Lucene search
K

Opera < 7.20 news URL Handling DoS

🗓️ 10 Aug 2004 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 11 Views

Opera version below 7.20 is vulnerable to denial of service via long 'news:' URLs.

Code
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
 script_id(14249);
 script_version("1.17");

 script_bugtraq_id(7430);

 script_name(english:"Opera < 7.20 news URL Handling DoS");

 script_set_attribute(attribute:"synopsis", value:
"A browser installed on the remote host is vulnerable to a denial of 
service attack." );
 script_set_attribute(attribute:"description", value:
"The version of Opera installed on the remote host reportedly crashes
when processing a 'news:' URL of excessive length, that may result in
a denial of service.  It has been reported that this issue will
trigger a condition that will prevent Opera from functioning until the
program has been reinstalled." );
 script_set_attribute(attribute:"solution", value:
"Install Opera 7.20 or newer." );
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
 script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
 script_set_attribute(attribute:"exploit_available", value:"true");


 script_set_attribute(attribute:"plugin_publication_date", value: "2004/08/10");
 script_cvs_date("Date: 2018/08/08 12:52:15");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:opera:opera_browser");
script_end_attributes();
 
 script_summary(english:"Determines the version of Opera.exe");
 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.");
 script_family(english:"Windows");
 script_dependencies("opera_installed.nasl");
 script_require_keys("SMB/Opera/Version");
 exit(0);
}

#

include("global_settings.inc");


version_ui = get_kb_item("SMB/Opera/Version_UI");
version = get_kb_item("SMB/Opera/Version");
if (isnull(version)) exit(0);

ver = split(version, sep:'.', keep:FALSE);
for (i=0; i<max_index(ver); i++)
  ver[i] = int(ver[i]);

if (
  ver[0] < 7 ||
  (ver[0] == 7 && ver[1] < 20)
)
{
  if (report_verbosity && version_ui)
  {
    report = string(
      "\n",
      "Opera ", version_ui, " is currently installed on the remote host.\n"
    );
    security_warning(port:get_kb_item("SMB/transport"), extra:report);
  }
  else security_warning(get_kb_item("SMB/transport"));
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

08 Aug 2018 12:52Current
5.4Medium risk
Vulners AI Score5.4
11