nessus-plugins/scripts inktomi_path_disclosure.nasl,1.2,1.3

[mikhail_at_nessus.org]

Update of /usr/local/cvs/nessus-plugins/scripts
In directory raccoon.nessus.org:/tmp/cvs-serv35163

Modified Files:
	inktomi_path_disclosure.nasl 
Log Message:
Bug seen by Andrej Fenik
if (webroot == webroot) is always true: the script never displayed any
alert.


Index: inktomi_path_disclosure.nasl
===================================================================
RCS file: /usr/local/cvs/nessus-plugins/scripts/inktomi_path_disclosure.nasl,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- inktomi_path_disclosure.nasl	2 Aug 2004 01:12:53 -0000	1.2
+++ inktomi_path_disclosure.nasl	8 Nov 2004 07:47:23 -0000	1.3
@@ -77,11 +77,11 @@
 if ( "httpsrvr.py:1033" >!< res ||
      "500 Internal Server Error" >!< res ) exit(0);
 
-webroot = egrep(pattern:"directory", string:res);
-if(webroot)
+w = egrep(pattern:"directory", string:res);
+if(w)
 {
-  webroot = ereg_replace(string:webroot, pattern:"^.*'(.*)'.*$", replace:"\1");
-  if (webroot == webroot ) exit(0);
+  webroot = ereg_replace(string:w, pattern:"^.*'(.*)'.*$", replace:"\1");
+  if (webroot == w) exit(0);
   report = "
 This web server is running a vulnerable version of Inktomi Search
 
@@ -90,7 +90,7 @@
 as the physical path of the webroot. This information may be useful to
 an attacker.
 
-The remote web root is : " + webroot + "
+The remote web root is : " + w + "
 
 Solution :
  Upgrade to the latest version. This product is now devloped by Verity