Search...

Web Server Allows Password Auto-Completion (PCI-DSS variant) (deprecated)

2011-09-27T00:00:00

ID PCI_WWW_AUTOCOMPLETE_PASSWORDS.NASL
Type nessus
Reporter Tenable
Modified 2016-06-16T00:00:00

Description

This plugin has been deprecated because the corresponding failure item in the ASV Program Guide no longer pertains, as of the May 2013 release. Plugin ID 42057 should be used instead.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
#  @DEPRECATED@
#
#  Disabled on 2016/06/13.
#  Confirmed not required for PCI-DSS ASV requirements.
#

include("compat.inc");

if (description)
{
 script_id(56306);
 script_version("$Revision: 1.4 $");
 script_cvs_date("$Date: 2016/06/16 22:16:21 $");

 script_name(english:"Web Server Allows Password Auto-Completion (PCI-DSS variant) (deprecated)");
 script_summary(english:"Uses the results of webmirror.nasl.");
 
 script_set_attribute(attribute:"synopsis", value:
"This plugin has been deprecated.");
 script_set_attribute(attribute:"description", value:
"This plugin has been deprecated because the corresponding failure item
in the ASV Program Guide no longer pertains, as of the May 2013
release. Plugin ID 42057 should be used instead.");
 script_set_attribute(attribute:"solution", value:"n/a");
 script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:N/A:N");

 script_set_attribute(attribute:"plugin_publication_date", value:"2011/09/27");

 script_set_attribute(attribute:"plugin_type", value: "remote");
 script_end_attributes();

 script_category(ACT_GATHER_INFO); 
 script_family(english: "Web Servers");

 script_copyright(english:"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.");

 script_dependencie("webmirror.nasl");
 script_require_ports("Services/www", 80);

 exit(0);
}

exit(0,"This plugin has been deprecated. Use www_autocomplete_passwords.nasl (plugin ID 42057) instead.");

include("global_settings.inc");
include("misc_func.inc");
include("http.inc");
include("torture_cgi_func.inc");

if (!get_kb_item("Settings/PCI_DSS")) exit(0, "PCI-DSS compliance checking is not enabled.");

port = get_http_port(default:80, embedded:TRUE);

kb = get_kb_item_or_exit("www/"+port+"/AutoCompletePasswordForms");

e = "";
foreach line (split(kb, keep: 0))
  e += split_long_line(line: line) + '\n';
security_warning(port:port, extra:e);

JSON Vulners Source

Initial Source

{"naslFamily": "Web Servers", "id": "PCI_WWW_AUTOCOMPLETE_PASSWORDS.NASL", "lastseen": "2016-09-26T17:26:00", "viewCount": 7, "bulletinFamily": "scanner", "cvss": {"score": 0.0, "vector": "NONE"}, "edition": 1, "enchantments": {"score": {"value": -0.6, "vector": "NONE", "modified": "2016-09-26T17:26:00", "rev": 2}, "dependencies": {"references": [{"type": "nessus", "idList": ["WWW_AUTOCOMPLETE_PASSWORDS.NASL"]}], "modified": "2016-09-26T17:26:00", "rev": 2}, "vulnersScore": -0.6}, "type": "nessus", "description": "This plugin has been deprecated because the corresponding failure item in the ASV Program Guide no longer pertains, as of the May 2013 release. Plugin ID 42057 should be used instead.", "title": "Web Server Allows Password Auto-Completion (PCI-DSS variant) (deprecated)", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2016/06/13.\n# Confirmed not required for PCI-DSS ASV requirements.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56306);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2016/06/16 22:16:21 $\");\n\n script_name(english:\"Web Server Allows Password Auto-Completion (PCI-DSS variant) (deprecated)\");\n script_summary(english:\"Uses the results of webmirror.nasl.\");\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"This plugin has been deprecated.\");\n script_set_attribute(attribute:\"description\", value:\n\"This plugin has been deprecated because the corresponding failure item\nin the ASV Program Guide no longer pertains, as of the May 2013\nrelease. Plugin ID 42057 should be used instead.\");\n script_set_attribute(attribute:\"solution\", value:\"n/a\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/09/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value: \"remote\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO); \n script_family(english: \"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n\n script_dependencie(\"webmirror.nasl\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\nexit(0,\"This plugin has been deprecated. Use www_autocomplete_passwords.nasl (plugin ID 42057) instead.\");\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"torture_cgi_func.inc\");\n\nif (!get_kb_item(\"Settings/PCI_DSS\")) exit(0, \"PCI-DSS compliance checking is not enabled.\");\n\nport = get_http_port(default:80, embedded:TRUE);\n\nkb = get_kb_item_or_exit(\"www/\"+port+\"/AutoCompletePasswordForms\");\n\ne = \"\";\nforeach line (split(kb, keep: 0))\n e += split_long_line(line: line) + '\\n';\nsecurity_warning(port:port, extra:e);\n", "cvelist": [], "published": "2011-09-27T00:00:00", "pluginID": "56306", "references": [], "reporter": "Tenable", "modified": "2016-06-16T00:00:00", "href": "https://www.tenable.com/plugins/index.php?view=single&id=56306"}