ssh_get_info.nasl

Hi, all

I noticed software enumeration on a debian system (lenny)
was not
conducted. I don't know the others but probably etch is only
"4.0"
So maybe these changes are appropriate. Can someone verify
it, I did 
not  test it very well. But after adding  ' lenny/sid'  I
did get 2
notes back.

One saying:
/The remote Linux distribution is not supported, therefore
local
security checks have not been enabled ....

/The other:/
"Nessus can run commands on localhost to check if
patches are applied
The output of "uname -a" is :
Linux scarface 2.6.17-2-486 #1 Wed Sep 13 15:56:30 UTC 2006
i686 GNU/Linux

The remote Debian system is :
lenny/sid

Local security checks have been enabled for this host./

so I changed the part:
if (debrel) {
     set_kb_item(name:"Host/Debian/release",
value: debrel);
    }

--Ferdy--

--- ssh_get_info.nasl   2007-06-11 15:21:30.000000000 +0200
+++ ssh_get_info2.nasl  2007-06-11 19:10:29.000000000 +0200
 -452,7
+452,9 
 ###################### Debian
###############################################
   buf = info_send_cmd(cmd: "cat
/etc/debian_version");

-  if ( buf && egrep(string:buf,
pattern:'^([0-9.]+|testing/unstable)[
trn]*$'))
+  if ( buf &&
+       egrep(string:buf,
pattern:'^([0-9.]+|testing/unstable)[
trn]*$') ||
+      egrep(string:buf, pattern:'^lenny/sid'))
   {
     report += 'nThe remote Debian system is :n' + buf;
     debrel = chomp(buf);
 -491,9
+493,9 
     security_note(port:port, data:report);
     set_kb_item(name:'HostLevelChecks/failure',
value:"'dpkg' did not
return any result");
     }
-    if (debrel)
+    if (debrel) {
      set_kb_item(name:"Host/Debian/release",
value: debrel);
-
+    }
    misc_calls_and_exit();
   }




_______________________________________________
Plugins-writers mailing list
Plugins-writerslist.nessus.org
http://mail.nessus.org/mailman/listinfo/plugins-writers

Le Mon, 11 Jun 2007 00:34:32 +0200,
Ferdy Riphagen <f.riphagennsec.nl> a écrit :

> I noticed software enumeration on a debian system
(lenny) was not
> conducted.

I'll play with that when I have time.

> I don't know the others but probably etch is only
"4.0"

Lenny is not "stable", don't rely upon the
security advisories.

> So maybe these changes are appropriate.

No, they are useless until the conversion script is updated
to handle
Lenny security advisories. There is no hurry.

> But after adding  ' lenny/sid'  I did get 2 notes
back.

So your change is definitely wrong.
_______________________________________________
Plugins-writers mailing list
Plugins-writerslist.nessus.org
http://mail.nessus.org/mailman/listinfo/plugins-writers

Michel Arboi wrote:
> Lenny is not "stable", don't rely upon the
security advisories.
>
>   
>
I'll changed it to get the software enumeration to work, not
for the
local security checks. Sorry I was not clear with this.
Yes it's the next testing/unstable

>> But after adding  ' lenny/sid'  I did get 2 notes
back.
>>     
>
> So your change is definitely wrong.
>
>
>
>   
It worked for software enum, that didn't worked before on
this system
The second report came from the Slackware settings so it was
bailing out
the debian part

### slackware ###
report +=
'nThe remote Linux distribution is not supported, therefore
local
security checks have not been enabled';
  security_note(port:port, data:report);
  set_kb_item(name:'HostLevelChecks/failure',
value:"Unsupported Linux
distribution");
  misc_calls_and_exit();
}

I only changed these lines to get rid of the second error:

if (debrel)
     set_kb_item(name:"Host/Debian/release",
value: debrel);

   misc_calls_and_exit();
  }

Yes it was not tested very well. But I didn' t know why
"lenny"  wasn't
testable.

--Ferdy--




 


_______________________________________________
Plugins-writers mailing list
Plugins-writerslist.nessus.org
http://mail.nessus.org/mailman/listinfo/plugins-writers