nnposter at users
Dec 31, 2008, 8:35 AM
Post #1 of 2
(2534 views)
Permalink
|
|
Broken cipher list retrieval in plugins 26928, 31705
|
|
Plugins ssl_anon_ciphers.nasl and ssl_weak_supported_ciphers.nasl
obtain the list of supported SSL ciphers via get_kb_list(). Both of
these plugins are currently broken because they do not flatten the
cipher hash before testing for its emptiness with max_index(). This
causes the plugins to terminate early due to perceived lack of data.
The following patch resolves the issue:
--- ssl_anon_ciphers.nasl.orig 2008-03-28 10:16:44.000000000 -0400
+++ ssl_anon_ciphers.nasl 2008-12-30 12:50:56.000000000 -0500
@@ -57,7 +57,7 @@
port = get_kb_item("Transport/SSL");
if (!port || !get_port_state(port)) exit(0);
-supported_ciphers = get_kb_list("SSL/Ciphers/"+port);
+supported_ciphers = make_list(get_kb_list("SSL/Ciphers/"+port));
if (isnull(supported_ciphers) || max_index(supported_ciphers) == 0) exit(0);
--- ssl_weak_supported_ciphers.nasl.orig 2008-07-30 21:35:13.000000000 -0400
+++ ssl_weak_supported_ciphers.nasl 2008-12-30 12:44:58.000000000 -0500
@@ -56,7 +56,7 @@
port = get_kb_item("Transport/SSL");
if (!port || !get_port_state(port)) exit(0);
-supported_ciphers = get_kb_list("SSL/Ciphers/"+port);
+supported_ciphers = make_list(get_kb_list("SSL/Ciphers/"+port));
if (isnull(supported_ciphers) || max_index(supported_ciphers) == 0) exit(0);
Cheers,
nnposter
_______________________________________________
Plugins-writers mailing list
Plugins-writers [at] list
http://mail.nessus.org/mailman/listinfo/plugins-writers
|
