Mailing List Archive: Bug in 15901?

Hello,

I receive the following notifications:

15901:
"The SSL certificate of the remote service will expire
within 60 days, at Oct 2 23:59:59 2005 GMT."

However, in the X509-certificate output I see:

10863:
<..snip..>
Not Before: Oct 20 00:00:00 2004 GMT
Not After : Oct 20 23:59:59 2005 GMT
<..snip..>

Manually verifying the certificate, point out that the
correct expire date is "Oct 20 23:59:59 2005 GMT".

It seems like the "0" of "20" disappeared somehow in
15901.

If also tested with a certificate that will expire Oct
27. In this situation the "bug" does not show up.

David

__________________________________
Start your day with Yahoo! - Make it your home page!
http://www.yahoo.com/r/hs
_______________________________________________
Plugins-writers mailing list
Plugins-writers@list.nessus.org
http://mail.nessus.org/mailman/listinfo/plugins-writers

On Tue, Oct 18, 2005 at 06:05:13AM -0700, David Frechette wrote:

> 15901:
> "The SSL certificate of the remote service will expire
> within 60 days, at Oct 2 23:59:59 2005 GMT."
>
> However, in the X509-certificate output I see:
>
> 10863:
> <..snip..>
> Not Before: Oct 20 00:00:00 2004 GMT
> Not After : Oct 20 23:59:59 2005 GMT

Thanks for the report. One way to fix this bug is to replace the
following line in x509time_to_gtime() in ssl_cert_expiry.nasl:

parts[2] = str_replace(string:parts[2], find:"0", replace:" ");

with:

parts[2] = ereg_replace(string:parts[2], pattern:"^0", replace:" ");

(This is, after all, plugins-writers, right? :-) I'll commit the change
in a minute, and the new version should become available through the
plugin feed in an hour or two.

George
--
theall@tenablesecurity.com
_______________________________________________
Plugins-writers mailing list
Plugins-writers@list.nessus.org
http://mail.nessus.org/mailman/listinfo/plugins-writers