After mucking around a bit, I noticed a large discrepancy in the files
sizes. The file downloaded with nessus-update-plugins (all-2.0.tar.gz)
is only 1240682 in size. Downloading the plugin file via the link
provided after I registered, the file (all-2.0.tar.gz) is 2697051. I
manually ran gunzip on the file downloaded via nessus-update-plugins and
it failed with errors. Then I ran gunzip on the file downloaded through
the browser (located in /tmp2) and it unzipped fine.
Here's the output of my action:
---------------------
bash-2.05# nessus-update-plugins
all-2.0.sig is not the valid signature for all-2.0.tar.gz
Aborting
bash-2.05# cd nessus-update-plugins-3103/
bash-2.05# ls -l
total 2464
-rw------- 1 root other 1025 Feb 22 15:40 all-2.0.sig
-rw------- 1 root other 1240682 Feb 22 15:40 all-2.0.tar.gz
-rw------- 1 root other 56 Feb 22 15:40 all-2.0.tar.gz.md5
bash-2.05# gunzip all-2.0.tar.gz
gunzip: all-2.0.tar.gz: invalid compressed data--crc error
gunzip: all-2.0.tar.gz: invalid compressed data--length error
bash-2.05# cd /tmp2
bash-2.05# ls -l
total 5296
-rw-r--r-- 1 root other 2697051 Feb 22 15:40 all-2.0.tar.gz
bash-2.05# gunzip all-2.0.tar.gz
bash-2.05# ls -l
total 41488
-rw-r--r-- 1 root other 21217280 Feb 22 15:40 all-2.0.tar
bash-2.05#
----------------------
Also, here's the output from nessus-update-plugins -vv
bash-2.05# nessus-update-plugins -vv
+ [ -z y ]
tar=-xvf
+ [ ! -d /usr/local/lib/nessus/plugins ]
+ pwd
cwd=/tmp2
tmpdir=
+ test -z
tmpdir=
+ test -z
tmpdir=/tmp
+ mkdir -m 0700 /tmp/nessus-update-plugins-3119
+ cd /tmp/nessus-update-plugins-3119
+ /usr/local/bin/nessus-fetch --plugins-md5
+ test -s /usr/local/lib/nessus/plugins/MD5
+ /usr/local/bin/nessus-fetch --plugins
+ test -x /usr/local/sbin/nessus-check-signature
+ /usr/local/sbin/nessus-check-signature all-2.0.tar.gz all-2.0.sig
all-2.0.sig is not the valid signature for all-2.0.tar.gz
+ echo Aborting
Aborting
+ exit 1
bash-2.05#
Again, help is appreciated!
-David
-----Original Message-----
From: nessus-bounces@list.nessus.org
[mailto:nessus-bounces@list.nessus.org] On Behalf Of Jones, David H
Sent: Tuesday, February 22, 2005 1:35 PM
To: nessus@list.nessus.org
Subject: RE: Plugin Update Problems
bash-2.05# tar --version
tar (GNU tar) 1.15.1
bash-2.05# gzip -V
gzip 1.3.5
(2002-09-30)
Copyright 2002 Free Software Foundation
Copyright 1992-1993 Jean-loup Gailly
This program comes with ABSOLUTELY NO WARRANTY.
You may redistribute copies of this program
under the terms of the GNU General Public License.
For more information about these matters, see the file named COPYING.
Compilation options: DIRENT UTIME STDC_HEADERS HAVE_UNISTD_H
HAVE_MEMORY_H HAVE_STRING_H HAVE_LSTAT
Written by Jean-loup Gailly.
bash-2.05#
-----Message Disclaimer-----
This e-mail message is intended only for the use of the individual or
entity to which it is addressed, and may contain information that is
privileged, confidential and exempt from disclosure under applicable law.
If you are not the intended recipient, any dissemination, distribution or
copying of this communication is strictly prohibited. If you have
received this communication in error, please notify us immediately by
reply email to Connect@principal.com and delete or destroy all copies of
the original message and attachments thereto. Email sent to or from the
Principal Financial Group or any of its member companies may be retained
as required by law or regulation.
Nothing in this message is intended to constitute an Electronic signature
for purposes of the Uniform Electronic Transactions Act (UETA) or the
Electronic Signatures in Global and National Commerce Act ("E-Sign")
unless a specific statement to the contrary is included in this message.
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
