[Plugins-writers] Bug in wsftp_file_path_parsing_dos.nasl (ID 14584) ?

• Previous message: Paul Bellefeuille: "[Plugins-writers] Nessus Script ID 22535 version 1.2: Contains A Bug?"
• Next in thread: George A. Theall: "Re: [Plugins-writers] Bug in wsftp_file_path_parsing_dos.nasl (ID 14584) ?"
• Reply: George A. Theall: "Re: [Plugins-writers] Bug in wsftp_file_path_parsing_dos.nasl (ID 14584) ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi,

this plugin matches the ftp banner using the following:

if (egrep(pattern:"WS_FTP Server ([0-4]\.|5\.0\.[0-2][^0-9])", string: banner))

So this will fire on 5.0.0, 5.0.1, 5.0.2 but not 5.0.3 or 5.0.4.

According to http://www.securityfocus.com/bid/11065/ (which is one of the refs
listed in the nasl), 5.0.3 and 5.0.4 (excluding 5.0.4 hotfix 1) are vulnerable.

Suggested bugfix would be

if (egrep(pattern:"WS_FTP Server ([0-4]\.|5\.0\.[0-4][^0-9])", string: banner))

If 5.0.4 Hotfix 1 has a different banner it should be excluded of course...


-- 
Hubert Seiwert

Internet Security Specialist, Westpoint Ltd
Albion Wharf, 19 Albion Street, Manchester M1 5LN, United Kingdom

Web: www.westpoint.ltd.uk
Tel: +44-161-2371028
_______________________________________________
Plugins-writers mailing list
Plugins-writers@private
http://mail.nessus.org/mailman/listinfo/plugins-writers

• Previous message: Paul Bellefeuille: "[Plugins-writers] Nessus Script ID 22535 version 1.2: Contains A Bug?"
• Next in thread: George A. Theall: "Re: [Plugins-writers] Bug in wsftp_file_path_parsing_dos.nasl (ID 14584) ?"
• Reply: George A. Theall: "Re: [Plugins-writers] Bug in wsftp_file_path_parsing_dos.nasl (ID 14584) ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Thu Oct 12 2006 - 09:24:52 PDT