*** oracle_tnslsnr_version.nasl.old Mon Dec 6 13:22:54 2004 --- oracle_tnslsnr_version.nasl Mon Dec 6 13:59:31 2004 *************** *** 5,10 **** --- 5,11 ---- # James W. Abendschan # # modified by Axel Nennker 20020306 + # modified by Sullo 20041206 # if (description) *************** *** 27,39 **** Solution : Upgrade"); ! script_summary(english: "connects to ports 1541 and/or 1521, issues a TNS VERSION command"); script_category(ACT_GATHER_INFO); script_family(english: "Misc.", francais:"Divers"); script_copyright(english: "James W. Abendschan (GPL)"); script_dependencie("find_service.nes"); - script_require_ports(1521, 1541); script_cve_id("CVE-2000-0818"); exit(0); } --- 28,39 ---- Solution : Upgrade"); ! script_summary(english: "connects and issues a TNS VERSION command"); script_category(ACT_GATHER_INFO); script_family(english: "Misc.", francais:"Divers"); script_copyright(english: "James W. Abendschan (GPL)"); script_dependencie("find_service.nes"); script_cve_id("CVE-2000-0818"); exit(0); } *************** *** 98,105 **** return 0; } if (ord(header[4]) != 2) { - report = "A service other than TNS seems to be running on this port."; - security_note(port:port, data:report); return 0; } # read the rest of the accept packet --- 98,103 ---- *************** *** 136,141 **** --- 134,143 ---- # if you believe Oracle, only 7.3.4, 8.0.6, and 8.1.6 # are vulnerable.. # TNSLSNR for Solaris: Version 8.1.6.0.0 - Production + if (version == 0) + { + return 0; + } register_service(port:port, proto:"oracle_tnslsnr"); set_kb_item(name:string("oracle_tnslsnr/", port, "/version"), value:version); *************** *** 163,174 **** } } ! if(get_port_state(1521)) ! { ! oracle_version(port:1521); ! } - if(get_port_state(1541)) - { - oracle_version(port:1541); - } --- 165,173 ---- } } ! # retrieve and test unknown services ! port=get_kb_item("Services/unknown"); ! if(!port)exit(0); ! if(!get_port_state(port))exit(0); ! oracle_version(port:port);