Okay, try again... This makes the cross site checking more generic, so that it checks for extensions of ".shtml", ".thtml", ".jsp" and "". This essentially makes obsolete the 40x_cross_site.nasl (checks just no extension), and iis_shtml_cross_site.nasl which checks just the ".shtml" extension. Also makes it easy to add any more that come up. This cuts the plugins down to having just one generic CSS check (I did not think it beneficial to combine the CGIEmail check as that is CGI/directory specific), rather than two very specific ones. It should also catch more (i.e., Jrun). Regards Chris > Hi, > > You are right I was confused with that of: > http://cvs.nessus.org/cgi-bin/cvsweb.cgi/~checkout~/nessus-plugins/scripts/iis_s > html_cross_site.nasl?sortby=date > > I am not sure it is worth combining, but rather stating that other systems > (OSes/Servers) are vulnerable, beside JRUN, i.e. making this a generic problem > finder, and not JRUN specific. > > Thanks > Noam Rathaus > http://www.SecurITeam.com > http://www.BeyondSecurity.com > > ----- Original Message ----- > From: "sq" <sqat_private> > To: "Noam Rathaus" <noamrat_private> > Sent: Thursday, November 15, 2001 17:03 > Subject: Re: Allaire JRUN Cross Site Scripting Check > > > > I guess I don't understand how the first finds a .shtml, as I only see it > request a document that ends in the /SCRIPT tag with no file > > extension. But yes, if the first finds it also then it would be a duplicate. > > > > Perhaps a better approach would be to use a loop in just one plugin to check > for no extension, .jsp, .shtml, .thtml (others?), and report > > the full list of links for the web servers, JRUN, etc.? I can see how that > would be more efficient for the test as a whole. > > > > I don't know of any JRUN signatures, as the cases I'm testing against only > respond as a Netscape Enterprise and don't give any hint of > > the JRUN install. > > > > I'll take a stab at combining the two to see how it goes. If you have a better > idea, please let me know. I appreciate your help/guidance. > > > > Regards, > > Chris > > > > > > > Hi, > > > > > > Just one thing, this plugin will detect an .SHTML based CSS, while the > original > > > one will also detect such vulnerability. This would cause a duplicate > > > true?/false? positive. > > > > > > Maybe it is worth checking for an Allaris server signature? > > > > > > Thanks > > > Noam Rathaus > > > http://www.SecurITeam.com > > > http://www.BeyondSecurity.com > > > > > > ----- Original Message ----- > > > From: "sq" <sqat_private> > > > To: <plugins-writersat_private> > > > Sent: Wednesday, November 14, 2001 18:03 > > > Subject: Re: Allaire JRUN Cross Site Scripting Check > > > > > > > > > > Thanks in large part to Felix Huber showing me how to write a "for" loop > > > > in nasl <g>, this check seems to be working great. I still don't have > > > > an Allaire JRUN 2.x installation to test against, so if someone does, > > > > please try. > > > > > > > > Now what happens with the plugin? Sorry, I'm new to the nasl dev side. > > > > > > > > Regards, > > > > Chris Sullo > > > > > __________________________ http://www.cirt.net/
This archive was generated by hypermail 2b30 : Fri Nov 16 2001 - 08:26:55 PST