Lucene search
K

Astaro Security Gateway Detection

🗓️ 23 Feb 2012 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 13 Views

A security gateway, Astaro Security Gateway, is running on the remote hos

Refs
Code
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(58107);
  script_version("1.6");
  script_cvs_date("Date: 2020/01/22");

  script_name(english:"Astaro Security Gateway Detection");
  script_summary(english:"Looks for the Astaro Security Gateway help pages");

  script_set_attribute(attribute:"synopsis", value:"A security gateway is running on the remote host.");
  script_set_attribute(attribute:"description", value:
"Astaro Security Gateway, a suite of network / mail / web security
tools, is running on the remote host.");

  script_set_attribute(attribute:"see_also", value:"https://www.sophos.com/en-us.aspx");

  script_set_attribute(attribute:"solution", value:"n/a");
  script_set_attribute(attribute:"risk_factor", value:"None");

  script_set_attribute(attribute:"cpe", value:"cpe:/h:astaro:security_gateway");

  script_set_attribute(attribute:"plugin_publication_date", value:"2012/02/23");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"asset_inventory", value:"True");
  script_set_attribute(attribute:"hardware_inventory", value:"True");
  script_set_attribute(attribute:"os_identification", value:"True");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CGI abuses");

  script_copyright(english:"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("http_version.nasl");
  script_exclude_keys("Settings/disable_cgi_scanning");
  script_require_ports("Services/www", 4444);

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("http.inc");
include("misc_func.inc");
include("webapp_func.inc");

# Put together a list of directories we should check for ASG in.
dirs = cgi_dirs();

# Put together checks for different pages that we can scrape version
# information from.
checks = make_array();

# These regexes work for both v7 and v8.
regexes = make_list();
regexes[0] = make_list('<span[^>]* class="astaroproduct" *> *Astaro *Security *Gateway *</span>');
regexes[1] = make_list('<span[^>]* class="astaroversionL" *> *Version *([0-9.]*) *</span>');

# This covers v7.
checks["/ohelp/en_US/Content/master/webadmin/WebAdmin.html"] = regexes;

# This covers v8.
checks["/help/en_US/Content/master/webadmin/WebAdmin.html"] = regexes;

# Get the ports that webservers have been found on, defaulting to
# ASG's default web admin port.
port = get_http_port(default:4444);

# Find where ASG's web interface is installed.
installs = find_install(appname:"astaro_security_gateway", checks:checks, dirs:dirs, port:port);

if (isnull(installs))
  exit(0, "Astaro Security Gateway wasn't detected on port " + port + ".");

# Report our findings.
report = NULL;
if (report_verbosity > 0)
{
  report = get_install_report(
    display_name : "Astaro Security Gateway",
    installs     : installs,
    port         : port
  );
}
security_note(port:port, extra:report);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

22 Jan 2020 00:00Current
5.5Medium risk
Vulners AI Score5.5
13