Search...

VisualRoute Web Server Detection

2001-08-29T00:00:00

ID VISUALROUTE_SERVER_DETECT.NASL
Type nessus
Reporter Tenable
Modified 2014-05-09T00:00:00

Description

VisualRoute is a web-based solution which allows unauthenticated users to perform traceroutes against arbitrary hosts on the Internet.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if(description)
{
 script_id(10744);
 script_version ("$Revision: 1.19 $");
 script_osvdb_id(617);


 name["english"] = "VisualRoute Web Server Detection";
 script_name(english:name["english"]);

 script_set_attribute(attribute:"synopsis", value:
"A VisualRoute server is listening on the remote port." );
 script_set_attribute(attribute:"description", value:
"VisualRoute is a web-based solution which allows unauthenticated users
to perform traceroutes against arbitrary hosts on the Internet." );
 script_set_attribute(attribute:"solution", value:
"Disable this service if you do not use it." );
 script_set_attribute(attribute:"risk_factor", value:"None" );
 script_set_attribute(attribute:"plugin_publication_date", value: "2001/08/29");
 script_cvs_date("$Date: 2014/05/09 18:59:10 $");
 script_set_attribute(attribute:"plugin_type", value:"remote");
 script_end_attributes();

 summary["english"] = "Extracts the banner of the remote visual route server";
 script_summary(english:summary["english"]);

 script_category(ACT_GATHER_INFO);

 script_copyright(english:"This script is Copyright (C) 2001-2014 Tenable Network Security, Inc.");
 family["english"] = "Web Servers";
 script_family(english:family["english"]);

 script_dependencie("http_version.nasl");
 script_require_ports("Services/www", 8000);
 exit(0);
}

include("global_settings.inc");
include("misc_func.inc");
include("http.inc");

port = get_http_port(default:80, embedded: 1);

r = http_send_recv3(method:"GET", item:"/", port:port, exit_on_fail: 1);

h = parse_http_headers(status_line: r[0], headers: r[1]);
if (isnull(h)) exit(1, "Could not parse HTTP headers");
srv = h["server"];

if ("VisualRoute" &gt;&lt; srv)
 {
  report = 'The remote version of VisualRoute is ' + srv;
  security_note(port:port, extra:report);
  set_kb_item(name:"www/" + port + "/embedded", value:TRUE);
 }

JSON Vulners Source

Initial Source

{"hash": "0964c5bc32dc16ef0fc93e2f669932d5ed5faee8c1d4a352862cf03a129e92d5", "naslFamily": "Web Servers", "id": "VISUALROUTE_SERVER_DETECT.NASL", "lastseen": "2016-09-26T17:24:39", "viewCount": 0, "hashmap": [{"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "74829a09ae5590f02cf719b2a8a32351", "key": "description"}, {"hash": "b36cad090a56019f08b5039735eb2428", "key": "href"}, {"hash": "7ea8316fbaf9e8df2d54cca1786807fc", "key": "modified"}, {"hash": "07a0416e4de2a26a0531240b230d9eca", "key": "naslFamily"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "2ff1bae67446353d609918975ef1d0e4", "key": "pluginID"}, {"hash": "d7c86983787fdb25ce52faf49d73c6ab", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "9c1a05dc1651729d01bc4f1148a09f8a", "key": "sourceData"}, {"hash": "6950d198cb0b3db41d9509fc83cad9b4", "key": "title"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}], "bulletinFamily": "scanner", "cvss": {"score": 0.0, "vector": "NONE"}, "edition": 1, "history": [], "enchantments": {"vulnersScore": 5.0}, "type": "nessus", "description": "VisualRoute is a web-based solution which allows unauthenticated users to perform traceroutes against arbitrary hosts on the Internet.", "title": "VisualRoute Web Server Detection", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(10744);\n script_version (\"$Revision: 1.19 $\");\n script_osvdb_id(617);\n\n\n name[\"english\"] = \"VisualRoute Web Server Detection\";\n script_name(english:name[\"english\"]);\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A VisualRoute server is listening on the remote port.\" );\n script_set_attribute(attribute:\"description\", value:\n\"VisualRoute is a web-based solution which allows unauthenticated users\nto perform traceroutes against arbitrary hosts on the Internet.\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Disable this service if you do not use it.\" );\n script_set_attribute(attribute:\"risk_factor\", value:\"None\" );\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2001/08/29\");\n script_cvs_date(\"$Date: 2014/05/09 18:59:10 $\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n\n summary[\"english\"] = \"Extracts the banner of the remote visual route server\";\n script_summary(english:summary[\"english\"]);\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(english:\"This script is Copyright (C) 2001-2014 Tenable Network Security, Inc.\");\n family[\"english\"] = \"Web Servers\";\n script_family(english:family[\"english\"]);\n\n script_dependencie(\"http_version.nasl\");\n script_require_ports(\"Services/www\", 8000);\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:80, embedded: 1);\n\nr = http_send_recv3(method:\"GET\", item:\"/\", port:port, exit_on_fail: 1);\n\nh = parse_http_headers(status_line: r[0], headers: r[1]);\nif (isnull(h)) exit(1, \"Could not parse HTTP headers\");\nsrv = h[\"server\"];\n\nif (\"VisualRoute\" >< srv)\n {\n report = 'The remote version of VisualRoute is ' + srv;\n security_note(port:port, extra:report);\n set_kb_item(name:\"www/\" + port + \"/embedded\", value:TRUE);\n }\n\n", "objectVersion": "1.2", "cvelist": [], "published": "2001-08-29T00:00:00", "pluginID": "10744", "references": [], "reporter": "Tenable", "modified": "2014-05-09T00:00:00", "href": "https://www.tenable.com/plugins/index.php?view=single&id=10744"}

{"result": {"openvas": [{"lastseen": "2017-07-02T21:10:06", "references": [], "pluginID": "10744", "description": "We detected the remote web server as being a VisualRoute web server. \nThis server allows attackers to perform a traceroute to a third party's \nhosts without revealing themselves to the target of the traceroute.", "edition": 1, "reporter": "This script is Copyright (C) 2001 SecuriTeam", "published": "2005-11-03T00:00:00", "title": "VisualRoute Web Server Detection", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": [], "modified": "2017-03-22T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=10744", "id": "OPENVAS:10744", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: visualroute_server_detect.nasl 5676 2017-03-22 16:29:37Z cfi $\n# Description: VisualRoute Web Server Detection\n#\n# Authors:\n# Noam Rathaus <noamr@securiteam.com>\n#\n# Copyright:\n# Copyright (C) 2001 Noam Rathaus <noamr@securiteam.com>\n# Copyright (C) 2001 SecuriTeam\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_summary = \"We detected the remote web server as being a VisualRoute web server. \nThis server allows attackers to perform a traceroute to a third party's \nhosts without revealing themselves to the target of the traceroute.\";\n\ntag_solution = \"Disable the VisualRoute web server, or block the web server's\nport number on your Firewall.\";\n\nif(description)\n{\n script_id(10744);\n script_version(\"$Revision: 5676 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-03-22 17:29:37 +0100 (Wed, 22 Mar 2017) $\");\n script_tag(name:\"creation_date\", value:\"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n name = \"VisualRoute Web Server Detection\";\n script_name(name);\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_copyright(\"This script is Copyright (C) 2001 SecuriTeam\");\n family = \"General\";\n script_family(family);\n\n script_dependencies(\"gb_get_http_banner.nasl\");\n script_mandatory_keys(\"VisualRoute/banner\");\n script_require_ports(\"Services/www\", 8000);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\ninclude(\"http_func.inc\");\n \nport = get_http_port( default:8000 );\n\n banner = get_http_banner(port:port);\n if(!banner)exit(0);\n\n\n if (egrep(pattern:\"^Server: VisualRoute (tm) \", string:banner))\n {\n security_message(port);\n }\n\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-04-06T11:15:51", "references": [], "pluginID": "136141256231010744", "description": "We detected the remote web server as being a VisualRoute web server. \nThis server allows attackers to perform a traceroute to a third party's \nhosts without revealing themselves to the target of the traceroute.", "edition": 1, "reporter": "This script is Copyright (C) 2001 SecuriTeam", "published": "2005-11-03T00:00:00", "type": "openvas", "title": "VisualRoute Web Server Detection", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": [], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231010744", "id": "OPENVAS:136141256231010744", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: visualroute_server_detect.nasl 9348 2018-04-06 07:01:19Z cfischer $\n# Description: VisualRoute Web Server Detection\n#\n# Authors:\n# Noam Rathaus <noamr@securiteam.com>\n#\n# Copyright:\n# Copyright (C) 2001 Noam Rathaus <noamr@securiteam.com>\n# Copyright (C) 2001 SecuriTeam\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_summary = \"We detected the remote web server as being a VisualRoute web server. \nThis server allows attackers to perform a traceroute to a third party's \nhosts without revealing themselves to the target of the traceroute.\";\n\ntag_solution = \"Disable the VisualRoute web server, or block the web server's\nport number on your Firewall.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.10744\");\n script_version(\"$Revision: 9348 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:01:19 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n name = \"VisualRoute Web Server Detection\";\n script_name(name);\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_copyright(\"This script is Copyright (C) 2001 SecuriTeam\");\n family = \"General\";\n script_family(family);\n\n script_dependencies(\"gb_get_http_banner.nasl\");\n script_mandatory_keys(\"VisualRoute/banner\");\n script_require_ports(\"Services/www\", 8000);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\ninclude(\"http_func.inc\");\n \nport = get_http_port( default:8000 );\n\n banner = get_http_banner(port:port);\n if(!banner)exit(0);\n\n\n if (egrep(pattern:\"^Server: VisualRoute (tm) \", string:banner))\n {\n security_message(port);\n }\n\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}]}}