Mailing List Archive

Plugins ssl_anon_ciphers.nasl and ssl_weak_supported_ciphers.nasl
obtain the list of supported SSL ciphers via get_kb_list(). Both of
these plugins are currently broken because they do not flatten the
cipher hash before testing for its emptiness with max_index(). This
causes the plugins to terminate early due to perceived lack of data.

The following patch resolves the issue:

--- ssl_anon_ciphers.nasl.orig 2008-03-28 10:16:44.000000000 -0400
+++ ssl_anon_ciphers.nasl 2008-12-30 12:50:56.000000000 -0500
@@ -57,7 +57,7 @@
port = get_kb_item("Transport/SSL");
if (!port || !get_port_state(port)) exit(0);

-supported_ciphers = get_kb_list("SSL/Ciphers/"+port);
+supported_ciphers = make_list(get_kb_list("SSL/Ciphers/"+port));
if (isnull(supported_ciphers) || max_index(supported_ciphers) == 0) exit(0);


--- ssl_weak_supported_ciphers.nasl.orig 2008-07-30 21:35:13.000000000 -0400
+++ ssl_weak_supported_ciphers.nasl 2008-12-30 12:44:58.000000000 -0500
@@ -56,7 +56,7 @@
port = get_kb_item("Transport/SSL");
if (!port || !get_port_state(port)) exit(0);

-supported_ciphers = get_kb_list("SSL/Ciphers/"+port);
+supported_ciphers = make_list(get_kb_list("SSL/Ciphers/"+port));
if (isnull(supported_ciphers) || max_index(supported_ciphers) == 0) exit(0);



Cheers,
nnposter
_______________________________________________
Plugins-writers mailing list
Plugins-writers@list.nessus.org
http://mail.nessus.org/mailman/listinfo/plugins-writers