Lucene search
This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.NOVELL_IMANAGER_CSRF.NASLHistoryApr 19, 2013 - 12:00 a.m.
Novell iManager < 2.7.6 Patch 1 Multiple Vulnerabilities
2013-04-1900:00:00
This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
10 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.004 Low
EPSS
Percentile
72.0%
The version of Novell iManager installed on the remote host is earlier than 2.7.6 Patch 1 and therefore affected by multiple vulnerabilities :
-
There is an unspecified cross-site request forgery vulnerability. (CVE-2013-1088)
-
A flaw exists due to the software not properly terminating session tokens after logout may allow an attacker with access to a user’s network traffic to gain access to the account via a session replay attack.
(CVE-2013-3268)
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(66036);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2013-1088", "CVE-2013-3268");
script_bugtraq_id(59042, 59450);
script_name(english:"Novell iManager < 2.7.6 Patch 1 Multiple Vulnerabilities");
script_summary(english:"Checks version");
script_set_attribute(attribute:"synopsis", value:
"The remote web application is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Novell iManager installed on the remote host is earlier
than 2.7.6 Patch 1 and therefore affected by multiple vulnerabilities :
- There is an unspecified cross-site request forgery
vulnerability. (CVE-2013-1088)
- A flaw exists due to the software not properly
terminating session tokens after logout may allow an
attacker with access to a user's network traffic to gain
access to the account via a session replay attack.
(CVE-2013-3268)");
script_set_attribute(attribute:"see_also", value:"https://support.microfocus.com/kb/doc.php?id=7010166");
script_set_attribute(attribute:"solution", value:
"Upgrade the Novell iManager 2.7.6 Patch 1 or higher.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-3268");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2013/04/10");
script_set_attribute(attribute:"patch_publication_date", value:"2013/04/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/04/19");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:novell:imanager");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses");
script_copyright(english:"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("novell_imanager_detect.nasl");
script_require_keys("www/novell_imanager");
script_require_ports("Services/www", 8080, 8443);
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");
include("datetime.inc");
include("webapp_func.inc");
port = get_http_port(default:8443);
appname = "Novell iManager";
install = get_install_from_kb(appname:'novell_imanager', port:port, exit_on_fail:TRUE);
version = install['ver'];
url = build_url(port:port, qs:install['dir'] + '/');
if (version == UNKNOWN_VER) audit(AUDIT_UNKNOWN_WEB_APP_VER, appname, url);
# patch adds version.properties
# we can check the date in this file to verify patch has been applied
version_properties = get_kb_item('www/'+port+'/novell_imanager/version_properties');
vuln = FALSE;
ver = split(version, sep:".", keep:FALSE);
if (ver[0] == 2 && ver[1] == 7 && ver[2] < 6)
vuln = TRUE;
# if the version.properties file is missing, we are vuln
if (ver[0] == 2 && ver[1] == 7 && ver[2] == 6 && !version_properties)
vuln = TRUE;
if (ver[0] == 2 && ver[1] == 7 && ver[2] == 6 && !vuln)
{
##Tue Apr 09 16:29:27 IST 2013
#version=2.7.6
item = eregmatch(pattern:"[A-Za-z]{3} ([A-Za-z]{3}) ([0-9]{2}) [0-9]{2}:[0-9]{2}:[0-9]{2} [A-Za-z]{3} ([0-9]{4})", string:version_properties);
if (isnull(item)) exit(1, "Version 2.7.6 of NetIQ iManager is installed, however we are unable to determine the service pack level from the version.properties file.");
month = int(month_num_by_name(base:1, item[1]));
day = int(item[2]);
year = int(item[3]);
if (
year < 2013 ||
(year == 2013 && month < 4) ||
(year == 2013 && month == 4 && day < 9)
)
vuln = TRUE;
else
version += " Patch 1";
}
if (vuln)
{
set_kb_item(name:'www/'+port+'/XSRF', value:TRUE);
if (report_verbosity > 0)
{
report = '\n URL : ' + url +
'\n Installed version : ' + version +
'\n Fixed version : 2.7.6 Patch 1\n';
security_hole(port:port, extra:report);
}
else security_hole(port);
exit(0);
}
else audit(AUDIT_WEB_APP_NOT_AFFECTED, appname, url, version);
Related
openvas
openvas
Novell iManager Multiple Vulnerabilities
2013-06-04 00:00:00
Novell iManager < 2.7 SP 6 patch 1 Multiple Vulnerabilities
2013-06-04 00:00:00
cvelist
cvelist
CVE-2013-3268
2013-04-24 10:00:00
CVE-2013-1088
2013-04-24 10:00:00
cve
cve
CVE-2013-3268
2013-04-24 10:28:37
CVE-2013-1088
2013-04-24 10:28:37
nvd
nvd
CVE-2013-3268
2013-04-24 10:28:37
CVE-2013-1088
2013-04-24 10:28:37
prion
prion
Code injection
2013-04-24 10:28:00
Cross site request forgery (csrf)
2013-04-24 10:28:00
ubuntucve
ubuntucve
CVE-2013-1088
2013-04-24 00:00:00
10 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.004 Low
EPSS
Percentile
72.0%
Related for NOVELL_IMANAGER_CSRF.NASL