Home
My Page
Projects
OpenVAS

[#951] Newlines in script_name() cause serious problems

Date:
2009-04-09 19:21
Priority:
4
State:
Open
Submitted by:
Jan-Oliver Wagner (jan)
Assigned to:
Nobody (None)
Architecture:
None
Product:
OpenVAS
Operating System:
All
Component:
None
Version:
2.0
Severity:
major
Resolution:
None
Hardware:
None
URL:
 
Summary:
Newlines in script_name() cause serious problems

Detailed description
In case a script_name() has a string with a newline, eg:



script_name(english:"Xplode 'module_wrapper.asp' SQL Injection and Cross Site Scripting Vulnerabilities

");



then the client, when connecting will issue error like this:



Could not parse 1.3.6.1.4.1.25623.1.0.100113 <|> Xplode 'module_wrapper.asp' SQL Injection and Cross Site Scripting Vulnerabilities



Could not parse <|> infos <|> This script is Copyright (C) 2009 Mi; Risk factor : Medium <|> Determine if Xplode is prone to XSS and SQL-injection vulnerabilities <|> Web application abuses <|> 1.0 <|> NOCVE <|> 34419 <|> NOXREF <|> NOSIGNKEYS <|> NOTAG



add_md5sum_to_plugin: Unknown plugin 1.3.6.1.4.1.25623.1.0.100113







Probably it is best to practice input sanitizing in script_name, so that newlines are turned into spaces or so.



I am not sure though where the actual problem turns into effect.

Maybe OTP protocol and later on the client.

But there also seem to occur some problems on the

server side.



Followup

Message
Date: 2009-10-09 06:17
Sender: Jan-Oliver Wagner

I've no re-run the scenario, but I am not aware this
problem was solved meanwhile.

I must find time to re-run the scenario.
Date: 2009-10-08 08:55
Sender: Geoff Galitz


Is this bug resolved for you, or is futher action necessary?

Attached Files:

Changes:

No Changes Have Been Made to This Item


This site is hosted by Intevation GmbH