port: port) )
> security_hole(port);
-----------------------------------------------------------------------------
diff -b -w -r1.5 ncl_items_2.nasl
17c17,18
< The file /_ncl_items.shtml exists on the remote web server.
---
> The file /_ncl_items.shtml or /_ncl_subjects.shtml exists on the
> remote web server.
36,37c37,38
< summary["english"] = "Checks for the presence of _ncl_items.shtml";
< summary["francais"] = "Vérifie la présence de _ncl_items.shtml";
---
> summary["english"] = "Checks for the presence of _ncl_*.shtml";
> summary["francais"] = "Vérifie la présence de _ncl_*.shtml";
57,59c58,65
< cgi = "/_ncl_items.shtml?SUBJECT=1";
< port = is_cgi_installed(cgi);
< if(port)security_warning(port);
---
>
> port = get_kb_item("Services/www");
> if (! port) port = 80;
> if (! get_port_state(port)) exit(0);
>
> if (is_cgi_installed(port: port, item: "/_ncl_items.shtml?SUBJECT=1") ||
> is_cgi_installed(port: port, item: "/_ncl_subjects.shtml"))
> security_warning(port);
-----------------------------------------------------------------------------

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal