ID TIVOLI_DIRECTORY_SRV_WEB_ADMIN_DETECT.NASL
Type nessus
Reporter Tenable
Modified 2018-11-15T00:00:00
Description
IBM Tivoli Directory Server Web Administration Tool, a web interface for managing IBM Tivoli Directory Server, was detected on the remote web server.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(58815);
script_version("1.3");
script_cvs_date("Date: 2018/11/15 20:50:19");
script_name(english:"IBM Tivoli Directory Server Web Administration Tool Detection");
script_summary(english:"Detects IBM Tivoli Directory Server web interface");
script_set_attribute(attribute:"synopsis", value:
"A web-based management interface was detected on the remote host.");
script_set_attribute(attribute:"description", value:
"IBM Tivoli Directory Server Web Administration Tool, a web interface
for managing IBM Tivoli Directory Server, was detected on the remote
web server.");
script_set_attribute(attribute:"see_also", value:"https://www.ibm.com/products");
script_set_attribute(attribute:"solution", value:"n/a");
script_set_attribute(attribute:"risk_factor", value:"None");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/04/20");
script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:tivoli_directory_server");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses");
script_copyright(english:"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.");
script_dependencies("http_version.nasl", "websphere_detect.nasl");
script_exclude_keys("Settings/disable_cgi_scanning");
script_require_keys("www/WebSphere");
script_require_ports("Services/www", 9080, 12100);
exit(0);
}
include("global_settings.inc");
include("misc_func.inc");
include("audit.inc");
include("http.inc");
include("webapp_func.inc");
port = get_http_port(default:12100);
# Make sure the banner looks correct unless we're paranoid.
if (report_paranoia < 2)
{
server_header = http_server_header(port:port);
if (isnull(server_header))
audit(AUDIT_WEB_BANNER_NOT, port);
if ('WebSphere Application Server' >!< server_header)
audit(AUDIT_WRONG_WEB_SERVER, port, 'WebSphere Application Server');
}
# The rootdir can be changed if deployed manually
dirs = cgi_dirs();
if (thorough_tests)
{
dirs = list_uniq(make_list(dirs, '/IDSWebApp'));
}
installs = NULL;
foreach dir (dirs)
{
url = dir + '/IDSjsp/Login.jsp';
res = http_send_recv3(method:"GET", item:url, port:port, exit_on_fail:TRUE);
if (
'Tivoli Directory Server Web Administration Tool</font>' >< res[2] &&
'  Console administration login' >< res[2]
)
{
version = NULL;
pat = '<I>\\[Web application version ([0-9\\.]+)\\]';
matches = egrep(pattern:pat, string:res[2]);
if (matches)
{
foreach match (split(matches, keep:FALSE))
{
item = eregmatch(pattern:pat, string:match);
if (!isnull(item))
{
version = item[1];
break;
}
}
}
installs = add_install(
installs:installs,
ver:version,
dir:dir,
appname:'tivoli_directory_server_web_admin_tool',
port:port
);
if (!thorough_tests) break;
}
}
if (isnull(installs)) audit(AUDIT_NOT_DETECT, 'Tivoli Directory Server Web Administration Tool', port);
if (report_verbosity > 0)
{
report = get_install_report(
display_name:'Tivoli Directory Server Web Administration Tool',
installs:installs,
port:port
);
security_note(port:port, extra:report);
}
else security_note(port:port);
{"id": "TIVOLI_DIRECTORY_SRV_WEB_ADMIN_DETECT.NASL", "bulletinFamily": "scanner", "title": "IBM Tivoli Directory Server Web Administration Tool Detection", "description": "IBM Tivoli Directory Server Web Administration Tool, a web interface for managing IBM Tivoli Directory Server, was detected on the remote web server.", "published": "2012-04-20T00:00:00", "modified": "2018-11-15T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=58815", "reporter": "Tenable", "references": ["https://www.ibm.com/products"], "cvelist": [], "type": "nessus", "lastseen": "2019-02-21T01:16:33", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:ibm:tivoli_directory_server"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "IBM Tivoli Directory Server Web Administration Tool, a web interface for managing IBM Tivoli Directory Server, was detected on the remote web server.", "edition": 3, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "cbc11966a8da97dff14a7b88e727486a85ad9d53ec84e3438603aabc2a8baed9", "hashmap": [{"hash": "4da5944a20f6b3494c1b8c74759f3993", "key": "published"}, {"hash": "154156ab7ad2973a811adb81b4f5571f", "key": "title"}, {"hash": "b95f45fc4d0991919daeda4e9483577f", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "948d2d299a79518b2d7aea3fea18f9f1", "key": "references"}, {"hash": "e15c3f3368fefd9adca46cd4d491f29c", "key": "pluginID"}, {"hash": "da3a68c2dda50b17384785f73e4e9696", "key": "sourceData"}, {"hash": "015cb78ce50d3bd4e2fbe18f25603329", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "aaf9feaca52f56cbd29c7f5509b557a5", "key": "description"}, {"hash": "6e3f3eee714a06050ab87c5677cd1d1b", "key": "href"}, {"hash": "07948b8ff59e8dda0b01012f70f00327", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=58815", "id": "TIVOLI_DIRECTORY_SRV_WEB_ADMIN_DETECT.NASL", "lastseen": "2018-11-17T02:53:30", "modified": "2018-11-15T00:00:00", "naslFamily": "CGI abuses", "objectVersion": "1.3", "pluginID": "58815", "published": "2012-04-20T00:00:00", "references": ["https://www.ibm.com/products"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58815);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/11/15 20:50:19\");\n\n script_name(english:\"IBM Tivoli Directory Server Web Administration Tool Detection\");\n script_summary(english:\"Detects IBM Tivoli Directory Server web interface\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web-based management interface was detected on the remote host.\");\n script_set_attribute(attribute:\"description\", value:\n\"IBM Tivoli Directory Server Web Administration Tool, a web interface\nfor managing IBM Tivoli Directory Server, was detected on the remote\nweb server.\");\n\n script_set_attribute(attribute:\"see_also\", value:\"https://www.ibm.com/products\");\n script_set_attribute(attribute:\"solution\", value:\"n/a\");\n script_set_attribute(attribute:\"risk_factor\", value:\"None\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/20\");\n\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:tivoli_directory_server\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"http_version.nasl\", \"websphere_detect.nasl\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_keys(\"www/WebSphere\");\n script_require_ports(\"Services/www\", 9080, 12100);\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"audit.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:12100);\n\n# Make sure the banner looks correct unless we're paranoid.\nif (report_paranoia < 2)\n{\n server_header = http_server_header(port:port);\n if (isnull(server_header)) \n audit(AUDIT_WEB_BANNER_NOT, port);\n if ('WebSphere Application Server' >!< server_header) \n audit(AUDIT_WRONG_WEB_SERVER, port, 'WebSphere Application Server');\n}\n\n# The rootdir can be changed if deployed manually\ndirs = cgi_dirs();\nif (thorough_tests)\n{\n dirs = list_uniq(make_list(dirs, '/IDSWebApp'));\n}\n\ninstalls = NULL;\nforeach dir (dirs)\n{\n url = dir + '/IDSjsp/Login.jsp';\n res = http_send_recv3(method:\"GET\", item:url, port:port, exit_on_fail:TRUE);\n\n if (\n 'Tivoli Directory Server Web Administration Tool</font>' >< res[2] &&\n '  Console administration login' >< res[2]\n )\n {\n version = NULL;\n pat = '<I>\\\\[Web application version ([0-9\\\\.]+)\\\\]';\n matches = egrep(pattern:pat, string:res[2]);\n if (matches)\n {\n foreach match (split(matches, keep:FALSE))\n {\n item = eregmatch(pattern:pat, string:match);\n if (!isnull(item))\n {\n version = item[1];\n break;\n }\n }\n }\n\n installs = add_install(\n installs:installs, \n ver:version,\n dir:dir,\n appname:'tivoli_directory_server_web_admin_tool',\n port:port\n );\n if (!thorough_tests) break; \n }\n}\n\nif (isnull(installs)) audit(AUDIT_NOT_DETECT, 'Tivoli Directory Server Web Administration Tool', port);\n\nif (report_verbosity > 0)\n{\n report = get_install_report(\n display_name:'Tivoli Directory Server Web Administration Tool',\n installs:installs,\n port:port\n );\n security_note(port:port, extra:report);\n}\nelse security_note(port:port);\n", "title": "IBM Tivoli Directory Server Web Administration Tool Detection", "type": "nessus", "viewCount": 1}, "differentElements": ["description"], "edition": 3, "lastseen": "2018-11-17T02:53:30"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:ibm:tivoli_directory_server"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "IBM Tivoli Directory Server Web Administration Tool, a web interface for managing IBM Tivoli Directory Server, was detected on the remote web server.", "edition": 2, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "cbf75502f3ef38934de2cb8ac9377f1c8b9bc6d6e4f443edafea27b410fd92e2", "hashmap": [{"hash": "9cf51d2906fe9861e3398687f441ed86", "key": "modified"}, {"hash": "4da5944a20f6b3494c1b8c74759f3993", "key": "published"}, {"hash": "154156ab7ad2973a811adb81b4f5571f", "key": "title"}, {"hash": "b95f45fc4d0991919daeda4e9483577f", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e15c3f3368fefd9adca46cd4d491f29c", "key": "pluginID"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "d691bc68652f3b8c3885e6957bd310e1", "key": "references"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "aaf9feaca52f56cbd29c7f5509b557a5", "key": "description"}, {"hash": "6e3f3eee714a06050ab87c5677cd1d1b", "key": "href"}, {"hash": "07948b8ff59e8dda0b01012f70f00327", "key": "naslFamily"}, {"hash": "0186d3f050d669b008974270f8900755", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=58815", "id": "TIVOLI_DIRECTORY_SRV_WEB_ADMIN_DETECT.NASL", "lastseen": "2017-10-29T13:35:14", "modified": "2013-02-04T00:00:00", "naslFamily": "CGI abuses", "objectVersion": "1.3", "pluginID": "58815", "published": "2012-04-20T00:00:00", "references": ["http://www-01.ibm.com/software/tivoli/products/directory-server/"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58815);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2013/02/04 20:25:27 $\");\n\n script_name(english:\"IBM Tivoli Directory Server Web Administration Tool Detection\");\n script_summary(english:\"Detects IBM Tivoli Directory Server web interface\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web-based management interface was detected on the remote host.\");\n script_set_attribute(attribute:\"description\", value:\n\"IBM Tivoli Directory Server Web Administration Tool, a web interface\nfor managing IBM Tivoli Directory Server, was detected on the remote\nweb server.\");\n\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/software/tivoli/products/directory-server/\");\n script_set_attribute(attribute:\"solution\", value:\"n/a\");\n script_set_attribute(attribute:\"risk_factor\", value:\"None\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/20\");\n\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:tivoli_directory_server\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.\");\n\n script_dependencies(\"http_version.nasl\", \"websphere_detect.nasl\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_keys(\"www/WebSphere\");\n script_require_ports(\"Services/www\", 9080, 12100);\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"audit.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:12100);\n\n# Make sure the banner looks correct unless we're paranoid.\nif (report_paranoia < 2)\n{\n server_header = http_server_header(port:port);\n if (isnull(server_header)) \n audit(AUDIT_WEB_BANNER_NOT, port);\n if ('WebSphere Application Server' >!< server_header) \n audit(AUDIT_WRONG_WEB_SERVER, port, 'WebSphere Application Server');\n}\n\n# The rootdir can be changed if deployed manually\ndirs = cgi_dirs();\nif (thorough_tests)\n{\n dirs = list_uniq(make_list(dirs, '/IDSWebApp'));\n}\n\ninstalls = NULL;\nforeach dir (dirs)\n{\n url = dir + '/IDSjsp/Login.jsp';\n res = http_send_recv3(method:\"GET\", item:url, port:port, exit_on_fail:TRUE);\n\n if (\n 'Tivoli Directory Server Web Administration Tool</font>' >< res[2] &&\n '  Console administration login' >< res[2]\n )\n {\n version = NULL;\n pat = '<I>\\\\[Web application version ([0-9\\\\.]+)\\\\]';\n matches = egrep(pattern:pat, string:res[2]);\n if (matches)\n {\n foreach match (split(matches, keep:FALSE))\n {\n item = eregmatch(pattern:pat, string:match);\n if (!isnull(item))\n {\n version = item[1];\n break;\n }\n }\n }\n\n installs = add_install(\n installs:installs, \n ver:version,\n dir:dir,\n appname:'tivoli_directory_server_web_admin_tool',\n port:port\n );\n if (!thorough_tests) break; \n }\n}\n\nif (isnull(installs)) audit(AUDIT_NOT_DETECT, 'Tivoli Directory Server Web Administration Tool', port);\n\nif (report_verbosity > 0)\n{\n report = get_install_report(\n display_name:'Tivoli Directory Server Web Administration Tool',\n installs:installs,\n port:port\n );\n security_note(port:port, extra:report);\n}\nelse security_note(port:port);\n", "title": "IBM Tivoli Directory Server Web Administration Tool Detection", "type": "nessus", "viewCount": 0}, "differentElements": ["references", "modified", "sourceData"], "edition": 2, "lastseen": "2017-10-29T13:35:14"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:ibm:tivoli_directory_server"], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "IBM Tivoli Directory Server Web Administration Tool, a web interface\nfor managing IBM Tivoli Directory Server, was detected on the remote\nweb server.", "edition": 4, "enchantments": {"dependencies": {"modified": "2019-01-16T20:13:40", "references": [{"idList": ["TIVOLI_DIRECTORY_SRV_WEB_ADMIN_XSS.NASL"], "type": "nessus"}]}, "score": {"value": 5.0, "vector": "NONE"}}, "hash": "5ec9acdef6f196a5469646d6a5d978957be7e9d579e44b53d2f80a914e4d8474", "hashmap": [{"hash": "4da5944a20f6b3494c1b8c74759f3993", "key": "published"}, {"hash": "154156ab7ad2973a811adb81b4f5571f", "key": "title"}, {"hash": "b95f45fc4d0991919daeda4e9483577f", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "948d2d299a79518b2d7aea3fea18f9f1", "key": "references"}, {"hash": "e15c3f3368fefd9adca46cd4d491f29c", "key": "pluginID"}, {"hash": "da3a68c2dda50b17384785f73e4e9696", "key": "sourceData"}, {"hash": "015cb78ce50d3bd4e2fbe18f25603329", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "496699eeeba9eba05f5e03bad270cee2", "key": "description"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6e3f3eee714a06050ab87c5677cd1d1b", "key": "href"}, {"hash": "07948b8ff59e8dda0b01012f70f00327", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=58815", "id": "TIVOLI_DIRECTORY_SRV_WEB_ADMIN_DETECT.NASL", "lastseen": "2019-01-16T20:13:40", "modified": "2018-11-15T00:00:00", "naslFamily": "CGI abuses", "objectVersion": "1.3", "pluginID": "58815", "published": "2012-04-20T00:00:00", "references": ["https://www.ibm.com/products"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58815);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/11/15 20:50:19\");\n\n script_name(english:\"IBM Tivoli Directory Server Web Administration Tool Detection\");\n script_summary(english:\"Detects IBM Tivoli Directory Server web interface\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web-based management interface was detected on the remote host.\");\n script_set_attribute(attribute:\"description\", value:\n\"IBM Tivoli Directory Server Web Administration Tool, a web interface\nfor managing IBM Tivoli Directory Server, was detected on the remote\nweb server.\");\n\n script_set_attribute(attribute:\"see_also\", value:\"https://www.ibm.com/products\");\n script_set_attribute(attribute:\"solution\", value:\"n/a\");\n script_set_attribute(attribute:\"risk_factor\", value:\"None\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/20\");\n\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:tivoli_directory_server\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"http_version.nasl\", \"websphere_detect.nasl\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_keys(\"www/WebSphere\");\n script_require_ports(\"Services/www\", 9080, 12100);\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"audit.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:12100);\n\n# Make sure the banner looks correct unless we're paranoid.\nif (report_paranoia < 2)\n{\n server_header = http_server_header(port:port);\n if (isnull(server_header)) \n audit(AUDIT_WEB_BANNER_NOT, port);\n if ('WebSphere Application Server' >!< server_header) \n audit(AUDIT_WRONG_WEB_SERVER, port, 'WebSphere Application Server');\n}\n\n# The rootdir can be changed if deployed manually\ndirs = cgi_dirs();\nif (thorough_tests)\n{\n dirs = list_uniq(make_list(dirs, '/IDSWebApp'));\n}\n\ninstalls = NULL;\nforeach dir (dirs)\n{\n url = dir + '/IDSjsp/Login.jsp';\n res = http_send_recv3(method:\"GET\", item:url, port:port, exit_on_fail:TRUE);\n\n if (\n 'Tivoli Directory Server Web Administration Tool</font>' >< res[2] &&\n '  Console administration login' >< res[2]\n )\n {\n version = NULL;\n pat = '<I>\\\\[Web application version ([0-9\\\\.]+)\\\\]';\n matches = egrep(pattern:pat, string:res[2]);\n if (matches)\n {\n foreach match (split(matches, keep:FALSE))\n {\n item = eregmatch(pattern:pat, string:match);\n if (!isnull(item))\n {\n version = item[1];\n break;\n }\n }\n }\n\n installs = add_install(\n installs:installs, \n ver:version,\n dir:dir,\n appname:'tivoli_directory_server_web_admin_tool',\n port:port\n );\n if (!thorough_tests) break; \n }\n}\n\nif (isnull(installs)) audit(AUDIT_NOT_DETECT, 'Tivoli Directory Server Web Administration Tool', port);\n\nif (report_verbosity > 0)\n{\n report = get_install_report(\n display_name:'Tivoli Directory Server Web Administration Tool',\n installs:installs,\n port:port\n );\n security_note(port:port, extra:report);\n}\nelse security_note(port:port);\n", "title": "IBM Tivoli Directory Server Web Administration Tool Detection", "type": "nessus", "viewCount": 1}, "differentElements": ["description"], "edition": 4, "lastseen": "2019-01-16T20:13:40"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "IBM Tivoli Directory Server Web Administration Tool, a web interface for managing IBM Tivoli Directory Server, was detected on the remote web server.", "edition": 1, "enchantments": {}, "hash": "7f448ff20b35402132754f2d9a2a3b03826f5eed33aa8f7128f92de1e5cf2cc5", "hashmap": [{"hash": "9cf51d2906fe9861e3398687f441ed86", "key": "modified"}, {"hash": "4da5944a20f6b3494c1b8c74759f3993", "key": "published"}, {"hash": "154156ab7ad2973a811adb81b4f5571f", "key": "title"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e15c3f3368fefd9adca46cd4d491f29c", "key": "pluginID"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "d691bc68652f3b8c3885e6957bd310e1", "key": "references"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "aaf9feaca52f56cbd29c7f5509b557a5", "key": "description"}, {"hash": "6e3f3eee714a06050ab87c5677cd1d1b", "key": "href"}, {"hash": "07948b8ff59e8dda0b01012f70f00327", "key": "naslFamily"}, {"hash": "0186d3f050d669b008974270f8900755", "key": "sourceData"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=58815", "id": "TIVOLI_DIRECTORY_SRV_WEB_ADMIN_DETECT.NASL", "lastseen": "2016-09-26T17:23:44", "modified": "2013-02-04T00:00:00", "naslFamily": "CGI abuses", "objectVersion": "1.2", "pluginID": "58815", "published": "2012-04-20T00:00:00", "references": ["http://www-01.ibm.com/software/tivoli/products/directory-server/"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58815);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2013/02/04 20:25:27 $\");\n\n script_name(english:\"IBM Tivoli Directory Server Web Administration Tool Detection\");\n script_summary(english:\"Detects IBM Tivoli Directory Server web interface\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web-based management interface was detected on the remote host.\");\n script_set_attribute(attribute:\"description\", value:\n\"IBM Tivoli Directory Server Web Administration Tool, a web interface\nfor managing IBM Tivoli Directory Server, was detected on the remote\nweb server.\");\n\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/software/tivoli/products/directory-server/\");\n script_set_attribute(attribute:\"solution\", value:\"n/a\");\n script_set_attribute(attribute:\"risk_factor\", value:\"None\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/20\");\n\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:tivoli_directory_server\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.\");\n\n script_dependencies(\"http_version.nasl\", \"websphere_detect.nasl\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_keys(\"www/WebSphere\");\n script_require_ports(\"Services/www\", 9080, 12100);\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"audit.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:12100);\n\n# Make sure the banner looks correct unless we're paranoid.\nif (report_paranoia < 2)\n{\n server_header = http_server_header(port:port);\n if (isnull(server_header)) \n audit(AUDIT_WEB_BANNER_NOT, port);\n if ('WebSphere Application Server' >!< server_header) \n audit(AUDIT_WRONG_WEB_SERVER, port, 'WebSphere Application Server');\n}\n\n# The rootdir can be changed if deployed manually\ndirs = cgi_dirs();\nif (thorough_tests)\n{\n dirs = list_uniq(make_list(dirs, '/IDSWebApp'));\n}\n\ninstalls = NULL;\nforeach dir (dirs)\n{\n url = dir + '/IDSjsp/Login.jsp';\n res = http_send_recv3(method:\"GET\", item:url, port:port, exit_on_fail:TRUE);\n\n if (\n 'Tivoli Directory Server Web Administration Tool</font>' >< res[2] &&\n '  Console administration login' >< res[2]\n )\n {\n version = NULL;\n pat = '<I>\\\\[Web application version ([0-9\\\\.]+)\\\\]';\n matches = egrep(pattern:pat, string:res[2]);\n if (matches)\n {\n foreach match (split(matches, keep:FALSE))\n {\n item = eregmatch(pattern:pat, string:match);\n if (!isnull(item))\n {\n version = item[1];\n break;\n }\n }\n }\n\n installs = add_install(\n installs:installs, \n ver:version,\n dir:dir,\n appname:'tivoli_directory_server_web_admin_tool',\n port:port\n );\n if (!thorough_tests) break; \n }\n}\n\nif (isnull(installs)) audit(AUDIT_NOT_DETECT, 'Tivoli Directory Server Web Administration Tool', port);\n\nif (report_verbosity > 0)\n{\n report = get_install_report(\n display_name:'Tivoli Directory Server Web Administration Tool',\n installs:installs,\n port:port\n );\n security_note(port:port, extra:report);\n}\nelse security_note(port:port);\n", "title": "IBM Tivoli Directory Server Web Administration Tool Detection", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:23:44"}], "edition": 5, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "b95f45fc4d0991919daeda4e9483577f"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "aaf9feaca52f56cbd29c7f5509b557a5"}, {"key": "href", "hash": "6e3f3eee714a06050ab87c5677cd1d1b"}, {"key": "modified", "hash": "015cb78ce50d3bd4e2fbe18f25603329"}, {"key": "naslFamily", "hash": "07948b8ff59e8dda0b01012f70f00327"}, {"key": "pluginID", "hash": "e15c3f3368fefd9adca46cd4d491f29c"}, {"key": "published", "hash": "4da5944a20f6b3494c1b8c74759f3993"}, {"key": "references", "hash": "948d2d299a79518b2d7aea3fea18f9f1"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "da3a68c2dda50b17384785f73e4e9696"}, {"key": "title", "hash": "154156ab7ad2973a811adb81b4f5571f"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "cbc11966a8da97dff14a7b88e727486a85ad9d53ec84e3438603aabc2a8baed9", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["TIVOLI_DIRECTORY_SRV_WEB_ADMIN_XSS.NASL"]}], "modified": "2019-02-21T01:16:33"}, "score": {"value": 0.2, "vector": "NONE", "modified": "2019-02-21T01:16:33"}, "vulnersScore": 0.2}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58815);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/11/15 20:50:19\");\n\n script_name(english:\"IBM Tivoli Directory Server Web Administration Tool Detection\");\n script_summary(english:\"Detects IBM Tivoli Directory Server web interface\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web-based management interface was detected on the remote host.\");\n script_set_attribute(attribute:\"description\", value:\n\"IBM Tivoli Directory Server Web Administration Tool, a web interface\nfor managing IBM Tivoli Directory Server, was detected on the remote\nweb server.\");\n\n script_set_attribute(attribute:\"see_also\", value:\"https://www.ibm.com/products\");\n script_set_attribute(attribute:\"solution\", value:\"n/a\");\n script_set_attribute(attribute:\"risk_factor\", value:\"None\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/20\");\n\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:tivoli_directory_server\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"http_version.nasl\", \"websphere_detect.nasl\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_keys(\"www/WebSphere\");\n script_require_ports(\"Services/www\", 9080, 12100);\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"audit.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:12100);\n\n# Make sure the banner looks correct unless we're paranoid.\nif (report_paranoia < 2)\n{\n server_header = http_server_header(port:port);\n if (isnull(server_header)) \n audit(AUDIT_WEB_BANNER_NOT, port);\n if ('WebSphere Application Server' >!< server_header) \n audit(AUDIT_WRONG_WEB_SERVER, port, 'WebSphere Application Server');\n}\n\n# The rootdir can be changed if deployed manually\ndirs = cgi_dirs();\nif (thorough_tests)\n{\n dirs = list_uniq(make_list(dirs, '/IDSWebApp'));\n}\n\ninstalls = NULL;\nforeach dir (dirs)\n{\n url = dir + '/IDSjsp/Login.jsp';\n res = http_send_recv3(method:\"GET\", item:url, port:port, exit_on_fail:TRUE);\n\n if (\n 'Tivoli Directory Server Web Administration Tool</font>' >< res[2] &&\n '  Console administration login' >< res[2]\n )\n {\n version = NULL;\n pat = '<I>\\\\[Web application version ([0-9\\\\.]+)\\\\]';\n matches = egrep(pattern:pat, string:res[2]);\n if (matches)\n {\n foreach match (split(matches, keep:FALSE))\n {\n item = eregmatch(pattern:pat, string:match);\n if (!isnull(item))\n {\n version = item[1];\n break;\n }\n }\n }\n\n installs = add_install(\n installs:installs, \n ver:version,\n dir:dir,\n appname:'tivoli_directory_server_web_admin_tool',\n port:port\n );\n if (!thorough_tests) break; \n }\n}\n\nif (isnull(installs)) audit(AUDIT_NOT_DETECT, 'Tivoli Directory Server Web Administration Tool', port);\n\nif (report_verbosity > 0)\n{\n report = get_install_report(\n display_name:'Tivoli Directory Server Web Administration Tool',\n installs:installs,\n port:port\n );\n security_note(port:port, extra:report);\n}\nelse security_note(port:port);\n", "naslFamily": "CGI abuses", "pluginID": "58815", "cpe": ["cpe:/a:ibm:tivoli_directory_server"], "scheme": null}
{"nessus": [{"lastseen": "2019-02-21T01:16:33", "bulletinFamily": "scanner", "description": "According to its version, the IBM Tivoli Directory Server Web Administration Tool installed on the remote host is potentially affected by an unspecified cross-site scripting vulnerability. \n\nA remote attacker, exploiting this flaw, could potentially execute arbitrary script code in the user's browser in the security context of the affected site.", "modified": "2018-08-01T00:00:00", "id": "TIVOLI_DIRECTORY_SRV_WEB_ADMIN_XSS.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=58816", "published": "2012-04-20T00:00:00", "title": "IBM Tivoli Directory Server Web Administration Tool Unspecified XSS", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58816);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/08/01 17:36:12\");\n\n script_cve_id(\"CVE-2012-0740\");\n script_bugtraq_id(52844);\n\n script_name(english:\"IBM Tivoli Directory Server Web Administration Tool Unspecified XSS\");\n script_summary(english:\"Checks version of Tivoli Directory Server Web Administration Tool\");\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server hosts a web application that is affected by a\ncross-site scripting vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the IBM Tivoli Directory Server Web\nAdministration Tool installed on the remote host is potentially\naffected by an unspecified cross-site scripting vulnerability. \n\nA remote attacker, exploiting this flaw, could potentially execute\narbitrary script code in the user's browser in the security context of\nthe affected site.\");\n # https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_tivoli_directory_server_cross_site_scripting_vulnerability_with_the_web_admin_tool_cve_2012_07404?lang=en_us\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?840acc71\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21591257\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg24032501\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg24032291\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg24032290\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Tivoli Directory Server 6.1.0.48 (Web Admin version \n4.0027), 6.2.0.22 (Web Admin version 5.0015), 6.3.0.11 (Web Admin \nversion 6.0006) or later. \n\nAfter upgrading Tivoli Directory Server, you must redeploy the web\napplication through WebSphere.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/03/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:tivoli_directory_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses : XSS\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"tivoli_directory_srv_web_admin_detect.nasl\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_keys(\"www/tivoli_directory_server_web_admin_tool\");\n script_require_ports(\"Services/www\", 9080, 12100);\n\n exit(0); \n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\ninclude(\"audit.inc\");\n\nport = get_http_port(default:12100);\n\ninstall = get_install_from_kb(appname:'tivoli_directory_server_web_admin_tool', port:port, exit_on_fail:TRUE);\n\nversion = install['ver'];\nurl = build_url(port:port, qs:install['dir']);\n\nif (version == UNKNOWN_VER) audit(AUDIT_UNKNOWN_WEB_APP_VER, 'Tivoli Directory Server Web Administration Tool', url);\n\nfix = NULL;\nif (version =~ '4\\\\.' && ver_compare(ver:version, fix:'4.0027') < 0) fix = '4.0027';\nelse if (version =~ '5\\\\.' && ver_compare(ver:version, fix:'5.0015') < 0) fix = '5.0015';\nelse if (version =~ '6\\\\.' && ver_compare(ver:version, fix:'6.0006') < 0) fix = '6.0006';\n\nif (fix)\n{\n set_kb_item(name:'www/'+port+'/XSS', value:TRUE);\n if (report_verbosity > 0)\n {\n report =\n '\\n URL : ' + url +\n '\\n Installed web application version : ' + version +\n '\\n Fixed web application version : ' + fix + '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n}\nelse audit(AUDIT_WEB_APP_NOT_AFFECTED, 'Tivoli Directory Server Web Administration Tool', url, version);\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}]}
