On Sat, Dec 18, 2004 at 05:02:59PM -0700, Erik Stephens wrote: > Ideally, it would have both the general commentary plus the dynamic > version piece in the note's description. What's the best way to do > that? I'd like to do something like: > > security_note(port:port, data:string(get_desc(), '\n\n', ver)) Ideally, I'd rather have an 'extra' field to security_XXX(). ie: security_note(port:port, extra:"The remote host is running " + ver); which would produce the following report (in the example above) : --- "The Patch level (Service Pack) of the remote IIS server appears to be lower than the current IIS service pack level. As each service pack typically contains many security patches, the server may be at risk. Caveat: This test makes assumptions of the remote patch level based on static return values (Content-Length) within the IIS Servers 404 error message. As such, the test can not be totally reliable and should be manually confirmed. Solution: Ensure that the server is running the latest stable Service Pack Risk factor : High In addition, the scanner reported the following information : The remote host is running Microsoft IIS 5 - SP0 or SP1" --- If I can find a very elegant way to implement this, we could even factorize the calls to security_XXX(), so that : security_note(port:port, extra:"foo"); security_note(port:port, extra:"bar"); Would actually produce only ONE entry for the port in question, with two lines of "extra" output. Thoughts? -- Renaud _______________________________________________ Plugins-writers mailing list Plugins-writers@private http://mail.nessus.org/mailman/listinfo/plugins-writers
This archive was generated by hypermail 2.1.3 : Sun Dec 19 2004 - 04:55:01 PST