Hi,
It appears there is a race condition that can adversely affect some
plugins related to SMB detection.
For example, when looking at NVT 100499 (2010/samba_38326.nasl), which
includes "smb_nativelanman.nasl" as a dependency, the following call
is made:
---
port = get_kb_item("SMB/transport");
if(!port)port = 139;
---
Ok, so "smb_nativelanman.nasl" includes the following relevant code:
--
port = kb_smb_transport();
---
This is defined in smb_nt.inc as:
---
function kb_smb_transport()
{
local_var r;
r = get_kb_item("SMB/transport");
if(r){
return int(r);
}
else {
return 445;
}
}
---
The plugin responsible for detecting whether 445 or 139 is running the
SMB server and setting the SMB/transport key is cifs445.nasl. Since
this isn't being called in the chain, the kb_smb_transport() call will
always return 445. From what I can see, "smb_nativelanman.nasl" should
absolutely include "cifs445.nasl" as a dependency, or else SMB servers
running on 139 will be skipped by plugins that rely on the transport
key.
\\korodev
_______________________________________________
Openvas-plugins mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
