[Plugins-writers] Oracle_tnslsnr_security.nasl

From: Ley, Neal (neal.ley@private)
Date: Mon Jun 19 2006 - 07:16:42 PDT


> The oracle_tnslsnr_security.nasl is not checking the security of the
> listener correctly for Oracle 9i and 10g.
> 
> 9i introduced a new error code (TNS-01169) if it doesn't recognize the
> password and 10g listeners will not work with this code.  They have
> reworked the listener and a 9i lsnrctl will no longer administer a 10g
> listener.  A TNS-12618 is raised for incompatible versions of lsnrctl.
> 
> The following code will check for these issues:
> 
> diff new_oracle_tnslsnr_security.nasl oracle_tnslsnr_security.nasl
> 87c87
> <                       if ("SECURITY=ON" >< reply ||
> "ERROR=(CODE=1169)" >< reply)
> ---
> >                       if ("SECURITY=ON" >< reply)
> 96,105d95
> <                       else if ("ERROR=(CODE=12618)" >< reply)
> <                       {
> <
> <                               # FYI
> <                               report = string
> <                               (
> <                               "This host has an incompatible version
> of tnslsnr for the plugin. This cannot be checked.\n"
> <                               );
> <                               security_note(port:port, data:report);
> <                       }
> 







The information contained in this e-mail is confidential and/or proprietary

to Capital One and/or its affiliates. The information transmitted herewith

is intended only for use by the individual or entity to which it is 

addressed.  If the reader of this message is not the intended recipient, 

you are hereby notified that any review, retransmission, dissemination, 

distribution, copying or other use of, or taking of any action in reliance 

upon this information is strictly prohibited. If you have received this 

communication in error, please contact the sender and delete the material 

from your computer.






_______________________________________________
Plugins-writers mailing list
Plugins-writers@private
http://mail.nessus.org/mailman/listinfo/plugins-writers



This archive was generated by hypermail 2.1.3 : Tue Jun 20 2006 - 05:26:27 PDT