CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
HTTP based detection of the Embedthis GoAhead embedded web
server.
# SPDX-FileCopyrightText: 2019 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.113595");
script_version("2024-09-20T15:39:53+0000");
script_tag(name:"last_modification", value:"2024-09-20 15:39:53 +0000 (Fri, 20 Sep 2024)");
script_tag(name:"creation_date", value:"2019-11-29 11:53:55 +0200 (Fri, 29 Nov 2019)");
script_tag(name:"cvss_base", value:"0.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:N");
script_tag(name:"qod_type", value:"remote_banner");
script_name("Embedthis GoAhead Detection (HTTP)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2019 Greenbone AG");
script_family("Product detection");
script_dependencies("find_service.nasl", "httpver.nasl", "global_settings.nasl");
script_require_ports("Services/www", 80);
script_exclude_keys("Settings/disable_cgi_scanning");
script_tag(name:"summary", value:"HTTP based detection of the Embedthis GoAhead embedded web
server.");
script_xref(name:"URL", value:"https://www.embedthis.com/goahead/");
exit(0);
}
include("cpe.inc");
include("host_details.inc");
include("http_func.inc");
include("http_keepalive.inc");
include("port_service_func.inc");
port = http_get_port( default:80 );
banner = http_get_remote_headers( port:port );
# Server: GoAhead-Webs
# Server: GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.4.2-OPEN
if( concl = egrep( string:banner, pattern:"^Server\s*:\s*GoAhead-Webs", icase:TRUE ) ) {
concluded = " " + chomp( concl );
found = TRUE;
}
foreach dir( make_list( "/cgi-bin", "/cgi" ) ) {
# nb:
# - This was used in / via for "Fingerprinting":
# - https://github.com/1337g/CVE-2017-17562/blob/master/CVE-2017-17562.py
# - 2017/gb_goahead_rce_vuln.nasl
# - If ever required we could also changes this to a dynamically created random string
url = dir + "/c8fed00eb2e87f1cee8e90ebbe870c190ac3848c";
req = http_get( port:port, item:url );
res = http_keepalive_send_recv( port:port, data:req );
# <p>CGI process file does not exist</p></body></html>
if( res && ( concl = eregmatch( string:res, pattern:"<[^>]+>CGI process file does not exist<[^>]+>", icase:FALSE ) ) ) {
if( concluded )
concluded += '\n';
concluded += " " + chomp( concl[0] );
conclUrl = http_report_vuln_url( port:port, url:url, url_only:TRUE );
found = TRUE;
break;
}
}
url = "/favicon.ico";
req = http_get( port:port, item:url );
md5res = http_keepalive_send_recv( port:port, data:req, bodyonly:TRUE );
if( ! isnull( md5res ) ) {
md5 = hexstr( MD5( md5res ) );
if( md5 == "7daa7cff4bdb6a6b4c33aeca089debff" ) {
if( conclUrl )
conclUrl += '\n' + http_report_vuln_url( port:port, url:url, url_only:TRUE );
else
conclUrl = http_report_vuln_url( port:port, url:url, url_only:TRUE );
found = TRUE;
}
}
if( found ) {
set_kb_item( name:"embedthis/goahead/detected", value:TRUE );
set_kb_item( name:"embedthis/goahead/http/detected", value:TRUE );
location = "/";
version = "unknown";
vers = eregmatch( string:banner, pattern:"GoAhead-Webs/([0-9.]+)", icase:TRUE );
if( ! isnull( vers[1] ) )
version = vers[1];
cpe = build_cpe( value:version, exp:"^([0-9.]+)", base:"cpe:/a:embedthis:goahead:" );
if( ! cpe )
cpe = "cpe:/a:embedthis:goahead";
register_product( cpe:cpe, location:location, port:port, service:"www" );
log_message( data:build_detection_report( app: "Embedthis GoAhead", version:version, install:location,
cpe:cpe, concluded:concluded, concludedUrl:conclUrl ),
port:port );
exit( 0 );
}
exit( 0 );
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low