⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 cvs_malformed_entry_lines_flaw.nasl

📁 漏洞扫描源码,可以扫描linux,windows,交换机路由器
💻 NASL
字号:
🔍 
#  This script was written by David Maciejak <david dot maciejak at kyxar dot fr>#  based on work from#  (C) Tenable Network Security## Ref:#  Date: Wed, 9 Jun 2004 15:00:04 +0200#  From: Stefan Esser <s.esser@e-matters.de>#  To: full-disclosure@lists.netsys.com, bugtraq@securityfocus.com,#        red@heisec.de, news@golem.de#  Subject: Advisory 09/2004: More CVS remote vulnerabilities## This script is released under the GNU GPL v2if(description){ script_id(12265); script_version ("$Revision: 38 $"); script_bugtraq_id(10499); script_cve_id("CVE-2004-0414"); script_cve_id("CVE-2004-0416"); script_cve_id("CVE-2004-0417");  script_cve_id("CVE-2004-0418");  if ( defined_func("script_xref") ) script_xref(name:"RHSA", value:"RHSA-2004:233-017");  name["english"] = "CVS malformed entry lines flaw"; script_name(english:name["english"]);  desc["english"] = "The remote CVS server, according to its version number, might allow an attacker to execute arbitrary commands on the remote system because ofa flaw relating to malformed Entry lines which lead to amissing NULL terminator.Among the issues deemed likely to be exploitable were:- a double-free relating to the error_prog_name string (CVE-2004-0416)- an argument integer overflow (CVE-2004-0417)- out-of-bounds writes in serv_notify (CVE-2004-0418)Solution : Upgrade to CVS 1.12.9 or 1.11.17Risk factor : High"; script_description(english:desc["english"]);  summary["english"] = "Logs into the remote CVS server and asks the version"; script_summary(english:summary["english"]);  script_category(ACT_GATHER_INFO);  script_copyright(english:"This script is Copyright (C) 2004 David Maciejak"); family["english"] = "General"; script_family(english:family["english"]); script_require_ports("Services/cvspserver", port); script_dependencies("find_service.nes", "cvs_pserver_heap_overflow.nasl"); exit(0);}include('global_settings.inc');port = get_kb_item("Services/cvspserver");if(!port)port = 2401;if(!get_port_state(port))exit(0);version =  get_kb_item(string("cvs/", port, "/version"));if ( ! version ) exit(0);if(ereg(pattern:".* 1\.([0-9]\.|10\.|11\.([0-9][^0-9]|1[0-6])|12\.[0-8][^0-9]).*", string:version))     	security_hole(port);

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -