swat_detect.nasl

漏洞扫描源码,可以扫描linux,windows,交换机路由器

#
# This script was written by Noam Rathaus <noamr@securiteam.com>
#
# Modifications by Renaud Deraison :
#
#	- French translation
#	- script_require_ports(), script_dependencies()
#
#
# See the Nessus Scripts License for details
#

if(description)
{
 script_id(10273);
 script_bugtraq_id(1872);
script_cve_id("CVE-2000-0935");
 script_version ("$Revision: 38 $");
 
 
 name["english"] = "Detect SWAT server port";
 name["francais"] = "Detection de SWAT";
 script_name(english:name["english"], francais:name["francais"]);
 
 desc["english"] = "
SWAT (Samba Web Administration Tool) is running on this port.

SWAT allows Samba users to change their passwords, and offers to the sysadmin 
an easy-to-use GUI to configure Samba.

However, it is not recommended to let SWAT be accessed by the world, as it 
allows an intruder to attempt to brute force some accounts passwords.

In addition to this, the traffic between SWAT and web clients is not ciphered, 
so an eavesdropper can gain clear text passwords easily.

Solution: Disable SWAT access from the outside network by making your firewall 
filter this port.

If you do not need SWAT, disable it by commenting the relevant /etc/inetd.conf 
line.

Risk factor : Medium";

 desc["francais"] = "
SWAT (Samba Web Administration Tool) tourne sur
ce port.

SWAT permet aux utilisateurs de Samba de changer
leurs mots de passes, et offre