ID HP_DIAGNOSTICS_SERVER_DETECT.NASL
Type nessus
Reporter Tenable
Modified 2013-02-05T00:00:00
Description
The remote host is running HP (Formerly Mercury) Diagnostics Server, an application performance monitoring solution.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(64473);
script_version("$Revision: 1.1 $");
script_cvs_date("$Date: 2013/02/05 20:47:57 $");
script_name(english:"HP Diagnostics Server Detection");
script_summary(english:"Detects HP Diagnostics Server web interface");
script_set_attribute(
attribute:"synopsis",
value:
"The remote host is running an application performance monitoring
server."
);
script_set_attribute(
attribute:"description",
value:
"The remote host is running HP (Formerly Mercury) Diagnostics Server, an
application performance monitoring solution."
);
#http://www8.hp.com/us/en/software-solutions/software.html?compURI=1175730
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1e81dc55");
script_set_attribute(attribute:"solution", value:"n/a");
script_set_attribute(attribute:"risk_factor", value:"None");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/02/05");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:hp:diagnostics_server");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses");
script_copyright(english:"This script is Copyright (C) 2013 Tenable Network Security, Inc.");
script_dependencies("http_version.nasl");
script_exclude_keys("Settings/disable_cgi_scanning");
script_require_ports("Services/www", 2006);
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");
include("webapp_func.inc");
port = get_http_port(default:2006);
appname = "HP Diagnostics Server";
kb_appname = "hp_diagnostics_server";
res = http_send_recv3(
method:'GET',
item:'/',
port:port,
exit_on_fail:TRUE
);
if (
"<title>HP Diagnostics - Main Menu</title>" >< res[2] &&
"Hewlett-Packard" >< res[2]
)
{
version = UNKNOWN_VER;
item = eregmatch(pattern:'class="diag">Diagnostics<p>Server[ ]*([^<]+)',
string:res[2]);
if (!isnull(item[1])) version = item[1];
# Register install
installs = add_install(
installs:installs,
ver:version,
dir:'/',
appname:kb_appname,
port:port
);
}
if (isnull(installs)) audit(AUDIT_WEB_APP_NOT_INST, appname, port);
# Report findings.
if (report_verbosity > 0)
{
report = get_install_report(
port : port,
installs : installs,
display_name : appname,
item : '/'
);
security_note(port:port, extra:report);
}
else security_note(port);
{"id": "HP_DIAGNOSTICS_SERVER_DETECT.NASL", "bulletinFamily": "scanner", "title": "HP Diagnostics Server Detection", "description": "The remote host is running HP (Formerly Mercury) Diagnostics Server, an application performance monitoring solution.", "published": "2013-02-05T00:00:00", "modified": "2013-02-05T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=64473", "reporter": "Tenable", "references": ["http://www.nessus.org/u?1e81dc55"], "cvelist": [], "type": "nessus", "lastseen": "2019-02-21T01:18:26", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:hp:diagnostics_server"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The remote host is running HP (Formerly Mercury) Diagnostics Server, an\napplication performance monitoring solution.", "edition": 3, "enchantments": {"dependencies": {"modified": "2019-01-16T20:15:36", "references": [{"idList": ["HP_DIAGNOSTICS_SERVER_DEFAULT_CREDS.NASL"], "type": "nessus"}]}, "score": {"value": 5.0, "vector": "NONE"}}, "hash": "ad97abcceadeb4d5411435111cd4a80738bebfec1a2cc12b828a5556c3f85a42", "hashmap": [{"hash": "a2c6e0618d02f7edf620acd7c5001c40", "key": "cpe"}, {"hash": "d0737a771fc9ea34b19137c37e7eecf7", "key": "pluginID"}, {"hash": "9af305d3be857215c85804fbaae5c6d0", "key": "description"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "9944fded1ee3a04e5d41084c9d7e1394", "key": "href"}, {"hash": "26ebde93205916412b1680a34d2a0e79", "key": "modified"}, {"hash": "54eb5e80b3cc8f30124e8304f87c140d", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "2f89b05710b5c22bfc57d6fb424ff232", "key": "references"}, {"hash": "d5f9c7ebb082f6602490e32faaa3ebd5", "key": "sourceData"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "07948b8ff59e8dda0b01012f70f00327", "key": "naslFamily"}, {"hash": "26ebde93205916412b1680a34d2a0e79", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=64473", "id": "HP_DIAGNOSTICS_SERVER_DETECT.NASL", "lastseen": "2019-01-16T20:15:36", "modified": "2013-02-05T00:00:00", "naslFamily": "CGI abuses", "objectVersion": "1.3", "pluginID": "64473", "published": "2013-02-05T00:00:00", "references": ["http://www.nessus.org/u?1e81dc55"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64473);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2013/02/05 20:47:57 $\");\n\n script_name(english:\"HP Diagnostics Server Detection\");\n script_summary(english:\"Detects HP Diagnostics Server web interface\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host is running an application performance monitoring\nserver.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is running HP (Formerly Mercury) Diagnostics Server, an\napplication performance monitoring solution.\"\n );\n #http://www8.hp.com/us/en/software-solutions/software.html?compURI=1175730\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1e81dc55\");\n script_set_attribute(attribute:\"solution\", value:\"n/a\");\n script_set_attribute(attribute:\"risk_factor\", value:\"None\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:hp:diagnostics_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2013 Tenable Network Security, Inc.\");\n\n script_dependencies(\"http_version.nasl\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_ports(\"Services/www\", 2006);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:2006);\n\nappname = \"HP Diagnostics Server\";\nkb_appname = \"hp_diagnostics_server\";\n\nres = http_send_recv3(\n method:'GET',\n item:'/',\n port:port,\n exit_on_fail:TRUE\n);\nif (\n \"<title>HP Diagnostics - Main Menu</title>\" >< res[2] && \n \"Hewlett-Packard\" >< res[2]\n)\n{\n version = UNKNOWN_VER;\n item = eregmatch(pattern:'class=\"diag\">Diagnostics<p>Server[ ]*([^<]+)', \n string:res[2]); \n if (!isnull(item[1])) version = item[1];\n \n # Register install\n installs = add_install(\n installs:installs,\n ver:version,\n dir:'/',\n appname:kb_appname,\n port:port\n );\n}\n\nif (isnull(installs)) audit(AUDIT_WEB_APP_NOT_INST, appname, port);\n\n# Report findings.\nif (report_verbosity > 0)\n{\n report = get_install_report(\n port : port,\n installs : installs,\n display_name : appname,\n item : '/' \n );\n security_note(port:port, extra:report);\n}\nelse security_note(port);\n", "title": "HP Diagnostics Server Detection", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 3, "lastseen": "2019-01-16T20:15:36"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:hp:diagnostics_server"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The remote host is running HP (Formerly Mercury) Diagnostics Server, an application performance monitoring solution.", "edition": 2, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "4f0c8d8e7eeb5c4ccfac2805256d116fa837bda5c05f0b29adccf728af94c5ea", "hashmap": [{"hash": "a2c6e0618d02f7edf620acd7c5001c40", "key": "cpe"}, {"hash": "d0737a771fc9ea34b19137c37e7eecf7", "key": "pluginID"}, {"hash": "8a8ef63699b50106f305f1c7f4c5bb37", "key": "description"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "9944fded1ee3a04e5d41084c9d7e1394", "key": "href"}, {"hash": "26ebde93205916412b1680a34d2a0e79", "key": "modified"}, {"hash": "54eb5e80b3cc8f30124e8304f87c140d", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "2f89b05710b5c22bfc57d6fb424ff232", "key": "references"}, {"hash": "d5f9c7ebb082f6602490e32faaa3ebd5", "key": "sourceData"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "07948b8ff59e8dda0b01012f70f00327", "key": "naslFamily"}, {"hash": "26ebde93205916412b1680a34d2a0e79", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=64473", "id": "HP_DIAGNOSTICS_SERVER_DETECT.NASL", "lastseen": "2017-10-29T13:39:10", "modified": "2013-02-05T00:00:00", "naslFamily": "CGI abuses", "objectVersion": "1.3", "pluginID": "64473", "published": "2013-02-05T00:00:00", "references": ["http://www.nessus.org/u?1e81dc55"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64473);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2013/02/05 20:47:57 $\");\n\n script_name(english:\"HP Diagnostics Server Detection\");\n script_summary(english:\"Detects HP Diagnostics Server web interface\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host is running an application performance monitoring\nserver.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is running HP (Formerly Mercury) Diagnostics Server, an\napplication performance monitoring solution.\"\n );\n #http://www8.hp.com/us/en/software-solutions/software.html?compURI=1175730\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1e81dc55\");\n script_set_attribute(attribute:\"solution\", value:\"n/a\");\n script_set_attribute(attribute:\"risk_factor\", value:\"None\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:hp:diagnostics_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2013 Tenable Network Security, Inc.\");\n\n script_dependencies(\"http_version.nasl\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_ports(\"Services/www\", 2006);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:2006);\n\nappname = \"HP Diagnostics Server\";\nkb_appname = \"hp_diagnostics_server\";\n\nres = http_send_recv3(\n method:'GET',\n item:'/',\n port:port,\n exit_on_fail:TRUE\n);\nif (\n \"<title>HP Diagnostics - Main Menu</title>\" >< res[2] && \n \"Hewlett-Packard\" >< res[2]\n)\n{\n version = UNKNOWN_VER;\n item = eregmatch(pattern:'class=\"diag\">Diagnostics<p>Server[ ]*([^<]+)', \n string:res[2]); \n if (!isnull(item[1])) version = item[1];\n \n # Register install\n installs = add_install(\n installs:installs,\n ver:version,\n dir:'/',\n appname:kb_appname,\n port:port\n );\n}\n\nif (isnull(installs)) audit(AUDIT_WEB_APP_NOT_INST, appname, port);\n\n# Report findings.\nif (report_verbosity > 0)\n{\n report = get_install_report(\n port : port,\n installs : installs,\n display_name : appname,\n item : '/' \n );\n security_note(port:port, extra:report);\n}\nelse security_note(port);\n", "title": "HP Diagnostics Server Detection", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 2, "lastseen": "2017-10-29T13:39:10"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The remote host is running HP (Formerly Mercury) Diagnostics Server, an application performance monitoring solution.", "edition": 1, "enchantments": {}, "hash": "74082612bab88b8967671fd6b2be14a1a6a7d618895a0a94657267a2c4d6fbce", "hashmap": [{"hash": "d0737a771fc9ea34b19137c37e7eecf7", "key": "pluginID"}, {"hash": "8a8ef63699b50106f305f1c7f4c5bb37", "key": "description"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "9944fded1ee3a04e5d41084c9d7e1394", "key": "href"}, {"hash": "26ebde93205916412b1680a34d2a0e79", "key": "modified"}, {"hash": "54eb5e80b3cc8f30124e8304f87c140d", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "2f89b05710b5c22bfc57d6fb424ff232", "key": "references"}, {"hash": "d5f9c7ebb082f6602490e32faaa3ebd5", "key": "sourceData"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "07948b8ff59e8dda0b01012f70f00327", "key": "naslFamily"}, {"hash": "26ebde93205916412b1680a34d2a0e79", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=64473", "id": "HP_DIAGNOSTICS_SERVER_DETECT.NASL", "lastseen": "2016-09-26T17:24:54", "modified": "2013-02-05T00:00:00", "naslFamily": "CGI abuses", "objectVersion": "1.2", "pluginID": "64473", "published": "2013-02-05T00:00:00", "references": ["http://www.nessus.org/u?1e81dc55"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64473);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2013/02/05 20:47:57 $\");\n\n script_name(english:\"HP Diagnostics Server Detection\");\n script_summary(english:\"Detects HP Diagnostics Server web interface\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host is running an application performance monitoring\nserver.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is running HP (Formerly Mercury) Diagnostics Server, an\napplication performance monitoring solution.\"\n );\n #http://www8.hp.com/us/en/software-solutions/software.html?compURI=1175730\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1e81dc55\");\n script_set_attribute(attribute:\"solution\", value:\"n/a\");\n script_set_attribute(attribute:\"risk_factor\", value:\"None\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:hp:diagnostics_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2013 Tenable Network Security, Inc.\");\n\n script_dependencies(\"http_version.nasl\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_ports(\"Services/www\", 2006);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:2006);\n\nappname = \"HP Diagnostics Server\";\nkb_appname = \"hp_diagnostics_server\";\n\nres = http_send_recv3(\n method:'GET',\n item:'/',\n port:port,\n exit_on_fail:TRUE\n);\nif (\n \"<title>HP Diagnostics - Main Menu</title>\" >< res[2] && \n \"Hewlett-Packard\" >< res[2]\n)\n{\n version = UNKNOWN_VER;\n item = eregmatch(pattern:'class=\"diag\">Diagnostics<p>Server[ ]*([^<]+)', \n string:res[2]); \n if (!isnull(item[1])) version = item[1];\n \n # Register install\n installs = add_install(\n installs:installs,\n ver:version,\n dir:'/',\n appname:kb_appname,\n port:port\n );\n}\n\nif (isnull(installs)) audit(AUDIT_WEB_APP_NOT_INST, appname, port);\n\n# Report findings.\nif (report_verbosity > 0)\n{\n report = get_install_report(\n port : port,\n installs : installs,\n display_name : appname,\n item : '/' \n );\n security_note(port:port, extra:report);\n}\nelse security_note(port);\n", "title": "HP Diagnostics Server Detection", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:24:54"}], "edition": 4, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "a2c6e0618d02f7edf620acd7c5001c40"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "8a8ef63699b50106f305f1c7f4c5bb37"}, {"key": "href", "hash": "9944fded1ee3a04e5d41084c9d7e1394"}, {"key": "modified", "hash": "26ebde93205916412b1680a34d2a0e79"}, {"key": "naslFamily", "hash": "07948b8ff59e8dda0b01012f70f00327"}, {"key": "pluginID", "hash": "d0737a771fc9ea34b19137c37e7eecf7"}, {"key": "published", "hash": "26ebde93205916412b1680a34d2a0e79"}, {"key": "references", "hash": "2f89b05710b5c22bfc57d6fb424ff232"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "d5f9c7ebb082f6602490e32faaa3ebd5"}, {"key": "title", "hash": "54eb5e80b3cc8f30124e8304f87c140d"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "4f0c8d8e7eeb5c4ccfac2805256d116fa837bda5c05f0b29adccf728af94c5ea", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["HP_DIAGNOSTICS_SERVER_DEFAULT_CREDS.NASL"]}], "modified": "2019-02-21T01:18:26"}, "score": {"value": -0.1, "vector": "NONE", "modified": "2019-02-21T01:18:26"}, "vulnersScore": -0.1}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64473);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2013/02/05 20:47:57 $\");\n\n script_name(english:\"HP Diagnostics Server Detection\");\n script_summary(english:\"Detects HP Diagnostics Server web interface\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host is running an application performance monitoring\nserver.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is running HP (Formerly Mercury) Diagnostics Server, an\napplication performance monitoring solution.\"\n );\n #http://www8.hp.com/us/en/software-solutions/software.html?compURI=1175730\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1e81dc55\");\n script_set_attribute(attribute:\"solution\", value:\"n/a\");\n script_set_attribute(attribute:\"risk_factor\", value:\"None\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:hp:diagnostics_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2013 Tenable Network Security, Inc.\");\n\n script_dependencies(\"http_version.nasl\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_ports(\"Services/www\", 2006);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:2006);\n\nappname = \"HP Diagnostics Server\";\nkb_appname = \"hp_diagnostics_server\";\n\nres = http_send_recv3(\n method:'GET',\n item:'/',\n port:port,\n exit_on_fail:TRUE\n);\nif (\n \"<title>HP Diagnostics - Main Menu</title>\" >< res[2] && \n \"Hewlett-Packard\" >< res[2]\n)\n{\n version = UNKNOWN_VER;\n item = eregmatch(pattern:'class=\"diag\">Diagnostics<p>Server[ ]*([^<]+)', \n string:res[2]); \n if (!isnull(item[1])) version = item[1];\n \n # Register install\n installs = add_install(\n installs:installs,\n ver:version,\n dir:'/',\n appname:kb_appname,\n port:port\n );\n}\n\nif (isnull(installs)) audit(AUDIT_WEB_APP_NOT_INST, appname, port);\n\n# Report findings.\nif (report_verbosity > 0)\n{\n report = get_install_report(\n port : port,\n installs : installs,\n display_name : appname,\n item : '/' \n );\n security_note(port:port, extra:report);\n}\nelse security_note(port);\n", "naslFamily": "CGI abuses", "pluginID": "64473", "cpe": ["cpe:/a:hp:diagnostics_server"], "scheme": null}
{"nessus": [{"lastseen": "2019-02-21T01:18:26", "bulletinFamily": "scanner", "description": "Nessus was able to login to the HP Diagnostics Server web interface using default, known credentials.", "modified": "2016-11-18T00:00:00", "id": "HP_DIAGNOSTICS_SERVER_DEFAULT_CREDS.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=64474", "published": "2013-02-05T00:00:00", "title": "HP Diagnostics Server Default Credentials", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64474);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2016/11/18 20:40:53 $\");\n\n script_name(english:\"HP Diagnostics Server Default Credentials\");\n script_summary(english:\"Tries to login using default credentials\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host is running a web application with default login\ncredentials.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Nessus was able to login to the HP Diagnostics Server web interface\nusing default, known credentials.\"\n );\n # ftp://ftp.itrc.hp.com/applications/HPSoftware/ONLINE_HELP/Diagnostic9.20_Users.pdf\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?484d615c\");\n script_set_attribute(attribute:\"solution\", value:\"Change the default password for built-in accounts.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:ND/RC:ND\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:hp:diagnostics_server\");\n script_set_attribute(attribute:\"default_account\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.\");\n\n script_dependencies(\"hp_diagnostics_server_detect.nasl\");\n script_exclude_keys(\"global_settings/supplied_logins_only\");\n script_require_ports(\"Services/www\", 2006);\n script_require_keys(\"www/hp_diagnostics_server\");\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:2006);\n\ninstall = get_install_from_kb(appname:\"hp_diagnostics_server\", port:port, exit_on_fail:TRUE);\n\nif (supplied_logins_only) audit(AUDIT_SUPPLIED_LOGINS_ONLY);\n\ndir = install['dir'];\nversion = install['ver'];\nlocation = build_url(qs:dir + '/', port:port);\n\n\nres = http_send_recv3(\n method:'GET',\n item:dir + '/maintenance/',\n port:port,\n username:'admin',\n password:'admin',\n exit_on_fail:TRUE\n);\n\nif (\n \"Built-In User Management\" >< res[2] &&\n \"Configuration\" >< res[2] &&\n \"License Management\" >< res[2] &&\n \"Access denied\" >!< res[2]\n)\n{\n if (report_verbosity > 0)\n {\n report = '\\nNessus was able to gain access using the following information :\\n' +\n '\\n URL : ' + location +\n '\\n User : admin' +\n '\\n Password : admin\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_WEB_APP_NOT_AFFECTED, \"HP Diagnostics Server\", location);\n", "cvss": {"score": 0.0, "vector": "NONE"}}]}
