📄 ircd_ignition_ircop_vuln.nasl

📁 漏洞扫描源码,可以扫描linux,windows,交换机路由器

💻 NASL

字号:

#  This script was written by David Maciejak <david dot maciejak at kyxar dot fr>#  based on work from#  (C) Tenable Network Security## Ref: vendor## This script is released under the GNU GPL v2if(description){ script_id(14388); script_cve_id("CVE-2004-2553"); script_bugtraq_id(9783); if ( defined_func("script_xref") ) {        script_xref(name:"OSVDB", value:"4121"); } script_version ("$Revision: 38 $");  name["english"] = "IgnitionServer Irc operator privilege escalation vulnerability"; script_name(english:name["english"]);  desc["english"] = "The remote host is running a version of the IgnitionServer IRC service which may be vulnerable to a flaw that let remote attackerto gain elevated privileges on the system.A remote attacker, who is an operator, can supply an unofficial command to the server to obtain elevated privileges and become a global IRC operator.Solution : Upgrade to IgnitionServer 0.2.1-BRC1 or newerRisk factor : High"; script_description(english:desc["english"]);  summary["english"] = "checks the version of the remote ircd"; script_summary(english:summary["english"]);  script_category(ACT_GATHER_INFO);  script_copyright(english:"This script is Copyright (C) 2004 David Maciejak");  family["english"] = "Misc."; script_family(english:family["english"]); script_dependencie("find_service.nes", "find_service2.nasl", "ircd.nasl"); script_require_ports("Services/irc", 6667); exit(0);}#the codeport = get_kb_item("Services/irc");if (!port) port = 6667;if(! get_port_state(port)) exit(0);key = string("irc/banner/", port);banner = get_kb_item(key);if(!banner)exit(0);if(egrep(pattern:".*ignitionServer 0\.([01]\.|2\.0).*", string:banner)) { security_warning(port); exit(0);}

⌨️ 快捷键说明

复制代码 Ctrl + C

搜索代码 Ctrl + F

全屏模式 F11

切换主题 Ctrl + Shift + D

显示快捷键 ?

增大字号 Ctrl + =

减小字号 Ctrl + -