#############################################################################
#
#  Multiple cross-site scripting vulnerabilities in index.php for IPB 
#
#  Copyright: OS2A and it's member companies
#
#  Date Written: 2005/06/30
#
#  $Revision: 1.2 $
#
#  $Log: os2a_ipb_multiple_xss_600224.nasl,v $
#  Revision 1.2  2006/02/16 21:16:07  rdanford
#  risk-factor-update
#
#  Revision 1.1  2005/07/21 10:46:38  bchandra
#  Issue #405
#
#  Revision 1.2  2005/07/05 03:56:47  schandan
#  Issue #405
#
#  Revision 1.1  2005/06/30 07:43:46  schandan
#  Issue #405
#
#  
#  ------------------------------------------------------------------------
#  This program was written by OS2A and/or it's member companies and is
#  licensed under the GNU GPL license. Please see below for details. This
#  header contains information regarding licensing terms under the GPL, and
#  information regarding obtaining source code from the Author. Consequently,
#  pursuant to section 3(c) of the GPL, you must accompany the information
#  found in this header with any distribution you make of this Program.
#  ------------------------------------------------------------------------
##############################################################################


if(description)
{
 script_id(600224);
 script_cve_id("CAN-2005-1443");
 script_copyright(english:"Copyright (C) 2005 OS2A"); 
 script_version("$Revision: 1.2 $");
 script_category(ACT_GATHER_INFO); 
 script_family(english:"CGI abuses");
 name["english"] = "Multiple cross-site scripting vulnerabilities in index.php for IPB";
 script_name(english:name["english"]);

 summary["english"] = "Check the version of Invision Power Board";
 script_summary(english:summary["english"]);

 desc["english"] = "

 Overview: Multiple cross-site scripting (XSS) vulnerabilities in index.php for
 Invision Power Board (IPB) 2.0.3 and 2.1 Alpha 2 allows remote attackers to 
 inject arbitrary web script or HTML.

 Impact: A remote user can access the target user's cookies including 
 authentication cookies, if any, associated with the site running the Invision 
 Power Board software, access data recently submitted by the target user via 
 web form to the site, or take actions on the site acting as the target user.

 Affected Software: 2.0.3, 2.1 Alpha 2 and prior versions.

 Affected Platform: Any platform using this affected software.

 Solution: No vendor patch available.

 References: http://securitytracker.com/alerts/2005/May/1013863.html 

 Risk factor : High";
 
 script_description(english:desc["english"]);
 
 script_dependencies("os2a_ipb_version_600218.nasl");
 script_require_keys("InvisionPowerBoard/Version");
 script_require_ports("Services/www", 80);
 exit(0);
}

 include("http_func.inc");

 port = get_http_port(default:80);

 version = get_kb_item("InvisionPowerBoard/Version");

 if(egrep(pattern:"v(1\.\w*|2\.0[.0-9a-zA-Z ]*|2\.1 Alpha [1-2]?)",
 	  string:version))
 {
	security_hole(port:port);
        exit(0);
 }