[Openvas-commits] r532 - in trunk/openvas-plugins: . scripts
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Tue Nov 6 13:04:11 CET 2007
Author: jan
Date: 2007-11-06 13:03:57 +0100 (Tue, 06 Nov 2007)
New Revision: 532
Added:
trunk/openvas-plugins/scripts/debian_DSA-1100.nasl
trunk/openvas-plugins/scripts/debian_DSA-1101.nasl
trunk/openvas-plugins/scripts/debian_DSA-1102.nasl
trunk/openvas-plugins/scripts/debian_DSA-1103.nasl
trunk/openvas-plugins/scripts/debian_DSA-1104.nasl
trunk/openvas-plugins/scripts/debian_DSA-1105.nasl
trunk/openvas-plugins/scripts/debian_DSA-1106.nasl
trunk/openvas-plugins/scripts/debian_DSA-1107.nasl
trunk/openvas-plugins/scripts/debian_DSA-1108.nasl
trunk/openvas-plugins/scripts/debian_DSA-1109.nasl
trunk/openvas-plugins/scripts/debian_DSA-1110.nasl
trunk/openvas-plugins/scripts/debian_DSA-1111.nasl
trunk/openvas-plugins/scripts/debian_DSA-1112.nasl
trunk/openvas-plugins/scripts/debian_DSA-1113.nasl
trunk/openvas-plugins/scripts/debian_DSA-1114.nasl
trunk/openvas-plugins/scripts/debian_DSA-1115.nasl
trunk/openvas-plugins/scripts/debian_DSA-1116.nasl
trunk/openvas-plugins/scripts/debian_DSA-1117.nasl
trunk/openvas-plugins/scripts/debian_DSA-1118.nasl
trunk/openvas-plugins/scripts/debian_DSA-1119.nasl
trunk/openvas-plugins/scripts/debian_DSA-1120.nasl
trunk/openvas-plugins/scripts/debian_DSA-1121.nasl
trunk/openvas-plugins/scripts/debian_DSA-1122.nasl
trunk/openvas-plugins/scripts/debian_DSA-1123.nasl
trunk/openvas-plugins/scripts/debian_DSA-1124.nasl
trunk/openvas-plugins/scripts/debian_DSA-1125.nasl
trunk/openvas-plugins/scripts/debian_DSA-1126.nasl
trunk/openvas-plugins/scripts/debian_DSA-1127.nasl
trunk/openvas-plugins/scripts/debian_DSA-1128.nasl
trunk/openvas-plugins/scripts/debian_DSA-1129.nasl
trunk/openvas-plugins/scripts/debian_DSA-1130.nasl
trunk/openvas-plugins/scripts/debian_DSA-1131.nasl
trunk/openvas-plugins/scripts/debian_DSA-1132.nasl
trunk/openvas-plugins/scripts/debian_DSA-1133.nasl
trunk/openvas-plugins/scripts/debian_DSA-1134.nasl
trunk/openvas-plugins/scripts/debian_DSA-1135.nasl
trunk/openvas-plugins/scripts/debian_DSA-1136.nasl
trunk/openvas-plugins/scripts/debian_DSA-1137.nasl
trunk/openvas-plugins/scripts/debian_DSA-1138.nasl
trunk/openvas-plugins/scripts/debian_DSA-1139.nasl
trunk/openvas-plugins/scripts/debian_DSA-1140.nasl
trunk/openvas-plugins/scripts/debian_DSA-1141.nasl
trunk/openvas-plugins/scripts/debian_DSA-1142.nasl
trunk/openvas-plugins/scripts/debian_DSA-1143.nasl
trunk/openvas-plugins/scripts/debian_DSA-1144.nasl
trunk/openvas-plugins/scripts/debian_DSA-1145.nasl
trunk/openvas-plugins/scripts/debian_DSA-1146.nasl
trunk/openvas-plugins/scripts/debian_DSA-1147.nasl
trunk/openvas-plugins/scripts/debian_DSA-1148.nasl
trunk/openvas-plugins/scripts/debian_DSA-1149.nasl
trunk/openvas-plugins/scripts/debian_DSA-1150.nasl
trunk/openvas-plugins/scripts/debian_DSA-1151.nasl
trunk/openvas-plugins/scripts/debian_DSA-1152.nasl
trunk/openvas-plugins/scripts/debian_DSA-1153.nasl
trunk/openvas-plugins/scripts/debian_DSA-1154.nasl
trunk/openvas-plugins/scripts/debian_DSA-1155.nasl
trunk/openvas-plugins/scripts/debian_DSA-1156.nasl
trunk/openvas-plugins/scripts/debian_DSA-1157.nasl
trunk/openvas-plugins/scripts/debian_DSA-1158.nasl
trunk/openvas-plugins/scripts/debian_DSA-1159.nasl
trunk/openvas-plugins/scripts/debian_DSA-1160.nasl
trunk/openvas-plugins/scripts/debian_DSA-1161.nasl
trunk/openvas-plugins/scripts/debian_DSA-1162.nasl
trunk/openvas-plugins/scripts/debian_DSA-1163.nasl
trunk/openvas-plugins/scripts/debian_DSA-1164.nasl
trunk/openvas-plugins/scripts/debian_DSA-1165.nasl
trunk/openvas-plugins/scripts/debian_DSA-1166.nasl
trunk/openvas-plugins/scripts/debian_DSA-1167.nasl
trunk/openvas-plugins/scripts/debian_DSA-1168.nasl
trunk/openvas-plugins/scripts/debian_DSA-1169.nasl
trunk/openvas-plugins/scripts/debian_DSA-1170.nasl
trunk/openvas-plugins/scripts/debian_DSA-1171.nasl
trunk/openvas-plugins/scripts/debian_DSA-1172.nasl
trunk/openvas-plugins/scripts/debian_DSA-1173.nasl
trunk/openvas-plugins/scripts/debian_DSA-1174.nasl
trunk/openvas-plugins/scripts/debian_DSA-1175.nasl
trunk/openvas-plugins/scripts/debian_DSA-1176.nasl
trunk/openvas-plugins/scripts/debian_DSA-1177.nasl
trunk/openvas-plugins/scripts/debian_DSA-1178.nasl
trunk/openvas-plugins/scripts/debian_DSA-1179.nasl
trunk/openvas-plugins/scripts/debian_DSA-1180.nasl
trunk/openvas-plugins/scripts/debian_DSA-1181.nasl
trunk/openvas-plugins/scripts/debian_DSA-1182.nasl
trunk/openvas-plugins/scripts/debian_DSA-1183.nasl
trunk/openvas-plugins/scripts/debian_DSA-1184.nasl
trunk/openvas-plugins/scripts/debian_DSA-1185.nasl
trunk/openvas-plugins/scripts/debian_DSA-1186.nasl
trunk/openvas-plugins/scripts/debian_DSA-1187.nasl
trunk/openvas-plugins/scripts/debian_DSA-1188.nasl
trunk/openvas-plugins/scripts/debian_DSA-1189.nasl
trunk/openvas-plugins/scripts/debian_DSA-1190.nasl
trunk/openvas-plugins/scripts/debian_DSA-1191.nasl
trunk/openvas-plugins/scripts/debian_DSA-1192.nasl
trunk/openvas-plugins/scripts/debian_DSA-1193.nasl
trunk/openvas-plugins/scripts/debian_DSA-1194.nasl
trunk/openvas-plugins/scripts/debian_DSA-1195.nasl
trunk/openvas-plugins/scripts/debian_DSA-1196.nasl
trunk/openvas-plugins/scripts/debian_DSA-1197.nasl
trunk/openvas-plugins/scripts/debian_DSA-1198.nasl
trunk/openvas-plugins/scripts/debian_DSA-1199.nasl
Modified:
trunk/openvas-plugins/ChangeLog
Log:
* scripts/debian_DSA-1100.nasl, scripts/debian_DSA-1101.nasl,
scripts/debian_DSA-1102.nasl, scripts/debian_DSA-1103.nasl,
scripts/debian_DSA-1104.nasl, scripts/debian_DSA-1105.nasl,
scripts/debian_DSA-1106.nasl, scripts/debian_DSA-1107.nasl,
scripts/debian_DSA-1108.nasl, scripts/debian_DSA-1109.nasl,
scripts/debian_DSA-1110.nasl, scripts/debian_DSA-1111.nasl,
scripts/debian_DSA-1112.nasl, scripts/debian_DSA-1113.nasl,
scripts/debian_DSA-1114.nasl, scripts/debian_DSA-1115.nasl,
scripts/debian_DSA-1116.nasl, scripts/debian_DSA-1117.nasl,
scripts/debian_DSA-1118.nasl, scripts/debian_DSA-1119.nasl,
scripts/debian_DSA-1120.nasl, scripts/debian_DSA-1121.nasl,
scripts/debian_DSA-1122.nasl, scripts/debian_DSA-1123.nasl,
scripts/debian_DSA-1124.nasl, scripts/debian_DSA-1125.nasl,
scripts/debian_DSA-1126.nasl, scripts/debian_DSA-1127.nasl,
scripts/debian_DSA-1128.nasl, scripts/debian_DSA-1129.nasl,
scripts/debian_DSA-1130.nasl, scripts/debian_DSA-1131.nasl,
scripts/debian_DSA-1132.nasl, scripts/debian_DSA-1133.nasl,
scripts/debian_DSA-1134.nasl, scripts/debian_DSA-1135.nasl,
scripts/debian_DSA-1136.nasl, scripts/debian_DSA-1137.nasl,
scripts/debian_DSA-1138.nasl, scripts/debian_DSA-1139.nasl,
scripts/debian_DSA-1140.nasl, scripts/debian_DSA-1141.nasl,
scripts/debian_DSA-1142.nasl, scripts/debian_DSA-1143.nasl,
scripts/debian_DSA-1144.nasl, scripts/debian_DSA-1145.nasl,
scripts/debian_DSA-1146.nasl, scripts/debian_DSA-1147.nasl,
scripts/debian_DSA-1148.nasl, scripts/debian_DSA-1149.nasl,
scripts/debian_DSA-1150.nasl, scripts/debian_DSA-1151.nasl,
scripts/debian_DSA-1152.nasl, scripts/debian_DSA-1153.nasl,
scripts/debian_DSA-1154.nasl, scripts/debian_DSA-1155.nasl,
scripts/debian_DSA-1156.nasl, scripts/debian_DSA-1157.nasl,
scripts/debian_DSA-1158.nasl, scripts/debian_DSA-1159.nasl,
scripts/debian_DSA-1160.nasl, scripts/debian_DSA-1161.nasl,
scripts/debian_DSA-1162.nasl, scripts/debian_DSA-1163.nasl,
scripts/debian_DSA-1164.nasl, scripts/debian_DSA-1165.nasl,
scripts/debian_DSA-1166.nasl, scripts/debian_DSA-1167.nasl,
scripts/debian_DSA-1168.nasl, scripts/debian_DSA-1169.nasl,
scripts/debian_DSA-1170.nasl, scripts/debian_DSA-1171.nasl,
scripts/debian_DSA-1172.nasl, scripts/debian_DSA-1173.nasl,
scripts/debian_DSA-1174.nasl, scripts/debian_DSA-1175.nasl,
scripts/debian_DSA-1176.nasl, scripts/debian_DSA-1177.nasl,
scripts/debian_DSA-1178.nasl, scripts/debian_DSA-1179.nasl,
scripts/debian_DSA-1180.nasl, scripts/debian_DSA-1181.nasl,
scripts/debian_DSA-1182.nasl, scripts/debian_DSA-1183.nasl,
scripts/debian_DSA-1184.nasl, scripts/debian_DSA-1185.nasl,
scripts/debian_DSA-1186.nasl, scripts/debian_DSA-1187.nasl,
scripts/debian_DSA-1188.nasl, scripts/debian_DSA-1189.nasl,
scripts/debian_DSA-1190.nasl, scripts/debian_DSA-1191.nasl,
scripts/debian_DSA-1192.nasl, scripts/debian_DSA-1193.nasl,
scripts/debian_DSA-1194.nasl, scripts/debian_DSA-1195.nasl,
scripts/debian_DSA-1196.nasl, scripts/debian_DSA-1197.nasl,
scripts/debian_DSA-1198.nasl, scripts/debian_DSA-1199.nasl:
New. Taken from nessus-plugins-2.2.10.
Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/ChangeLog 2007-11-06 12:03:57 UTC (rev 532)
@@ -1,5 +1,59 @@
2007-11-06 Jan-Oliver Wagner <jan-oliver.wagner at intevation.de>
+ * scripts/debian_DSA-1100.nasl, scripts/debian_DSA-1101.nasl,
+ scripts/debian_DSA-1102.nasl, scripts/debian_DSA-1103.nasl,
+ scripts/debian_DSA-1104.nasl, scripts/debian_DSA-1105.nasl,
+ scripts/debian_DSA-1106.nasl, scripts/debian_DSA-1107.nasl,
+ scripts/debian_DSA-1108.nasl, scripts/debian_DSA-1109.nasl,
+ scripts/debian_DSA-1110.nasl, scripts/debian_DSA-1111.nasl,
+ scripts/debian_DSA-1112.nasl, scripts/debian_DSA-1113.nasl,
+ scripts/debian_DSA-1114.nasl, scripts/debian_DSA-1115.nasl,
+ scripts/debian_DSA-1116.nasl, scripts/debian_DSA-1117.nasl,
+ scripts/debian_DSA-1118.nasl, scripts/debian_DSA-1119.nasl,
+ scripts/debian_DSA-1120.nasl, scripts/debian_DSA-1121.nasl,
+ scripts/debian_DSA-1122.nasl, scripts/debian_DSA-1123.nasl,
+ scripts/debian_DSA-1124.nasl, scripts/debian_DSA-1125.nasl,
+ scripts/debian_DSA-1126.nasl, scripts/debian_DSA-1127.nasl,
+ scripts/debian_DSA-1128.nasl, scripts/debian_DSA-1129.nasl,
+ scripts/debian_DSA-1130.nasl, scripts/debian_DSA-1131.nasl,
+ scripts/debian_DSA-1132.nasl, scripts/debian_DSA-1133.nasl,
+ scripts/debian_DSA-1134.nasl, scripts/debian_DSA-1135.nasl,
+ scripts/debian_DSA-1136.nasl, scripts/debian_DSA-1137.nasl,
+ scripts/debian_DSA-1138.nasl, scripts/debian_DSA-1139.nasl,
+ scripts/debian_DSA-1140.nasl, scripts/debian_DSA-1141.nasl,
+ scripts/debian_DSA-1142.nasl, scripts/debian_DSA-1143.nasl,
+ scripts/debian_DSA-1144.nasl, scripts/debian_DSA-1145.nasl,
+ scripts/debian_DSA-1146.nasl, scripts/debian_DSA-1147.nasl,
+ scripts/debian_DSA-1148.nasl, scripts/debian_DSA-1149.nasl,
+ scripts/debian_DSA-1150.nasl, scripts/debian_DSA-1151.nasl,
+ scripts/debian_DSA-1152.nasl, scripts/debian_DSA-1153.nasl,
+ scripts/debian_DSA-1154.nasl, scripts/debian_DSA-1155.nasl,
+ scripts/debian_DSA-1156.nasl, scripts/debian_DSA-1157.nasl,
+ scripts/debian_DSA-1158.nasl, scripts/debian_DSA-1159.nasl,
+ scripts/debian_DSA-1160.nasl, scripts/debian_DSA-1161.nasl,
+ scripts/debian_DSA-1162.nasl, scripts/debian_DSA-1163.nasl,
+ scripts/debian_DSA-1164.nasl, scripts/debian_DSA-1165.nasl,
+ scripts/debian_DSA-1166.nasl, scripts/debian_DSA-1167.nasl,
+ scripts/debian_DSA-1168.nasl, scripts/debian_DSA-1169.nasl,
+ scripts/debian_DSA-1170.nasl, scripts/debian_DSA-1171.nasl,
+ scripts/debian_DSA-1172.nasl, scripts/debian_DSA-1173.nasl,
+ scripts/debian_DSA-1174.nasl, scripts/debian_DSA-1175.nasl,
+ scripts/debian_DSA-1176.nasl, scripts/debian_DSA-1177.nasl,
+ scripts/debian_DSA-1178.nasl, scripts/debian_DSA-1179.nasl,
+ scripts/debian_DSA-1180.nasl, scripts/debian_DSA-1181.nasl,
+ scripts/debian_DSA-1182.nasl, scripts/debian_DSA-1183.nasl,
+ scripts/debian_DSA-1184.nasl, scripts/debian_DSA-1185.nasl,
+ scripts/debian_DSA-1186.nasl, scripts/debian_DSA-1187.nasl,
+ scripts/debian_DSA-1188.nasl, scripts/debian_DSA-1189.nasl,
+ scripts/debian_DSA-1190.nasl, scripts/debian_DSA-1191.nasl,
+ scripts/debian_DSA-1192.nasl, scripts/debian_DSA-1193.nasl,
+ scripts/debian_DSA-1194.nasl, scripts/debian_DSA-1195.nasl,
+ scripts/debian_DSA-1196.nasl, scripts/debian_DSA-1197.nasl,
+ scripts/debian_DSA-1198.nasl, scripts/debian_DSA-1199.nasl:
+ New. Taken from nessus-plugins-2.2.10.
+
+2007-11-06 Jan-Oliver Wagner <jan-oliver.wagner at intevation.de>
+
* scripts/debian_DSA-1000.nasl, scripts/debian_DSA-1001.nasl,
scripts/debian_DSA-1002.nasl, scripts/debian_DSA-1003.nasl,
scripts/debian_DSA-1004.nasl, scripts/debian_DSA-1005.nasl,
Added: trunk/openvas-plugins/scripts/debian_DSA-1100.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1100.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1100.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,56 @@
+# This script was automatically generated from the dsa-1100
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+A boundary checking error has been discovered in wv2, a library for
+accessing Microsoft Word documents, which can lead to an integer
+overflow induced by processing word files.
+The old stable distribution (woody) does not contain wv2 packages.
+For the stable distribution (sarge) this problem has been fixed in
+version 0.2.2-1sarge1
+For the unstable distribution (sid) this problem will be fixed soon.
+We recommend that you upgrade your libwv packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1100
+Risk factor : High';
+
+if (description) {
+ script_id(22642);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1100");
+ script_cve_id("CVE-2006-2197");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1100] DSA-1100-1 wv2");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1100-1 wv2");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'libwv2-1', release: '3.1', reference: '0.2.2-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libwv2-1 is vulnerable in Debian 3.1.\nUpgrade to libwv2-1_0.2.2-1sarge1\n');
+}
+if (deb_check(prefix: 'libwv2-dev', release: '3.1', reference: '0.2.2-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libwv2-dev is vulnerable in Debian 3.1.\nUpgrade to libwv2-dev_0.2.2-1sarge1\n');
+}
+if (deb_check(prefix: 'wv2', release: '3.1', reference: '0.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package wv2 is vulnerable in Debian sarge.\nUpgrade to wv2_0.2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1101.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1101.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1101.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,189 @@
+# This script was automatically generated from the dsa-1101
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+A bug has been discovered in the Courier Mail Server that can result
+in a number of processes to consume arbitrary amounts of CPU power.
+For the old stable distribution (woody) this problem has been fixed in
+version 0.37.3-2.9.
+For the stable distribution (sarge) this problem has been fixed in
+version 0.47-4sarge5.
+For the unstable distribution (sid) this problem has been fixed in
+version 0.53.2-1.
+We recommend that you upgrade your courier packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1101
+Risk factor : High';
+
+if (description) {
+ script_id(22643);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1101");
+ script_cve_id("CVE-2006-2659");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1101] DSA-1101-1 courier");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1101-1 courier");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'courier-authdaemon', release: '3.0', reference: '0.37.3-2.9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-authdaemon is vulnerable in Debian 3.0.\nUpgrade to courier-authdaemon_0.37.3-2.9\n');
+}
+if (deb_check(prefix: 'courier-authmysql', release: '3.0', reference: '0.37.3-2.9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-authmysql is vulnerable in Debian 3.0.\nUpgrade to courier-authmysql_0.37.3-2.9\n');
+}
+if (deb_check(prefix: 'courier-base', release: '3.0', reference: '0.37.3-2.9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-base is vulnerable in Debian 3.0.\nUpgrade to courier-base_0.37.3-2.9\n');
+}
+if (deb_check(prefix: 'courier-debug', release: '3.0', reference: '0.37.3-2.9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-debug is vulnerable in Debian 3.0.\nUpgrade to courier-debug_0.37.3-2.9\n');
+}
+if (deb_check(prefix: 'courier-doc', release: '3.0', reference: '0.37.3-2.9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-doc is vulnerable in Debian 3.0.\nUpgrade to courier-doc_0.37.3-2.9\n');
+}
+if (deb_check(prefix: 'courier-imap', release: '3.0', reference: '1.4.3-2.9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-imap is vulnerable in Debian 3.0.\nUpgrade to courier-imap_1.4.3-2.9\n');
+}
+if (deb_check(prefix: 'courier-ldap', release: '3.0', reference: '0.37.3-2.9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-ldap is vulnerable in Debian 3.0.\nUpgrade to courier-ldap_0.37.3-2.9\n');
+}
+if (deb_check(prefix: 'courier-maildrop', release: '3.0', reference: '0.37.3-2.9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-maildrop is vulnerable in Debian 3.0.\nUpgrade to courier-maildrop_0.37.3-2.9\n');
+}
+if (deb_check(prefix: 'courier-mlm', release: '3.0', reference: '0.37.3-2.9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-mlm is vulnerable in Debian 3.0.\nUpgrade to courier-mlm_0.37.3-2.9\n');
+}
+if (deb_check(prefix: 'courier-mta', release: '3.0', reference: '0.37.3-2.9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-mta is vulnerable in Debian 3.0.\nUpgrade to courier-mta_0.37.3-2.9\n');
+}
+if (deb_check(prefix: 'courier-pcp', release: '3.0', reference: '0.37.3-2.9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-pcp is vulnerable in Debian 3.0.\nUpgrade to courier-pcp_0.37.3-2.9\n');
+}
+if (deb_check(prefix: 'courier-pop', release: '3.0', reference: '0.37.3-2.9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-pop is vulnerable in Debian 3.0.\nUpgrade to courier-pop_0.37.3-2.9\n');
+}
+if (deb_check(prefix: 'courier-webadmin', release: '3.0', reference: '0.37.3-2.9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-webadmin is vulnerable in Debian 3.0.\nUpgrade to courier-webadmin_0.37.3-2.9\n');
+}
+if (deb_check(prefix: 'sqwebmail', release: '3.0', reference: '0.37.3-2.9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package sqwebmail is vulnerable in Debian 3.0.\nUpgrade to sqwebmail_0.37.3-2.9\n');
+}
+if (deb_check(prefix: 'courier-authdaemon', release: '3.1', reference: '0.47-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-authdaemon is vulnerable in Debian 3.1.\nUpgrade to courier-authdaemon_0.47-4sarge5\n');
+}
+if (deb_check(prefix: 'courier-authmysql', release: '3.1', reference: '0.47-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-authmysql is vulnerable in Debian 3.1.\nUpgrade to courier-authmysql_0.47-4sarge5\n');
+}
+if (deb_check(prefix: 'courier-authpostgresql', release: '3.1', reference: '0.47-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-authpostgresql is vulnerable in Debian 3.1.\nUpgrade to courier-authpostgresql_0.47-4sarge5\n');
+}
+if (deb_check(prefix: 'courier-base', release: '3.1', reference: '0.47-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-base is vulnerable in Debian 3.1.\nUpgrade to courier-base_0.47-4sarge5\n');
+}
+if (deb_check(prefix: 'courier-doc', release: '3.1', reference: '0.47-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-doc is vulnerable in Debian 3.1.\nUpgrade to courier-doc_0.47-4sarge5\n');
+}
+if (deb_check(prefix: 'courier-faxmail', release: '3.1', reference: '0.47-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-faxmail is vulnerable in Debian 3.1.\nUpgrade to courier-faxmail_0.47-4sarge5\n');
+}
+if (deb_check(prefix: 'courier-imap', release: '3.1', reference: '3.0.8-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-imap is vulnerable in Debian 3.1.\nUpgrade to courier-imap_3.0.8-4sarge5\n');
+}
+if (deb_check(prefix: 'courier-imap-ssl', release: '3.1', reference: '3.0.8-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-imap-ssl is vulnerable in Debian 3.1.\nUpgrade to courier-imap-ssl_3.0.8-4sarge5\n');
+}
+if (deb_check(prefix: 'courier-ldap', release: '3.1', reference: '0.47-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-ldap is vulnerable in Debian 3.1.\nUpgrade to courier-ldap_0.47-4sarge5\n');
+}
+if (deb_check(prefix: 'courier-maildrop', release: '3.1', reference: '0.47-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-maildrop is vulnerable in Debian 3.1.\nUpgrade to courier-maildrop_0.47-4sarge5\n');
+}
+if (deb_check(prefix: 'courier-mlm', release: '3.1', reference: '0.47-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-mlm is vulnerable in Debian 3.1.\nUpgrade to courier-mlm_0.47-4sarge5\n');
+}
+if (deb_check(prefix: 'courier-mta', release: '3.1', reference: '0.47-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-mta is vulnerable in Debian 3.1.\nUpgrade to courier-mta_0.47-4sarge5\n');
+}
+if (deb_check(prefix: 'courier-mta-ssl', release: '3.1', reference: '0.47-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-mta-ssl is vulnerable in Debian 3.1.\nUpgrade to courier-mta-ssl_0.47-4sarge5\n');
+}
+if (deb_check(prefix: 'courier-pcp', release: '3.1', reference: '0.47-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-pcp is vulnerable in Debian 3.1.\nUpgrade to courier-pcp_0.47-4sarge5\n');
+}
+if (deb_check(prefix: 'courier-pop', release: '3.1', reference: '0.47-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-pop is vulnerable in Debian 3.1.\nUpgrade to courier-pop_0.47-4sarge5\n');
+}
+if (deb_check(prefix: 'courier-pop-ssl', release: '3.1', reference: '0.47-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-pop-ssl is vulnerable in Debian 3.1.\nUpgrade to courier-pop-ssl_0.47-4sarge5\n');
+}
+if (deb_check(prefix: 'courier-ssl', release: '3.1', reference: '0.47-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-ssl is vulnerable in Debian 3.1.\nUpgrade to courier-ssl_0.47-4sarge5\n');
+}
+if (deb_check(prefix: 'courier-webadmin', release: '3.1', reference: '0.47-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier-webadmin is vulnerable in Debian 3.1.\nUpgrade to courier-webadmin_0.47-4sarge5\n');
+}
+if (deb_check(prefix: 'sqwebmail', release: '3.1', reference: '0.47-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package sqwebmail is vulnerable in Debian 3.1.\nUpgrade to sqwebmail_0.47-4sarge5\n');
+}
+if (deb_check(prefix: 'courier', release: '4.0', reference: '0.53.2-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier is vulnerable in Debian 4.0.\nUpgrade to courier_0.53.2-1\n');
+}
+if (deb_check(prefix: 'courier', release: '3.1', reference: '0.47-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier is vulnerable in Debian sarge.\nUpgrade to courier_0.47-4sarge5\n');
+}
+if (deb_check(prefix: 'courier', release: '3.0', reference: '0.37.3-2.9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package courier is vulnerable in Debian woody.\nUpgrade to courier_0.37.3-2.9\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1102.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1102.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1102.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,65 @@
+# This script was automatically generated from the dsa-1102
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Steve Kemp from the Debian Security Audit project discovered that
+pinball, a pinball simulator, can be tricked into loading level
+plugins from user-controlled directories without dropping privileges.
+The old stable distribution (woody) does not contain this package.
+For the stable distribution (sarge) this problem has been fixed in
+version 0.3.1-3sarge1.
+For the unstable distribution (sid) this problem has been fixed in
+version 0.3.1-6.
+We recommend that you upgrade your pinball package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1102
+Risk factor : High';
+
+if (description) {
+ script_id(22644);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1102");
+ script_cve_id("CVE-2006-2196");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1102] DSA-1102-1 pinball");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1102-1 pinball");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'pinball', release: '3.1', reference: '0.3.1-3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package pinball is vulnerable in Debian 3.1.\nUpgrade to pinball_0.3.1-3sarge1\n');
+}
+if (deb_check(prefix: 'pinball-data', release: '3.1', reference: '0.3.1-3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package pinball-data is vulnerable in Debian 3.1.\nUpgrade to pinball-data_0.3.1-3sarge1\n');
+}
+if (deb_check(prefix: 'pinball-dev', release: '3.1', reference: '0.3.1-3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package pinball-dev is vulnerable in Debian 3.1.\nUpgrade to pinball-dev_0.3.1-3sarge1\n');
+}
+if (deb_check(prefix: 'pinball', release: '4.0', reference: '0.3.1-6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package pinball is vulnerable in Debian 4.0.\nUpgrade to pinball_0.3.1-6\n');
+}
+if (deb_check(prefix: 'pinball', release: '3.1', reference: '0.3.1-3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package pinball is vulnerable in Debian sarge.\nUpgrade to pinball_0.3.1-3sarge1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1103.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1103.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1103.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,387 @@
+# This script was automatically generated from the dsa-1103
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Several local and remote vulnerabilities have been discovered in the Linux
+kernel that may lead to a denial of service or the execution of arbitrary
+code. The Common Vulnerabilities and Exposures project identifies the
+following problems:
+ Franz Filz discovered that some socket calls permit causing inconsistent
+ reference counts on loadable modules, which allows local users to cause
+ a denial of service.
+ "Solar Designer" discovered that arithmetic computations in netfilter\'s
+ do_replace() function can lead to a buffer overflow and the execution of
+ arbitrary code. However, the operation requires CAP_NET_ADMIN privileges,
+ which is only an issue in virtualization systems or fine grained access
+ control systems.
+ "Solar Designer" discovered a race condition in netfilter\'s
+ do_add_counters() function, which allows information disclosure of kernel
+ memory by exploiting a race condition. Likewise, it requires CAP_NET_ADMIN
+ privileges.
+ David Howells discovered that the s390 assembly version of the
+ strnlen_user() function incorrectly returns some string size values.
+ It was discovered that the ftruncate() function of XFS can expose
+ unallocated blocks, which allows information disclosure of previously deleted
+ files.
+ It was discovered that some NFS file operations on handles mounted with
+ O_DIRECT can force the kernel into a crash.
+ It was discovered that the code to configure memory policies allows
+ tricking the kernel into a crash, thus allowing denial of service.
+ It was discovered by Cliff Wickman that perfmon for the IA64
+ architecture allows users to trigger a BUG() assert, which allows
+ denial of service.
+ Intel EM64T systems were discovered to be susceptible to a local
+ DoS due to an endless recursive fault related to a bad ELF entry
+ address.
+ Alan and Gareth discovered that the ia64 platform had an
+ incorrectly declared die_if_kernel() function as "does never
+ return" which could be exploited by a local attacker resulting in
+ a kernel crash.
+ The Linux kernel did not properly handle uncanonical return
+ addresses on Intel EM64T CPUs, reporting exceptions in the SYSRET
+ instead of the next instruction, causing the kernel exception
+ handler to run on the user stack with the wrong GS. This may result
+ in a DoS due to a local user changing the frames.
+ AMD64 machines (and other 7th and 8th generation AuthenticAMD
+ processors) were found to be vulnerable to sensitive information
+ leakage, due to how they handle saving and restoring the FOP, FIP,
+ and FDP x87 registers in FXSAVE/FXRSTOR when an exception is
+ pending. This allows a process to determine portions of the state
+ of floating point instructions of other processes.
+ Marco Ivaldi discovered that there was an unintended information
+ disclosure allowing remote attackers to bypass protections against
+ Idle Scans (nmap -sI) by abusing the ID field of IP packets and
+ bypassing the zero IP ID in DF packet countermeasure. This was a
+ result of the ip
+[...]
+
+Solution : http://www.debian.org/security/2006/dsa-1103
+Risk factor : High';
+
+if (description) {
+ script_id(22645);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1103");
+ script_cve_id("CVE-2005-3359", "CVE-2006-0038", "CVE-2006-0039", "CVE-2006-0456", "CVE-2006-0554", "CVE-2006-0555", "CVE-2006-0557");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1103] DSA-1103-1 kernel-source-2.6.8");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1103-1 kernel-source-2.6.8");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'kernel-build-2.6.8-3', release: '3.1', reference: '2.6.8-15sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-3 is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-3_2.6.8-15sarge3\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-3-power3', release: '3.1', reference: '2.6.8-12sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-3-power3 is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-3-power3_2.6.8-12sarge3\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-3-power3-smp', release: '3.1', reference: '2.6.8-12sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-3-power3-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-3-power3-smp_2.6.8-12sarge3\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-3-power4', release: '3.1', reference: '2.6.8-12sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-3-power4 is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-3-power4_2.6.8-12sarge3\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-3-power4-smp', release: '3.1', reference: '2.6.8-12sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-3-power4-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-3-power4-smp_2.6.8-12sarge3\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-3-powerpc', release: '3.1', reference: '2.6.8-12sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-3-powerpc is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-3-powerpc_2.6.8-12sarge3\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-3-powerpc-smp', release: '3.1', reference: '2.6.8-12sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-3-powerpc-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-3-powerpc-smp_2.6.8-12sarge3\n');
+}
+if (deb_check(prefix: 'kernel-doc-2.6.8', release: '3.1', reference: '2.6.8-16sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-doc-2.6.8 is vulnerable in Debian 3.1.\nUpgrade to kernel-doc-2.6.8_2.6.8-16sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6-itanium', release: '3.1', reference: '2.6.8-14sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6-itanium is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6-itanium_2.6.8-14sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6-itanium-smp', release: '3.1', reference: '2.6.8-14sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6-itanium-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6-itanium-smp_2.6.8-14sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6-mckinley', release: '3.1', reference: '2.6.8-14sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6-mckinley is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6-mckinley_2.6.8-14sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6-mckinley-smp', release: '3.1', reference: '2.6.8-14sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6-mckinley-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6-mckinley-smp_2.6.8-14sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3', release: '3.1', reference: '2.6.8-15sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3_2.6.8-15sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-32', release: '3.1', reference: '2.6.8-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-32 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-32_2.6.8-6sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-32-smp', release: '3.1', reference: '2.6.8-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-32-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-32-smp_2.6.8-6sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-386', release: '3.1', reference: '2.6.8-16sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-386 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-386_2.6.8-16sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-64', release: '3.1', reference: '2.6.8-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-64 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-64_2.6.8-6sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-64-smp', release: '3.1', reference: '2.6.8-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-64-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-64-smp_2.6.8-6sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-686', release: '3.1', reference: '2.6.8-16sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-686 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-686_2.6.8-16sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-686-smp', release: '3.1', reference: '2.6.8-16sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-686-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-686-smp_2.6.8-16sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-generic', release: '3.1', reference: '2.6.8-16sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-generic is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-generic_2.6.8-16sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-itanium', release: '3.1', reference: '2.6.8-14sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-itanium is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-itanium_2.6.8-14sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-itanium-smp', release: '3.1', reference: '2.6.8-14sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-itanium-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-itanium-smp_2.6.8-14sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-k7', release: '3.1', reference: '2.6.8-16sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-k7 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-k7_2.6.8-16sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-k7-smp', release: '3.1', reference: '2.6.8-16sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-k7-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-k7-smp_2.6.8-16sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-mckinley', release: '3.1', reference: '2.6.8-14sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-mckinley is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-mckinley_2.6.8-14sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-mckinley-smp', release: '3.1', reference: '2.6.8-14sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-mckinley-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-mckinley-smp_2.6.8-14sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-smp', release: '3.1', reference: '2.6.8-16sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-smp_2.6.8-16sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-sparc32', release: '3.1', reference: '2.6.8-15sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-sparc32 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-sparc32_2.6.8-15sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-sparc64', release: '3.1', reference: '2.6.8-15sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-sparc64 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-sparc64_2.6.8-15sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-sparc64-smp', release: '3.1', reference: '2.6.8-15sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-sparc64-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-sparc64-smp_2.6.8-15sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6-itanium', release: '3.1', reference: '2.6.8-14sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6-itanium is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6-itanium_2.6.8-14sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6-itanium-smp', release: '3.1', reference: '2.6.8-14sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6-itanium-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6-itanium-smp_2.6.8-14sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6-mckinley', release: '3.1', reference: '2.6.8-14sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6-mckinley is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6-mckinley_2.6.8-14sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6-mckinley-smp', release: '3.1', reference: '2.6.8-14sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6-mckinley-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6-mckinley-smp_2.6.8-14sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-32', release: '3.1', reference: '2.6.8-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-32 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-32_2.6.8-6sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-32-smp', release: '3.1', reference: '2.6.8-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-32-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-32-smp_2.6.8-6sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-386', release: '3.1', reference: '2.6.8-16sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-386 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-386_2.6.8-16sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-64', release: '3.1', reference: '2.6.8-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-64 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-64_2.6.8-6sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-64-smp', release: '3.1', reference: '2.6.8-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-64-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-64-smp_2.6.8-6sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-686', release: '3.1', reference: '2.6.8-16sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-686 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-686_2.6.8-16sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-686-smp', release: '3.1', reference: '2.6.8-16sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-686-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-686-smp_2.6.8-16sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-generic', release: '3.1', reference: '2.6.8-16sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-generic is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-generic_2.6.8-16sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-itanium', release: '3.1', reference: '2.6.8-14sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-itanium is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-itanium_2.6.8-14sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-itanium-smp', release: '3.1', reference: '2.6.8-14sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-itanium-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-itanium-smp_2.6.8-14sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-k7', release: '3.1', reference: '2.6.8-16sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-k7 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-k7_2.6.8-16sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-k7-smp', release: '3.1', reference: '2.6.8-16sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-k7-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-k7-smp_2.6.8-16sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-mckinley', release: '3.1', reference: '2.6.8-14sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-mckinley is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-mckinley_2.6.8-14sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-mckinley-smp', release: '3.1', reference: '2.6.8-14sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-mckinley-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-mckinley-smp_2.6.8-14sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-power3', release: '3.1', reference: '2.6.8-12sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-power3 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-power3_2.6.8-12sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-power3-smp', release: '3.1', reference: '2.6.8-12sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-power3-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-power3-smp_2.6.8-12sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-power4', release: '3.1', reference: '2.6.8-12sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-power4 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-power4_2.6.8-12sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-power4-smp', release: '3.1', reference: '2.6.8-12sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-power4-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-power4-smp_2.6.8-12sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-powerpc', release: '3.1', reference: '2.6.8-12sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-powerpc is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-powerpc_2.6.8-12sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-powerpc-smp', release: '3.1', reference: '2.6.8-12sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-powerpc-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-powerpc-smp_2.6.8-12sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-s390', release: '3.1', reference: '2.6.8-5sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-s390 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-s390_2.6.8-5sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-s390-tape', release: '3.1', reference: '2.6.8-5sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-s390-tape is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-s390-tape_2.6.8-5sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-s390x', release: '3.1', reference: '2.6.8-5sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-s390x is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-s390x_2.6.8-5sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-smp', release: '3.1', reference: '2.6.8-16sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-smp_2.6.8-16sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-sparc32', release: '3.1', reference: '2.6.8-15sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-sparc32 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-sparc32_2.6.8-15sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-sparc64', release: '3.1', reference: '2.6.8-15sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-sparc64 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-sparc64_2.6.8-15sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-sparc64-smp', release: '3.1', reference: '2.6.8-15sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-sparc64-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-sparc64-smp_2.6.8-15sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-amiga', release: '3.1', reference: '2.6.8-4sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-amiga is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-amiga_2.6.8-4sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-atari', release: '3.1', reference: '2.6.8-4sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-atari is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-atari_2.6.8-4sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-bvme6000', release: '3.1', reference: '2.6.8-4sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-bvme6000 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-bvme6000_2.6.8-4sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-hp', release: '3.1', reference: '2.6.8-4sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-hp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-hp_2.6.8-4sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-mac', release: '3.1', reference: '2.6.8-4sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-mac is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-mac_2.6.8-4sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-mvme147', release: '3.1', reference: '2.6.8-4sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-mvme147 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-mvme147_2.6.8-4sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-mvme16x', release: '3.1', reference: '2.6.8-4sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-mvme16x is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-mvme16x_2.6.8-4sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-q40', release: '3.1', reference: '2.6.8-4sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-q40 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-q40_2.6.8-4sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-sun3', release: '3.1', reference: '2.6.8-4sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-sun3 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-sun3_2.6.8-4sarge3\n');
+}
+if (deb_check(prefix: 'kernel-patch-2.6.8-s390', release: '3.1', reference: '2.6.8-5sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-patch-2.6.8-s390 is vulnerable in Debian 3.1.\nUpgrade to kernel-patch-2.6.8-s390_2.6.8-5sarge3\n');
+}
+if (deb_check(prefix: 'kernel-patch-debian-2.6.8', release: '3.1', reference: '2.6.8-16sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-patch-debian-2.6.8 is vulnerable in Debian 3.1.\nUpgrade to kernel-patch-debian-2.6.8_2.6.8-16sarge3\n');
+}
+if (deb_check(prefix: 'kernel-source-2.6.8', release: '3.1', reference: '2.6.8-16sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-source-2.6.8 is vulnerable in Debian 3.1.\nUpgrade to kernel-source-2.6.8_2.6.8-16sarge3\n');
+}
+if (deb_check(prefix: 'kernel-tree-2.6.8', release: '3.1', reference: '2.6.8-16sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-tree-2.6.8 is vulnerable in Debian 3.1.\nUpgrade to kernel-tree-2.6.8_2.6.8-16sarge3\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1104.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1104.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1104.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,265 @@
+# This script was automatically generated from the dsa-1104
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Loading malformed XML documents can cause buffer overflows in
+OpenOffice.org, a free office suite, and cause a denial of service or
+execute arbitrary code. It turned out that the correction in DSA
+1104-1 was not sufficient, hence, another update. For completeness
+please find the original advisory text below:
+Several vulnerabilities have been discovered in OpenOffice.org, a free
+office suite. The Common Vulnerabilities and Exposures Project
+identifies the following problems:
+ It turned out to be possible to embed arbitrary BASIC macros in
+ documents in a way that OpenOffice.org does not see them but
+ executes them anyway without any user interaction.
+ It is possible to evade the Java sandbox with specially crafted
+ Java applets.
+ Loading malformed XML documents can cause buffer overflows and
+ cause a denial of service or execute arbitrary code.
+This update has the Mozilla component disabled, so that the
+Mozilla/LDAP addressbook feature won\'t work anymore. It didn\'t work on
+anything else than i386 on sarge either.
+The old stable distribution (woody) does not contain OpenOffice.org
+packages.
+For the stable distribution (sarge) this problem has been fixed in
+version 1.1.3-9sarge3.
+For the unstable distribution (sid) this problem has been fixed in
+version 2.0.3-1.
+We recommend that you upgrade your OpenOffice.org packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1104
+Risk factor : High';
+
+if (description) {
+ script_id(22646);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1104");
+ script_cve_id("CVE-2006-2198", "CVE-2006-2199", "CVE-2006-3117");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1104] DSA-1104-2 openoffice.org");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1104-2 openoffice.org");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'openoffice.org', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org is vulnerable in Debian 3.1.\nUpgrade to openoffice.org_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-bin', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-bin is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-bin_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-dev', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-dev is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-dev_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-evolution', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-evolution is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-evolution_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-gtk-gnome', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-gtk-gnome is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-gtk-gnome_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-kde', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-kde is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-kde_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-af', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-af is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-af_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-ar', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-ar is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-ar_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-ca', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-ca is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-ca_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-cs', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-cs is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-cs_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-cy', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-cy is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-cy_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-da', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-da is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-da_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-de', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-de is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-de_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-el', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-el is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-el_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-en', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-en is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-en_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-es', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-es is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-es_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-et', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-et is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-et_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-eu', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-eu is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-eu_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-fi', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-fi is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-fi_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-fr', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-fr is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-fr_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-gl', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-gl is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-gl_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-he', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-he is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-he_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-hi', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-hi is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-hi_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-hu', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-hu is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-hu_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-it', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-it is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-it_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-ja', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-ja is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-ja_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-kn', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-kn is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-kn_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-ko', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-ko is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-ko_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-lt', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-lt is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-lt_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-nb', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-nb is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-nb_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-nl', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-nl is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-nl_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-nn', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-nn is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-nn_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-ns', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-ns is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-ns_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-pl', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-pl is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-pl_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-pt', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-pt is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-pt_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-pt-br', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-pt-br is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-pt-br_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-ru', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-ru is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-ru_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-sk', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-sk is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-sk_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-sl', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-sl is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-sl_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-sv', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-sv is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-sv_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-th', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-th is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-th_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-tn', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-tn is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-tn_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-tr', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-tr is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-tr_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-zh-cn', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-zh-cn is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-zh-cn_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-zh-tw', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-zh-tw is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-zh-tw_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-l10n-zu', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-l10n-zu is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-l10n-zu_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-mimelnk', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-mimelnk is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-mimelnk_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org-thesaurus-en-us', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org-thesaurus-en-us is vulnerable in Debian 3.1.\nUpgrade to openoffice.org-thesaurus-en-us_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'ttf-opensymbol', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ttf-opensymbol is vulnerable in Debian 3.1.\nUpgrade to ttf-opensymbol_1.1.3-9sarge3\n');
+}
+if (deb_check(prefix: 'openoffice.org', release: '4.0', reference: '2.0.3-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org is vulnerable in Debian 4.0.\nUpgrade to openoffice.org_2.0.3-1\n');
+}
+if (deb_check(prefix: 'openoffice.org', release: '3.1', reference: '1.1.3-9sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openoffice.org is vulnerable in Debian sarge.\nUpgrade to openoffice.org_1.1.3-9sarge3\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1105.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1105.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1105.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,75 @@
+# This script was automatically generated from the dsa-1105
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Federico L. Bossi Bonin discovered a buffer overflow in the HTTP
+Plugin in xine-lib, the xine video/media player library, that could
+allow a remote attacker to cause a denial of service.
+For the old stable distribution (woody) this problem has been fixed in
+version 0.9.8-2woody5.
+For the stable distribution (sarge) this problem has been fixed in
+version 1.0.1-1sarge3.
+For the unstable distribution (sid) this problem has been fixed in
+version 1.1.1-2.
+We recommend that you upgrade your libxine packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1105
+Risk factor : High';
+
+if (description) {
+ script_id(22647);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1105");
+ script_cve_id("CVE-2006-2802");
+ script_bugtraq_id(18187);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1105] DSA-1105-1 xine-lib");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1105-1 xine-lib");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'libxine-dev', release: '3.0', reference: '0.9.8-2woody5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxine-dev is vulnerable in Debian 3.0.\nUpgrade to libxine-dev_0.9.8-2woody5\n');
+}
+if (deb_check(prefix: 'libxine0', release: '3.0', reference: '0.9.8-2woody5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxine0 is vulnerable in Debian 3.0.\nUpgrade to libxine0_0.9.8-2woody5\n');
+}
+if (deb_check(prefix: 'libxine-dev', release: '3.1', reference: '1.0.1-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxine-dev is vulnerable in Debian 3.1.\nUpgrade to libxine-dev_1.0.1-1sarge3\n');
+}
+if (deb_check(prefix: 'libxine1', release: '3.1', reference: '1.0.1-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxine1 is vulnerable in Debian 3.1.\nUpgrade to libxine1_1.0.1-1sarge3\n');
+}
+if (deb_check(prefix: 'xine-lib', release: '4.0', reference: '1.1.1-2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xine-lib is vulnerable in Debian 4.0.\nUpgrade to xine-lib_1.1.1-2\n');
+}
+if (deb_check(prefix: 'xine-lib', release: '3.1', reference: '1.0.1-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xine-lib is vulnerable in Debian sarge.\nUpgrade to xine-lib_1.0.1-1sarge3\n');
+}
+if (deb_check(prefix: 'xine-lib', release: '3.0', reference: '0.9.8-2woody5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xine-lib is vulnerable in Debian woody.\nUpgrade to xine-lib_0.9.8-2woody5\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1106.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1106.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1106.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,61 @@
+# This script was automatically generated from the dsa-1106
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Marcus Meissner discovered that the winbind plugin in pppd does not
+check whether a setuid() call has been successful when trying to drop
+privileges, which may fail with some PAM configurations.
+The old stable distribution (woody) is not affected by this problem.
+For the stable distribution (sarge) this problem has been fixed in
+version 2.4.3-20050321+2sarge1.
+For the unstable distribution (sid) this problem has been fixed in
+version 2.4.4rel-1.
+We recommend that you upgrade your ppp package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1106
+Risk factor : High';
+
+if (description) {
+ script_id(22648);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1106");
+ script_cve_id("CVE-2006-2194");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1106] DSA-1106-1 ppp");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1106-1 ppp");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'ppp', release: '3.1', reference: '2.4.3-20050321+2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ppp is vulnerable in Debian 3.1.\nUpgrade to ppp_2.4.3-20050321+2sarge1\n');
+}
+if (deb_check(prefix: 'ppp-dev', release: '3.1', reference: '2.4.3-20050321+2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ppp-dev is vulnerable in Debian 3.1.\nUpgrade to ppp-dev_2.4.3-20050321+2sarge1\n');
+}
+if (deb_check(prefix: 'ppp', release: '4.0', reference: '2.4.4rel-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ppp is vulnerable in Debian 4.0.\nUpgrade to ppp_2.4.4rel-1\n');
+}
+if (deb_check(prefix: 'ppp', release: '3.1', reference: '2.4.3-20050321+2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ppp is vulnerable in Debian sarge.\nUpgrade to ppp_2.4.3-20050321+2sarge1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1107.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1107.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1107.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,67 @@
+# This script was automatically generated from the dsa-1107
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Evgeny Legerov discovered that gnupg, the GNU privacy guard, a free
+PGP replacement contains an integer overflow that can cause a
+segmentation fault and possibly overwrite memory via a large user ID
+string.
+For the old stable distribution (woody) this problem has been fixed in
+version 1.0.6-4woody6.
+For the stable distribution (sarge) this problem has been fixed in
+version 1.4.1-1.sarge4.
+For the unstable distribution (sid) this problem has been fixed in
+version 1.4.3-2.
+We recommend that you upgrade your gnupg package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1107
+Risk factor : High';
+
+if (description) {
+ script_id(22649);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1107");
+ script_cve_id("CVE-2006-3082");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1107] DSA-1107-1 gnupg");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1107-1 gnupg");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'gnupg', release: '3.0', reference: '1.0.6-4woody6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gnupg is vulnerable in Debian 3.0.\nUpgrade to gnupg_1.0.6-4woody6\n');
+}
+if (deb_check(prefix: 'gnupg', release: '3.1', reference: '1.4.1-1.sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gnupg is vulnerable in Debian 3.1.\nUpgrade to gnupg_1.4.1-1.sarge4\n');
+}
+if (deb_check(prefix: 'gnupg', release: '4.0', reference: '1.4.3-2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gnupg is vulnerable in Debian 4.0.\nUpgrade to gnupg_1.4.3-2\n');
+}
+if (deb_check(prefix: 'gnupg', release: '3.1', reference: '1.4.1-1.sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gnupg is vulnerable in Debian sarge.\nUpgrade to gnupg_1.4.1-1.sarge4\n');
+}
+if (deb_check(prefix: 'gnupg', release: '3.0', reference: '1.0.6-4woody6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gnupg is vulnerable in Debian woody.\nUpgrade to gnupg_1.0.6-4woody6\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1108.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1108.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1108.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,56 @@
+# This script was automatically generated from the dsa-1108
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+It was discovered that the mutt mail reader performs insufficient
+validation of values returned from an IMAP server, which might overflow
+a buffer and potentially lead to the injection of arbitrary code.
+For the stable distribution (sarge) this problem has been fixed in
+version 1.5.9-2sarge2.
+For the unstable distribution (sid) this problem has been fixed in
+version 1.5.11+cvs20060403-2.
+We recommend that you upgrade your mutt package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1108
+Risk factor : High';
+
+if (description) {
+ script_id(22650);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1108");
+ script_cve_id("CVE-2006-3242");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1108] DSA-1108-1 mutt");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1108-1 mutt");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'mutt', release: '3.1', reference: '1.5.9-2sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mutt is vulnerable in Debian 3.1.\nUpgrade to mutt_1.5.9-2sarge2\n');
+}
+if (deb_check(prefix: 'mutt', release: '4.0', reference: '1.5.11+cvs20060403-2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mutt is vulnerable in Debian 4.0.\nUpgrade to mutt_1.5.11+cvs20060403-2\n');
+}
+if (deb_check(prefix: 'mutt', release: '3.1', reference: '1.5.9-2sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mutt is vulnerable in Debian sarge.\nUpgrade to mutt_1.5.9-2sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1109.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1109.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1109.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,56 @@
+# This script was automatically generated from the dsa-1109
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Russ Allbery discovered that rssh, a restricted shell, performs
+insufficient checking of incoming commands, which might lead to a bypass
+of access restrictions.
+For the stable distribution (sarge) this problem has been fixed in
+version 2.2.3-1.sarge.2.
+For the unstable distribution (sid) this problem has been fixed in
+version 2.3.0-1.1.
+We recommend that you upgrade your rssh package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1109
+Risk factor : High';
+
+if (description) {
+ script_id(22651);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1109");
+ script_cve_id("CVE-2006-1320");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1109] DSA-1109-1 rssh");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1109-1 rssh");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'rssh', release: '3.1', reference: '2.2.3-1.sarge.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package rssh is vulnerable in Debian 3.1.\nUpgrade to rssh_2.2.3-1.sarge.2\n');
+}
+if (deb_check(prefix: 'rssh', release: '4.0', reference: '2.3.0-1.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package rssh is vulnerable in Debian 4.0.\nUpgrade to rssh_2.3.0-1.1\n');
+}
+if (deb_check(prefix: 'rssh', release: '3.1', reference: '2.2.3-1.sarge.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package rssh is vulnerable in Debian sarge.\nUpgrade to rssh_2.2.3-1.sarge.2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1110.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1110.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1110.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,97 @@
+# This script was automatically generated from the dsa-1110
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Gerald Carter discovered that the smbd daemon from Samba, a free
+implementation of the SMB/CIFS protocol, imposes insufficient limits
+in the code to handle shared connections, which can be exploited to
+exhaust system memory by sending maliciously crafted requests, leading
+to denial of service.
+For the stable distribution (sarge) this problem has been fixed in
+version 3.0.14a-3sarge2.
+For the unstable distribution (sid) this problem will be fixed soon.
+We recommend that you upgrade your samba package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1110
+Risk factor : High';
+
+if (description) {
+ script_id(22652);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1110");
+ script_cve_id("CVE-2006-3403");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1110] DSA-1110-1 samba");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1110-1 samba");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'libpam-smbpass', release: '3.1', reference: '3.0.14a-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libpam-smbpass is vulnerable in Debian 3.1.\nUpgrade to libpam-smbpass_3.0.14a-3sarge2\n');
+}
+if (deb_check(prefix: 'libsmbclient', release: '3.1', reference: '3.0.14a-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libsmbclient is vulnerable in Debian 3.1.\nUpgrade to libsmbclient_3.0.14a-3sarge2\n');
+}
+if (deb_check(prefix: 'libsmbclient-dev', release: '3.1', reference: '3.0.14a-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libsmbclient-dev is vulnerable in Debian 3.1.\nUpgrade to libsmbclient-dev_3.0.14a-3sarge2\n');
+}
+if (deb_check(prefix: 'python2.3-samba', release: '3.1', reference: '3.0.14a-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.3-samba is vulnerable in Debian 3.1.\nUpgrade to python2.3-samba_3.0.14a-3sarge2\n');
+}
+if (deb_check(prefix: 'samba', release: '3.1', reference: '3.0.14a-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package samba is vulnerable in Debian 3.1.\nUpgrade to samba_3.0.14a-3sarge2\n');
+}
+if (deb_check(prefix: 'samba-common', release: '3.1', reference: '3.0.14a-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package samba-common is vulnerable in Debian 3.1.\nUpgrade to samba-common_3.0.14a-3sarge2\n');
+}
+if (deb_check(prefix: 'samba-dbg', release: '3.1', reference: '3.0.14a-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package samba-dbg is vulnerable in Debian 3.1.\nUpgrade to samba-dbg_3.0.14a-3sarge2\n');
+}
+if (deb_check(prefix: 'samba-doc', release: '3.1', reference: '3.0.14a-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package samba-doc is vulnerable in Debian 3.1.\nUpgrade to samba-doc_3.0.14a-3sarge2\n');
+}
+if (deb_check(prefix: 'smbclient', release: '3.1', reference: '3.0.14a-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package smbclient is vulnerable in Debian 3.1.\nUpgrade to smbclient_3.0.14a-3sarge2\n');
+}
+if (deb_check(prefix: 'smbfs', release: '3.1', reference: '3.0.14a-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package smbfs is vulnerable in Debian 3.1.\nUpgrade to smbfs_3.0.14a-3sarge2\n');
+}
+if (deb_check(prefix: 'swat', release: '3.1', reference: '3.0.14a-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package swat is vulnerable in Debian 3.1.\nUpgrade to swat_3.0.14a-3sarge2\n');
+}
+if (deb_check(prefix: 'winbind', release: '3.1', reference: '3.0.14a-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package winbind is vulnerable in Debian 3.1.\nUpgrade to winbind_3.0.14a-3sarge2\n');
+}
+if (deb_check(prefix: 'samba', release: '3.1', reference: '3.0.14a-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package samba is vulnerable in Debian sarge.\nUpgrade to samba_3.0.14a-3sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1111.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1111.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1111.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,394 @@
+# This script was automatically generated from the dsa-1111
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+It was discovered that a race condition in the process filesystem can lead
+to privilege escalation.
+The following matrix explains which kernel version for which architecture
+fixes the problem mentioned above:
+The initial advisory lacked builds for the IBM S/390, Motorola 680x0 and HP
+Precision architectures, which are now provided. Also, the kernels for the
+FAI installer have been updated.
+We recommend that you upgrade your kernel package immediately and reboot
+the machine. If you have built a custom kernel from the kernel source
+package, you will need to rebuild to take advantage of these fixes.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1111
+Risk factor : High';
+
+if (description) {
+ script_id(22653);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1111");
+ script_cve_id("CVE-2006-3626");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1111] DSA-1111-2 kernel-source-2.6.8");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1111-2 kernel-source-2.6.8");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'fai-kernels', release: '3.1', reference: '1.9.1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package fai-kernels is vulnerable in Debian 3.1.\nUpgrade to fai-kernels_1.9.1sarge3\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-3', release: '3.1', reference: '2.6.8-15sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-3 is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-3_2.6.8-15sarge4\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-3-power3', release: '3.1', reference: '2.6.8-12sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-3-power3 is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-3-power3_2.6.8-12sarge4\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-3-power3-smp', release: '3.1', reference: '2.6.8-12sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-3-power3-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-3-power3-smp_2.6.8-12sarge4\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-3-power4', release: '3.1', reference: '2.6.8-12sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-3-power4 is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-3-power4_2.6.8-12sarge4\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-3-power4-smp', release: '3.1', reference: '2.6.8-12sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-3-power4-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-3-power4-smp_2.6.8-12sarge4\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-3-powerpc', release: '3.1', reference: '2.6.8-12sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-3-powerpc is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-3-powerpc_2.6.8-12sarge4\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-3-powerpc-smp', release: '3.1', reference: '2.6.8-12sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-3-powerpc-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-3-powerpc-smp_2.6.8-12sarge4\n');
+}
+if (deb_check(prefix: 'kernel-doc-2.6.8', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-doc-2.6.8 is vulnerable in Debian 3.1.\nUpgrade to kernel-doc-2.6.8_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6-itanium', release: '3.1', reference: '2.6.8-14sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6-itanium is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6-itanium_2.6.8-14sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6-itanium-smp', release: '3.1', reference: '2.6.8-14sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6-itanium-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6-itanium-smp_2.6.8-14sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6-mckinley', release: '3.1', reference: '2.6.8-14sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6-mckinley is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6-mckinley_2.6.8-14sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6-mckinley-smp', release: '3.1', reference: '2.6.8-14sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6-mckinley-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6-mckinley-smp_2.6.8-14sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-12', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-12 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-12_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-12-amd64-generic', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-12-amd64-generic is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-12-amd64-generic_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-12-amd64-k8', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-12-amd64-k8 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-12-amd64-k8_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-12-amd64-k8-smp', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-12-amd64-k8-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-12-amd64-k8-smp_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-12-em64t-p4', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-12-em64t-p4 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-12-em64t-p4_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-12-em64t-p4-smp', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-12-em64t-p4-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-12-em64t-p4-smp_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3', release: '3.1', reference: '2.6.8-5sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3_2.6.8-5sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-32', release: '3.1', reference: '2.6.8-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-32 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-32_2.6.8-6sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-32-smp', release: '3.1', reference: '2.6.8-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-32-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-32-smp_2.6.8-6sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-386', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-386 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-386_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-64', release: '3.1', reference: '2.6.8-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-64 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-64_2.6.8-6sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-64-smp', release: '3.1', reference: '2.6.8-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-64-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-64-smp_2.6.8-6sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-686', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-686 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-686_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-686-smp', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-686-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-686-smp_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-generic', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-generic is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-generic_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-itanium', release: '3.1', reference: '2.6.8-14sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-itanium is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-itanium_2.6.8-14sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-itanium-smp', release: '3.1', reference: '2.6.8-14sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-itanium-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-itanium-smp_2.6.8-14sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-k7', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-k7 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-k7_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-k7-smp', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-k7-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-k7-smp_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-mckinley', release: '3.1', reference: '2.6.8-14sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-mckinley is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-mckinley_2.6.8-14sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-mckinley-smp', release: '3.1', reference: '2.6.8-14sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-mckinley-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-mckinley-smp_2.6.8-14sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-smp', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-smp_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-sparc32', release: '3.1', reference: '2.6.8-15sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-sparc32 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-sparc32_2.6.8-15sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-sparc64', release: '3.1', reference: '2.6.8-15sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-sparc64 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-sparc64_2.6.8-15sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-sparc64-smp', release: '3.1', reference: '2.6.8-15sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-sparc64-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-sparc64-smp_2.6.8-15sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6-itanium', release: '3.1', reference: '2.6.8-14sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6-itanium is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6-itanium_2.6.8-14sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6-itanium-smp', release: '3.1', reference: '2.6.8-14sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6-itanium-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6-itanium-smp_2.6.8-14sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6-mckinley', release: '3.1', reference: '2.6.8-14sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6-mckinley is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6-mckinley_2.6.8-14sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6-mckinley-smp', release: '3.1', reference: '2.6.8-14sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6-mckinley-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6-mckinley-smp_2.6.8-14sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-12-amd64-generic', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-12-amd64-generic is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-12-amd64-generic_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-12-amd64-k8', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-12-amd64-k8 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-12-amd64-k8_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-12-amd64-k8-smp', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-12-amd64-k8-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-12-amd64-k8-smp_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-12-em64t-p4', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-12-em64t-p4 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-12-em64t-p4_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-12-em64t-p4-smp', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-12-em64t-p4-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-12-em64t-p4-smp_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-32', release: '3.1', reference: '2.6.8-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-32 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-32_2.6.8-6sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-32-smp', release: '3.1', reference: '2.6.8-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-32-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-32-smp_2.6.8-6sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-386', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-386 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-386_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-64', release: '3.1', reference: '2.6.8-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-64 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-64_2.6.8-6sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-64-smp', release: '3.1', reference: '2.6.8-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-64-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-64-smp_2.6.8-6sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-686', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-686 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-686_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-686-smp', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-686-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-686-smp_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-generic', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-generic is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-generic_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-itanium', release: '3.1', reference: '2.6.8-14sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-itanium is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-itanium_2.6.8-14sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-itanium-smp', release: '3.1', reference: '2.6.8-14sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-itanium-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-itanium-smp_2.6.8-14sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-k7', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-k7 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-k7_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-k7-smp', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-k7-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-k7-smp_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-mckinley', release: '3.1', reference: '2.6.8-14sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-mckinley is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-mckinley_2.6.8-14sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-mckinley-smp', release: '3.1', reference: '2.6.8-14sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-mckinley-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-mckinley-smp_2.6.8-14sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-power3', release: '3.1', reference: '2.6.8-12sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-power3 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-power3_2.6.8-12sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-power3-smp', release: '3.1', reference: '2.6.8-12sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-power3-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-power3-smp_2.6.8-12sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-power4', release: '3.1', reference: '2.6.8-12sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-power4 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-power4_2.6.8-12sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-power4-smp', release: '3.1', reference: '2.6.8-12sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-power4-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-power4-smp_2.6.8-12sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-powerpc', release: '3.1', reference: '2.6.8-12sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-powerpc is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-powerpc_2.6.8-12sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-powerpc-smp', release: '3.1', reference: '2.6.8-12sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-powerpc-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-powerpc-smp_2.6.8-12sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-s390', release: '3.1', reference: '2.6.8-5sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-s390 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-s390_2.6.8-5sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-s390-tape', release: '3.1', reference: '2.6.8-5sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-s390-tape is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-s390-tape_2.6.8-5sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-s390x', release: '3.1', reference: '2.6.8-5sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-s390x is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-s390x_2.6.8-5sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-smp', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-smp_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-sparc32', release: '3.1', reference: '2.6.8-15sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-sparc32 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-sparc32_2.6.8-15sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-sparc64', release: '3.1', reference: '2.6.8-15sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-sparc64 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-sparc64_2.6.8-15sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-sparc64-smp', release: '3.1', reference: '2.6.8-15sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-sparc64-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-sparc64-smp_2.6.8-15sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-amiga', release: '3.1', reference: '2.6.8-4sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-amiga is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-amiga_2.6.8-4sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-atari', release: '3.1', reference: '2.6.8-4sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-atari is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-atari_2.6.8-4sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-bvme6000', release: '3.1', reference: '2.6.8-4sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-bvme6000 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-bvme6000_2.6.8-4sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-hp', release: '3.1', reference: '2.6.8-4sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-hp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-hp_2.6.8-4sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-mac', release: '3.1', reference: '2.6.8-4sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-mac is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-mac_2.6.8-4sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-mvme147', release: '3.1', reference: '2.6.8-4sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-mvme147 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-mvme147_2.6.8-4sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-mvme16x', release: '3.1', reference: '2.6.8-4sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-mvme16x is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-mvme16x_2.6.8-4sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-q40', release: '3.1', reference: '2.6.8-4sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-q40 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-q40_2.6.8-4sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-sun3', release: '3.1', reference: '2.6.8-4sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-sun3 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-sun3_2.6.8-4sarge4\n');
+}
+if (deb_check(prefix: 'kernel-patch-2.6.8-s390', release: '3.1', reference: '2.6.8-5sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-patch-2.6.8-s390 is vulnerable in Debian 3.1.\nUpgrade to kernel-patch-2.6.8-s390_2.6.8-5sarge4\n');
+}
+if (deb_check(prefix: 'kernel-patch-debian-2.6.8', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-patch-debian-2.6.8 is vulnerable in Debian 3.1.\nUpgrade to kernel-patch-debian-2.6.8_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-source-2.6.8', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-source-2.6.8 is vulnerable in Debian 3.1.\nUpgrade to kernel-source-2.6.8_2.6.8-16sarge4\n');
+}
+if (deb_check(prefix: 'kernel-tree-2.6.8', release: '3.1', reference: '2.6.8-16sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-tree-2.6.8 is vulnerable in Debian 3.1.\nUpgrade to kernel-tree-2.6.8_2.6.8-16sarge4\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1112.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1112.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1112.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,72 @@
+# This script was automatically generated from the dsa-1112
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Several local vulnerabilities have been discovered in the MySQL database
+server, which may lead to denial of service. The Common
+Vulnerabilities and Exposures project identifies the following problems:
+ "Kanatoko" discovered that the server can be crashed with feeding
+ NULL values to the str_to_date() function.
+ Jean-David Maillefer discovered that the server can be crashed with
+ specially crafted date_format() function calls.
+For the stable distribution (sarge) these problems have been fixed in
+version 4.1.11a-4sarge5.
+For the unstable distribution (sid) does no longer contain MySQL 4.1
+packages. MySQL 5.0 from sid is not affected.
+We recommend that you upgrade your mysql-dfsg-4.1 packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1112
+Risk factor : High';
+
+if (description) {
+ script_id(22654);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1112");
+ script_cve_id("CVE-2006-3081", "CVE-2006-3469");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1112] DSA-1112-1 mysql-dfsg-4.1");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1112-1 mysql-dfsg-4.1");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'libmysqlclient14', release: '3.1', reference: '4.1.11a-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libmysqlclient14 is vulnerable in Debian 3.1.\nUpgrade to libmysqlclient14_4.1.11a-4sarge5\n');
+}
+if (deb_check(prefix: 'libmysqlclient14-dev', release: '3.1', reference: '4.1.11a-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libmysqlclient14-dev is vulnerable in Debian 3.1.\nUpgrade to libmysqlclient14-dev_4.1.11a-4sarge5\n');
+}
+if (deb_check(prefix: 'mysql-client-4.1', release: '3.1', reference: '4.1.11a-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mysql-client-4.1 is vulnerable in Debian 3.1.\nUpgrade to mysql-client-4.1_4.1.11a-4sarge5\n');
+}
+if (deb_check(prefix: 'mysql-common-4.1', release: '3.1', reference: '4.1.11a-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mysql-common-4.1 is vulnerable in Debian 3.1.\nUpgrade to mysql-common-4.1_4.1.11a-4sarge5\n');
+}
+if (deb_check(prefix: 'mysql-server-4.1', release: '3.1', reference: '4.1.11a-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mysql-server-4.1 is vulnerable in Debian 3.1.\nUpgrade to mysql-server-4.1_4.1.11a-4sarge5\n');
+}
+if (deb_check(prefix: 'mysql-dfsg-4.1', release: '3.1', reference: '4.1.11a-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mysql-dfsg-4.1 is vulnerable in Debian sarge.\nUpgrade to mysql-dfsg-4.1_4.1.11a-4sarge5\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1113.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1113.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1113.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,51 @@
+# This script was automatically generated from the dsa-1113
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+It was discovered that the Zope web application server allows read access
+to arbitrary pages on the server, if a user has the privilege to edit
+"restructured text" pages.
+For the stable distribution (sarge) this problem has been fixed in
+version 2.7.5-2sarge2.
+The unstable distribution (sid) does no longer contain Zope 2.7 packages.
+We recommend that you upgrade your zope2.7 package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1113
+Risk factor : High';
+
+if (description) {
+ script_id(22655);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1113");
+ script_cve_id("CVE-2006-3458");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1113] DSA-1113-1 zope2.7");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1113-1 zope2.7");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'zope2.7', release: '3.1', reference: '2.7.5-2sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package zope2.7 is vulnerable in Debian 3.1.\nUpgrade to zope2.7_2.7.5-2sarge2\n');
+}
+if (deb_check(prefix: 'zope2.7', release: '3.1', reference: '2.7.5-2sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package zope2.7 is vulnerable in Debian sarge.\nUpgrade to zope2.7_2.7.5-2sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1114.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1114.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1114.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,58 @@
+# This script was automatically generated from the dsa-1114
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Andreas Seltenreich discovered a buffer overflow in hashcash, a
+postage payment scheme for email that is based on hash calculations,
+which could allow attackers to execute arbitrary code via specially
+crafted entries.
+For the stable distribution (sarge) this problem has been fixed in
+version 1.17-1sarge1.
+For the unstable distribution (sid) this problem has been fixed in
+version 1.21-1.
+We recommend that you upgrade your hashcash package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1114
+Risk factor : High';
+
+if (description) {
+ script_id(22656);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1114");
+ script_cve_id("CVE-2006-3251");
+ script_bugtraq_id(18659);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1114] DSA-1114-1 hashcash");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1114-1 hashcash");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'hashcash', release: '3.1', reference: '1.17-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package hashcash is vulnerable in Debian 3.1.\nUpgrade to hashcash_1.17-1sarge1\n');
+}
+if (deb_check(prefix: 'hashcash', release: '4.0', reference: '1.21-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package hashcash is vulnerable in Debian 4.0.\nUpgrade to hashcash_1.21-1\n');
+}
+if (deb_check(prefix: 'hashcash', release: '3.1', reference: '1.17-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package hashcash is vulnerable in Debian sarge.\nUpgrade to hashcash_1.17-1sarge1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1115.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1115.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1115.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,65 @@
+# This script was automatically generated from the dsa-1115
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Evgeny Legerov discovered that gnupg, the GNU privacy guard, a free
+PGP replacement contains an integer overflow that can cause a
+segmentation fault and possibly overwrite memory via a large user ID
+string.
+For the stable distribution (sarge) this problem has been fixed in
+version 1.4.1-1.sarge4 of GnuPG and in version 1.9.15-6sarge1 of GnuPG2.
+For the unstable distribution (sid) this problem has been fixed in
+version 1.4.3-2 of GnuPG, a fix for GnuPG2 is pending.
+We recommend that you upgrade your gnupg package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1115
+Risk factor : High';
+
+if (description) {
+ script_id(22657);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1115");
+ script_cve_id("CVE-2006-3082");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1115] DSA-1115-1 gnupg2");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1115-1 gnupg2");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'gnupg-agent', release: '3.1', reference: '1.9.15-6sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gnupg-agent is vulnerable in Debian 3.1.\nUpgrade to gnupg-agent_1.9.15-6sarge1\n');
+}
+if (deb_check(prefix: 'gnupg2', release: '3.1', reference: '1.9.15-6sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gnupg2 is vulnerable in Debian 3.1.\nUpgrade to gnupg2_1.9.15-6sarge1\n');
+}
+if (deb_check(prefix: 'gpgsm', release: '3.1', reference: '1.9.15-6sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gpgsm is vulnerable in Debian 3.1.\nUpgrade to gpgsm_1.9.15-6sarge1\n');
+}
+if (deb_check(prefix: 'gnupg2', release: '4.0', reference: '1.4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gnupg2 is vulnerable in Debian 4.0.\nUpgrade to gnupg2_1.4\n');
+}
+if (deb_check(prefix: 'gnupg2', release: '3.1', reference: '1.4.1-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gnupg2 is vulnerable in Debian sarge.\nUpgrade to gnupg2_1.4.1-1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1116.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1116.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1116.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,88 @@
+# This script was automatically generated from the dsa-1116
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Henning Makholm discovered a buffer overflow in the XCF loading code
+of Gimp, an image editing program. Opening a specially crafted XCF
+image might cause the application to execute arbitrary code.
+For the stable distribution (sarge) this problem has been fixed in
+version 2.2.6-1sarge1.
+For the unstable distribution (sid) this problem has been fixed in
+version 2.2.11-3.1.
+We recommend that you upgrade your gimp package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1116
+Risk factor : High';
+
+if (description) {
+ script_id(22658);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1116");
+ script_cve_id("CVE-2006-3404");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1116] DSA-1116-1 gimp");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1116-1 gimp");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'gimp', release: '3.1', reference: '2.2.6-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gimp is vulnerable in Debian 3.1.\nUpgrade to gimp_2.2.6-1sarge1\n');
+}
+if (deb_check(prefix: 'gimp-data', release: '3.1', reference: '2.2.6-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gimp-data is vulnerable in Debian 3.1.\nUpgrade to gimp-data_2.2.6-1sarge1\n');
+}
+if (deb_check(prefix: 'gimp-helpbrowser', release: '3.1', reference: '2.2.6-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gimp-helpbrowser is vulnerable in Debian 3.1.\nUpgrade to gimp-helpbrowser_2.2.6-1sarge1\n');
+}
+if (deb_check(prefix: 'gimp-python', release: '3.1', reference: '2.2.6-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gimp-python is vulnerable in Debian 3.1.\nUpgrade to gimp-python_2.2.6-1sarge1\n');
+}
+if (deb_check(prefix: 'gimp-svg', release: '3.1', reference: '2.2.6-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gimp-svg is vulnerable in Debian 3.1.\nUpgrade to gimp-svg_2.2.6-1sarge1\n');
+}
+if (deb_check(prefix: 'gimp1.2', release: '3.1', reference: '2.2.6-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gimp1.2 is vulnerable in Debian 3.1.\nUpgrade to gimp1.2_2.2.6-1sarge1\n');
+}
+if (deb_check(prefix: 'libgimp2.0', release: '3.1', reference: '2.2.6-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgimp2.0 is vulnerable in Debian 3.1.\nUpgrade to libgimp2.0_2.2.6-1sarge1\n');
+}
+if (deb_check(prefix: 'libgimp2.0-dev', release: '3.1', reference: '2.2.6-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgimp2.0-dev is vulnerable in Debian 3.1.\nUpgrade to libgimp2.0-dev_2.2.6-1sarge1\n');
+}
+if (deb_check(prefix: 'libgimp2.0-doc', release: '3.1', reference: '2.2.6-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgimp2.0-doc is vulnerable in Debian 3.1.\nUpgrade to libgimp2.0-doc_2.2.6-1sarge1\n');
+}
+if (deb_check(prefix: 'gimp', release: '4.0', reference: '2.2.11-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gimp is vulnerable in Debian 4.0.\nUpgrade to gimp_2.2.11-3.1\n');
+}
+if (deb_check(prefix: 'gimp', release: '3.1', reference: '2.2.6-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gimp is vulnerable in Debian sarge.\nUpgrade to gimp_2.2.6-1sarge1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1117.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1117.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1117.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,80 @@
+# This script was automatically generated from the dsa-1117
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+It was discovered that the GD graphics library performs insufficient checks
+of the validity of GIF images, which might lead to denial of service by
+tricking the application into an infinite loop.
+For the stable distribution (sarge) this problem has been fixed in
+version 2.0.33-1.1sarge1.
+For the unstable distribution (sid) this problem has been fixed in
+version 2.0.33-5.
+We recommend that you upgrade your libgd2 packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1117
+Risk factor : High';
+
+if (description) {
+ script_id(22659);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1117");
+ script_cve_id("CVE-2006-2906");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1117] DSA-1117-1 libgd2");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1117-1 libgd2");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'libgd-tools', release: '3.1', reference: '2.0.33-1.1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgd-tools is vulnerable in Debian 3.1.\nUpgrade to libgd-tools_2.0.33-1.1sarge1\n');
+}
+if (deb_check(prefix: 'libgd2', release: '3.1', reference: '2.0.33-1.1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgd2 is vulnerable in Debian 3.1.\nUpgrade to libgd2_2.0.33-1.1sarge1\n');
+}
+if (deb_check(prefix: 'libgd2-dev', release: '3.1', reference: '2.0.33-1.1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgd2-dev is vulnerable in Debian 3.1.\nUpgrade to libgd2-dev_2.0.33-1.1sarge1\n');
+}
+if (deb_check(prefix: 'libgd2-noxpm', release: '3.1', reference: '2.0.33-1.1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgd2-noxpm is vulnerable in Debian 3.1.\nUpgrade to libgd2-noxpm_2.0.33-1.1sarge1\n');
+}
+if (deb_check(prefix: 'libgd2-noxpm-dev', release: '3.1', reference: '2.0.33-1.1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgd2-noxpm-dev is vulnerable in Debian 3.1.\nUpgrade to libgd2-noxpm-dev_2.0.33-1.1sarge1\n');
+}
+if (deb_check(prefix: 'libgd2-xpm', release: '3.1', reference: '2.0.33-1.1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgd2-xpm is vulnerable in Debian 3.1.\nUpgrade to libgd2-xpm_2.0.33-1.1sarge1\n');
+}
+if (deb_check(prefix: 'libgd2-xpm-dev', release: '3.1', reference: '2.0.33-1.1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgd2-xpm-dev is vulnerable in Debian 3.1.\nUpgrade to libgd2-xpm-dev_2.0.33-1.1sarge1\n');
+}
+if (deb_check(prefix: 'libgd2', release: '4.0', reference: '2.0.33-5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgd2 is vulnerable in Debian 4.0.\nUpgrade to libgd2_2.0.33-5\n');
+}
+if (deb_check(prefix: 'libgd2', release: '3.1', reference: '2.0.33-1.1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgd2 is vulnerable in Debian sarge.\nUpgrade to libgd2_2.0.33-1.1sarge1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1118.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1118.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1118.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,153 @@
+# This script was automatically generated from the dsa-1118
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Several security related problems have been discovered in Mozilla.
+The Common Vulnerabilities and Exposures project identifies the
+following vulnerabilities:
+ Eric Foley discovered that a user can be tricked to expose a local
+ file to a remote attacker by displaying a local file as image in
+ connection with other vulnerabilities. [MFSA-2006-39]
+ XUL attributes are associated with the wrong URL under certain
+ circumstances, which might allow remote attackers to bypass
+ restrictions. [MFSA-2006-35]
+ Paul Nickerson discovered that content-defined setters on an
+ object prototype were getting called by privileged user interface
+ code, and "moz_bug_r_a4" demonstrated that the higher privilege
+ level could be passed along to the content-defined attack code.
+ [MFSA-2006-37]
+ A vulnerability allows remote attackers to execute arbitrary code
+ and create notifications that are executed in a privileged
+ context. [MFSA-2006-43]
+ Mikolaj Habryn discovered a buffer overflow in the crypto.signText function
+ that allows remote attackers to execute arbitrary code via certain
+ optional Certificate Authority name arguments. [MFSA-2006-38]
+ Mozilla team members discovered several crashes during testing of
+ the browser engine showing evidence of memory corruption which may
+ also lead to the execution of arbitrary code. This problem has
+ only partially been corrected. [MFSA-2006-32]
+ An integer overflow allows remote attackers to cause a denial of
+ service and may permit the execution of arbitrary code.
+ [MFSA-2006-32]
+ Masatoshi Kimura discovered a double-free vulnerability that
+ allows remote attackers to cause a denial of service and possibly
+ execute arbitrary code via a VCard. [MFSA-2006-40]
+ Chuck McAuley discovered that a text input box can be pre-filled
+ with a filename and then turned into a file-upload control,
+ allowing a malicious website to steal any local file whose name
+ they can guess. [MFSA-2006-41, MFSA-2006-23, CVE-2006-1729]
+ Masatoshi Kimura discovered that the Unicode Byte-order-Mark (BOM)
+ is stripped from UTF-8 pages during the conversion to Unicode
+ before the parser sees the web page, which allows remote attackers
+ to conduct cross-site scripting (XSS) attacks. [MFSA-2006-42]
+ Paul Nickerson discovered that the fix for CVE-2005-0752 can be
+ bypassed using nested javascript: URLs, allowing the attacker to
+ execute privileged code. [MFSA-2005-34, MFSA-2006-36]
+ Paul Nickerson demonstrated that if an attacker could convince a
+ user to right-click on a broken image and choose "View Image" from
+ the context menu then he could get JavaScript to
+ run. [MFSA-2006-34]
+ Kazuho Oku discovered that Mozilla\'s lenient handling of HTTP
+ header syntax may allow remote attackers to trick the browser to
+ interpret certain responses as if they were responses from two
+ different sites. [MFSA-2006-33]
+ The Mozilla researcher "moz_bug_r_a4" discovered that JavaScript
+ run via EvalInSandbox can escape the san
+[...]
+
+Solution : http://www.debian.org/security/2006/dsa-1118
+Risk factor : High';
+
+if (description) {
+ script_id(22660);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1118");
+ script_cve_id("CVE-2006-1942", "CVE-2006-2775", "CVE-2006-2776", "CVE-2006-2777", "CVE-2006-2778", "CVE-2006-2779", "CVE-2006-2780");
+ script_bugtraq_id(18228);
+ script_xref(name: "CERT", value: "237257");
+ script_xref(name: "CERT", value: "243153");
+ script_xref(name: "CERT", value: "421529");
+ script_xref(name: "CERT", value: "466673");
+ script_xref(name: "CERT", value: "575969");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1118] DSA-1118-1 mozilla");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1118-1 mozilla");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'libnspr-dev', release: '3.1', reference: '1.7.8-1sarge7.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libnspr-dev is vulnerable in Debian 3.1.\nUpgrade to libnspr-dev_1.7.8-1sarge7.1\n');
+}
+if (deb_check(prefix: 'libnspr4', release: '3.1', reference: '1.7.8-1sarge7.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libnspr4 is vulnerable in Debian 3.1.\nUpgrade to libnspr4_1.7.8-1sarge7.1\n');
+}
+if (deb_check(prefix: 'libnss-dev', release: '3.1', reference: '1.7.8-1sarge7.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libnss-dev is vulnerable in Debian 3.1.\nUpgrade to libnss-dev_1.7.8-1sarge7.1\n');
+}
+if (deb_check(prefix: 'libnss3', release: '3.1', reference: '1.7.8-1sarge7.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libnss3 is vulnerable in Debian 3.1.\nUpgrade to libnss3_1.7.8-1sarge7.1\n');
+}
+if (deb_check(prefix: 'mozilla', release: '3.1', reference: '1.7.8-1sarge7.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla is vulnerable in Debian 3.1.\nUpgrade to mozilla_1.7.8-1sarge7.1\n');
+}
+if (deb_check(prefix: 'mozilla-browser', release: '3.1', reference: '1.7.8-1sarge7.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-browser is vulnerable in Debian 3.1.\nUpgrade to mozilla-browser_1.7.8-1sarge7.1\n');
+}
+if (deb_check(prefix: 'mozilla-calendar', release: '3.1', reference: '1.7.8-1sarge7.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-calendar is vulnerable in Debian 3.1.\nUpgrade to mozilla-calendar_1.7.8-1sarge7.1\n');
+}
+if (deb_check(prefix: 'mozilla-chatzilla', release: '3.1', reference: '1.7.8-1sarge7.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-chatzilla is vulnerable in Debian 3.1.\nUpgrade to mozilla-chatzilla_1.7.8-1sarge7.1\n');
+}
+if (deb_check(prefix: 'mozilla-dev', release: '3.1', reference: '1.7.8-1sarge7.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-dev is vulnerable in Debian 3.1.\nUpgrade to mozilla-dev_1.7.8-1sarge7.1\n');
+}
+if (deb_check(prefix: 'mozilla-dom-inspector', release: '3.1', reference: '1.7.8-1sarge7.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-dom-inspector is vulnerable in Debian 3.1.\nUpgrade to mozilla-dom-inspector_1.7.8-1sarge7.1\n');
+}
+if (deb_check(prefix: 'mozilla-js-debugger', release: '3.1', reference: '1.7.8-1sarge7.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-js-debugger is vulnerable in Debian 3.1.\nUpgrade to mozilla-js-debugger_1.7.8-1sarge7.1\n');
+}
+if (deb_check(prefix: 'mozilla-mailnews', release: '3.1', reference: '1.7.8-1sarge7.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-mailnews is vulnerable in Debian 3.1.\nUpgrade to mozilla-mailnews_1.7.8-1sarge7.1\n');
+}
+if (deb_check(prefix: 'mozilla-psm', release: '3.1', reference: '1.7.8-1sarge7.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-psm is vulnerable in Debian 3.1.\nUpgrade to mozilla-psm_1.7.8-1sarge7.1\n');
+}
+if (deb_check(prefix: 'mozilla', release: '4.0', reference: '1.7.13-0.3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla is vulnerable in Debian 4.0.\nUpgrade to mozilla_1.7.13-0.3\n');
+}
+if (deb_check(prefix: 'mozilla', release: '3.1', reference: '1.7.8-1sarge7.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla is vulnerable in Debian sarge.\nUpgrade to mozilla_1.7.8-1sarge7.1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1119.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1119.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1119.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,58 @@
+# This script was automatically generated from the dsa-1119
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Akira Tanaka discovered a vulnerability in Hiki Wiki, a Wiki engine
+written in Ruby that allows remote attackers to cause a denial of
+service via high CPU consumption using by performing a diff between
+large and specially crafted Wiki pages.
+For the stable distribution (sarge) this problem has been fixed in
+version 0.6.5-2.
+For the unstable distribution (sid) this problem has been fixed in
+version 0.8.6-1.
+We recommend that you upgrade your hiki package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1119
+Risk factor : High';
+
+if (description) {
+ script_id(22661);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1119");
+ script_cve_id("CVE-2006-3379");
+ script_bugtraq_id(18785);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1119] DSA-1119-1 hiki");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1119-1 hiki");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'hiki', release: '3.1', reference: '0.6.5-2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package hiki is vulnerable in Debian 3.1.\nUpgrade to hiki_0.6.5-2\n');
+}
+if (deb_check(prefix: 'hiki', release: '4.0', reference: '0.8.6-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package hiki is vulnerable in Debian 4.0.\nUpgrade to hiki_0.8.6-1\n');
+}
+if (deb_check(prefix: 'hiki', release: '3.1', reference: '0.6.5-2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package hiki is vulnerable in Debian sarge.\nUpgrade to hiki_0.6.5-2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1120.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1120.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1120.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,114 @@
+# This script was automatically generated from the dsa-1120
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Several security related problems have been discovered in Mozilla.
+The Common Vulnerabilities and Exposures project identifies the
+following vulnerabilities:
+ Eric Foley discovered that a user can be tricked to expose a local
+ file to a remote attacker by displaying a local file as image in
+ connection with other vulnerabilities. [MFSA-2006-39]
+ XUL attributes are associated with the wrong URL under certain
+ circumstances, which might allow remote attackers to bypass
+ restrictions. [MFSA-2006-35]
+ Paul Nickerson discovered that content-defined setters on an
+ object prototype were getting called by privileged user interface
+ code, and "moz_bug_r_a4" demonstrated that the higher privilege
+ level could be passed along to the content-defined attack code.
+ [MFSA-2006-37]
+ A vulnerability allows remote attackers to execute arbitrary code
+ and create notifications that are executed in a privileged
+ context. [MFSA-2006-43]
+ Mikolaj Habryn discovered a buffer overflow in the crypto.signText function
+ that allows remote attackers to execute arbitrary code via certain
+ optional Certificate Authority name arguments. [MFSA-2006-38]
+ Mozilla team members discovered several crashes during testing of
+ the browser engine showing evidence of memory corruption which may
+ also lead to the execution of arbitrary code. This problem has
+ only partially been corrected. [MFSA-2006-32]
+ An integer overflow allows remote attackers to cause a denial of
+ service and may permit the execution of arbitrary code.
+ [MFSA-2006-32]
+ Chuck McAuley discovered that a text input box can be pre-filled
+ with a filename and then turned into a file-upload control,
+ allowing a malicious website to steal any local file whose name
+ they can guess. [MFSA-2006-41, MFSA-2006-23, CVE-2006-1729]
+ Masatoshi Kimura discovered that the Unicode Byte-order-Mark (BOM)
+ is stripped from UTF-8 pages during the conversion to Unicode
+ before the parser sees the web page, which allows remote attackers
+ to conduct cross-site scripting (XSS) attacks. [MFSA-2006-42]
+ Paul Nickerson discovered that the fix for CVE-2005-0752 can be
+ bypassed using nested javascript: URLs, allowing the attacker to
+ execute privileged code. [MFSA-2005-34, MFSA-2006-36]
+ Paul Nickerson demonstrated that if an attacker could convince a
+ user to right-click on a broken image and choose "View Image" from
+ the context menu then he could get JavaScript to
+ run. [MFSA-2006-34]
+ Kazuho Oku discovered that Mozilla\'s lenient handling of HTTP
+ header syntax may allow remote attackers to trick the browser to
+ interpret certain responses as if they were responses from two
+ different sites. [MFSA-2006-33]
+ The Mozilla researcher "moz_bug_r_a4" discovered that JavaScript
+ run via EvalInSandbox can escape the sandbox and gain elevated
+ privilege. [MFSA-2006-31]
+For the stable distribution (sarge) these problems have been fixed in
+version 1.0.4-2sarge9.
+For the unstable distribution (sid) these pr
+[...]
+
+Solution : http://www.debian.org/security/2006/dsa-1120
+Risk factor : High';
+
+if (description) {
+ script_id(22662);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1120");
+ script_cve_id("CVE-2006-1942", "CVE-2006-2775", "CVE-2006-2776", "CVE-2006-2777", "CVE-2006-2778", "CVE-2006-2779", "CVE-2006-2780");
+ script_bugtraq_id(18228);
+ script_xref(name: "CERT", value: "237257");
+ script_xref(name: "CERT", value: "243153");
+ script_xref(name: "CERT", value: "421529");
+ script_xref(name: "CERT", value: "466673");
+ script_xref(name: "CERT", value: "575969");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1120] DSA-1120-1 mozilla-firefox");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1120-1 mozilla-firefox");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'mozilla-firefox', release: '3.1', reference: '1.0.4-2sarge9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-firefox is vulnerable in Debian 3.1.\nUpgrade to mozilla-firefox_1.0.4-2sarge9\n');
+}
+if (deb_check(prefix: 'mozilla-firefox-dom-inspector', release: '3.1', reference: '1.0.4-2sarge9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-firefox-dom-inspector is vulnerable in Debian 3.1.\nUpgrade to mozilla-firefox-dom-inspector_1.0.4-2sarge9\n');
+}
+if (deb_check(prefix: 'mozilla-firefox-gnome-support', release: '3.1', reference: '1.0.4-2sarge9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-firefox-gnome-support is vulnerable in Debian 3.1.\nUpgrade to mozilla-firefox-gnome-support_1.0.4-2sarge9\n');
+}
+if (deb_check(prefix: 'mozilla-firefox', release: '4.0', reference: '1.5.dfsg+1.5.0.4-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-firefox is vulnerable in Debian 4.0.\nUpgrade to mozilla-firefox_1.5.dfsg+1.5.0.4-1\n');
+}
+if (deb_check(prefix: 'mozilla-firefox', release: '3.1', reference: '1.0.4-2sarge9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-firefox is vulnerable in Debian sarge.\nUpgrade to mozilla-firefox_1.0.4-2sarge9\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1121.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1121.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1121.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,58 @@
+# This script was automatically generated from the dsa-1121
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Peter Bieringer discovered that postgrey, a greylisting
+implementation for Postfix, is vulnerable to a format string attack
+that allows remote attackers to cause a denial of service to the daemon.
+For the stable distribution (sarge) this problem has been fixed in
+version 1.21-1sarge1.
+For the stable distribution (sarge) this problem has also been fixed
+in version 1.21-1volatile4 in the volatile archive.
+For the unstable distribution (sid) this problem has been fixed in
+version 1.22-1.
+We recommend that you upgrade your postgrey package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1121
+Risk factor : High';
+
+if (description) {
+ script_id(22663);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1121");
+ script_cve_id("CVE-2005-1127");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1121] DSA-1121-1 postgrey");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1121-1 postgrey");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'postgrey', release: '3.1', reference: '1.21-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package postgrey is vulnerable in Debian 3.1.\nUpgrade to postgrey_1.21-1sarge1\n');
+}
+if (deb_check(prefix: 'postgrey', release: '4.0', reference: '1.22-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package postgrey is vulnerable in Debian 4.0.\nUpgrade to postgrey_1.22-1\n');
+}
+if (deb_check(prefix: 'postgrey', release: '3.1', reference: '1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package postgrey is vulnerable in Debian sarge.\nUpgrade to postgrey_1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1122.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1122.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1122.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,57 @@
+# This script was automatically generated from the dsa-1122
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Peter Bieringer discovered that the "log" function in the Net::Server
+Perl module, an extensible, general perl server engine, is not safe
+against format string exploits.
+The old stable distribution (woody) does not contain this package.
+For the stable distribution (sarge) this problem has been fixed in
+version 0.87-3sarge1.
+For the unstable distribution (sid) this problem has been fixed in
+version 0.89-1.
+We recommend that you upgrade your libnet-server-perl package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1122
+Risk factor : High';
+
+if (description) {
+ script_id(22664);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1122");
+ script_cve_id("CVE-2005-1127");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1122] DSA-1122-1 libnet-server-perl");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1122-1 libnet-server-perl");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'libnet-server-perl', release: '3.1', reference: '0.87-3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libnet-server-perl is vulnerable in Debian 3.1.\nUpgrade to libnet-server-perl_0.87-3sarge1\n');
+}
+if (deb_check(prefix: 'libnet-server-perl', release: '4.0', reference: '0.89-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libnet-server-perl is vulnerable in Debian 4.0.\nUpgrade to libnet-server-perl_0.89-1\n');
+}
+if (deb_check(prefix: 'libnet-server-perl', release: '3.1', reference: '0.87-3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libnet-server-perl is vulnerable in Debian sarge.\nUpgrade to libnet-server-perl_0.87-3sarge1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1123.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1123.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1123.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,69 @@
+# This script was automatically generated from the dsa-1123
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Luigi Auriemma discovered that DUMB, a tracker music library, performs
+insufficient sanitising of values parsed from IT music files, which might
+lead to a buffer overflow and execution of arbitrary code if manipulated
+files are read.
+For the stable distribution (sarge) this problem has been fixed in
+version 0.9.2-6.
+For the unstable distribution (sid) this problem has been fixed in
+version 0.9.3-5.
+We recommend that you upgrade your libdumb packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1123
+Risk factor : High';
+
+if (description) {
+ script_id(22665);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1123");
+ script_cve_id("CVE-2006-3668");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1123] DSA-1123-1 libdumb");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1123-1 libdumb");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'libaldmb0', release: '3.1', reference: '0.9.2-6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libaldmb0 is vulnerable in Debian 3.1.\nUpgrade to libaldmb0_0.9.2-6\n');
+}
+if (deb_check(prefix: 'libaldmb0-dev', release: '3.1', reference: '0.9.2-6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libaldmb0-dev is vulnerable in Debian 3.1.\nUpgrade to libaldmb0-dev_0.9.2-6\n');
+}
+if (deb_check(prefix: 'libdumb0', release: '3.1', reference: '0.9.2-6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libdumb0 is vulnerable in Debian 3.1.\nUpgrade to libdumb0_0.9.2-6\n');
+}
+if (deb_check(prefix: 'libdumb0-dev', release: '3.1', reference: '0.9.2-6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libdumb0-dev is vulnerable in Debian 3.1.\nUpgrade to libdumb0-dev_0.9.2-6\n');
+}
+if (deb_check(prefix: 'libdumb', release: '4.0', reference: '0.9.3-5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libdumb is vulnerable in Debian 4.0.\nUpgrade to libdumb_0.9.3-5\n');
+}
+if (deb_check(prefix: 'libdumb', release: '3.1', reference: '0.9.2-6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libdumb is vulnerable in Debian sarge.\nUpgrade to libdumb_0.9.2-6\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1124.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1124.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1124.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,56 @@
+# This script was automatically generated from the dsa-1124
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Toth Andras discovered that the fbgs framebuffer postscript/PDF viewer
+contains a typo, which prevents the intended filter against malicious
+postscript commands from working correctly. This might lead to the
+deletion of user data when displaying a postscript file.
+For the stable distribution (sarge) this problem has been fixed in
+version 2.01-1.2sarge2.
+For the unstable distribution (sid) this problem will be fixed soon.
+We recommend that you upgrade your fbi package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1124
+Risk factor : High';
+
+if (description) {
+ script_id(22666);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1124");
+ script_cve_id("CVE-2006-3119");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1124] DSA-1124-1 fbi");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1124-1 fbi");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'exiftran', release: '3.1', reference: '2.01-1.2sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package exiftran is vulnerable in Debian 3.1.\nUpgrade to exiftran_2.01-1.2sarge2\n');
+}
+if (deb_check(prefix: 'fbi', release: '3.1', reference: '2.01-1.2sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package fbi is vulnerable in Debian 3.1.\nUpgrade to fbi_2.01-1.2sarge2\n');
+}
+if (deb_check(prefix: 'fbi', release: '3.1', reference: '2.01-1.2sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package fbi is vulnerable in Debian sarge.\nUpgrade to fbi_2.01-1.2sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1125.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1125.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1125.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,68 @@
+# This script was automatically generated from the dsa-1125
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+The Drupal update in DSA 1125 contained a regression. This update corrects
+this flaw. For completeness, the original advisory text below:
+Several remote vulnerabilities have been discovered in the Drupal web site
+platform, which may lead to the execution of arbitrary web script. The
+Common Vulnerabilities and Exposures project identifies the following
+problems:
+ A SQL injection vulnerability has been discovered in the "count" and
+ "from" variables of the database interface.
+ Multiple file extensions were handled incorrectly if Drupal ran on
+ Apache with mod_mime enabled.
+ A variation of CVE-2006-2743 was addressed as well.
+ A Cross-Site-Scripting vulnerability in the upload module has been
+ discovered.
+ A Cross-Site-Scripting vulnerability in the taxonomy module has been
+ discovered.
+For the stable distribution (sarge) these problems have been fixed in
+version 4.5.3-6.1sarge2.
+For the unstable distribution (sid) these problems have been fixed in
+version 4.5.8-1.1.
+We recommend that you upgrade your drupal packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1125
+Risk factor : High';
+
+if (description) {
+ script_id(22667);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1125");
+ script_cve_id("CVE-2006-2742", "CVE-2006-2743", "CVE-2006-2831", "CVE-2006-2832", "CVE-2006-2833");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1125] DSA-1125-2 drupal");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1125-2 drupal");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'drupal', release: '3.1', reference: '4.5.3-6.1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package drupal is vulnerable in Debian 3.1.\nUpgrade to drupal_4.5.3-6.1sarge2\n');
+}
+if (deb_check(prefix: 'drupal', release: '4.0', reference: '4.5.8-1.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package drupal is vulnerable in Debian 4.0.\nUpgrade to drupal_4.5.8-1.1\n');
+}
+if (deb_check(prefix: 'drupal', release: '3.1', reference: '4.5.3-6.1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package drupal is vulnerable in Debian sarge.\nUpgrade to drupal_4.5.3-6.1sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1126.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1126.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1126.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,81 @@
+# This script was automatically generated from the dsa-1126
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+A problem has been discovered in the IAX2 channel driver of Asterisk,
+an Open Source Private Branch Exchange and telephony toolkit, which
+may allow a remote attacker to cause a crash of the Asterisk server.
+The old stable distribution (woody) is not affected by this problem.
+For the stable distribution (sarge) this problem has been fixed in
+version 1.0.7.dfsg.1-2sarge3.
+For the unstable distribution (sid) this problem will be fixed soon.
+We recommend that you upgrade your asterisk packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1126
+Risk factor : High';
+
+if (description) {
+ script_id(22668);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1126");
+ script_cve_id("CVE-2006-2898");
+ script_bugtraq_id(18295);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1126] DSA-1126-1 asterisk");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1126-1 asterisk");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'asterisk', release: '3.1', reference: '1.0.7.dfsg.1-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package asterisk is vulnerable in Debian 3.1.\nUpgrade to asterisk_1.0.7.dfsg.1-2sarge3\n');
+}
+if (deb_check(prefix: 'asterisk-config', release: '3.1', reference: '1.0.7.dfsg.1-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package asterisk-config is vulnerable in Debian 3.1.\nUpgrade to asterisk-config_1.0.7.dfsg.1-2sarge3\n');
+}
+if (deb_check(prefix: 'asterisk-dev', release: '3.1', reference: '1.0.7.dfsg.1-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package asterisk-dev is vulnerable in Debian 3.1.\nUpgrade to asterisk-dev_1.0.7.dfsg.1-2sarge3\n');
+}
+if (deb_check(prefix: 'asterisk-doc', release: '3.1', reference: '1.0.7.dfsg.1-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package asterisk-doc is vulnerable in Debian 3.1.\nUpgrade to asterisk-doc_1.0.7.dfsg.1-2sarge3\n');
+}
+if (deb_check(prefix: 'asterisk-gtk-console', release: '3.1', reference: '1.0.7.dfsg.1-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package asterisk-gtk-console is vulnerable in Debian 3.1.\nUpgrade to asterisk-gtk-console_1.0.7.dfsg.1-2sarge3\n');
+}
+if (deb_check(prefix: 'asterisk-h323', release: '3.1', reference: '1.0.7.dfsg.1-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package asterisk-h323 is vulnerable in Debian 3.1.\nUpgrade to asterisk-h323_1.0.7.dfsg.1-2sarge3\n');
+}
+if (deb_check(prefix: 'asterisk-sounds-main', release: '3.1', reference: '1.0.7.dfsg.1-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package asterisk-sounds-main is vulnerable in Debian 3.1.\nUpgrade to asterisk-sounds-main_1.0.7.dfsg.1-2sarge3\n');
+}
+if (deb_check(prefix: 'asterisk-web-vmail', release: '3.1', reference: '1.0.7.dfsg.1-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package asterisk-web-vmail is vulnerable in Debian 3.1.\nUpgrade to asterisk-web-vmail_1.0.7.dfsg.1-2sarge3\n');
+}
+if (deb_check(prefix: 'asterisk', release: '3.1', reference: '1.0.7.dfsg.1-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package asterisk is vulnerable in Debian sarge.\nUpgrade to asterisk_1.0.7.dfsg.1-2sarge3\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1127.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1127.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1127.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,77 @@
+# This script was automatically generated from the dsa-1127
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Several remote vulnerabilities have been discovered in the Ethereal network
+sniffer, which may lead to the execution of arbitrary code. The Common
+Vulnerabilities and Exposures project identifies the following problems:
+ Ilja van Sprundel discovered that the FW-1 and MQ dissectors are
+ vulnerable to format string attacks.
+ Ilja van Sprundel discovered that the MOUNT dissector is vulnerable
+ to denial of service through memory exhaustion.
+ Ilja van Sprundel discovered off-by-one overflows in the NCP NMAS and
+ NDPS dissectors.
+ Ilja van Sprundel discovered a buffer overflow in the NFS dissector.
+ Ilja van Sprundel discovered that the SSH dissector is vulnerable
+ to denial of service through an infinite loop.
+For the stable distribution (sarge) these problems have been fixed in
+version 0.10.10-2sarge6.
+For the unstable distribution (sid) these problems have been fixed in
+version 0.99.2-1 of wireshark, the sniffer formerly known as ethereal.
+We recommend that you upgrade your ethereal packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1127
+Risk factor : High';
+
+if (description) {
+ script_id(22669);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1127");
+ script_cve_id("CVE-2006-3628", "CVE-2006-3629", "CVE-2006-3630", "CVE-2006-3631", "CVE-2006-3632");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1127] DSA-1127-1 ethereal");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1127-1 ethereal");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'ethereal', release: '3.1', reference: '0.10.10-2sarge6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ethereal is vulnerable in Debian 3.1.\nUpgrade to ethereal_0.10.10-2sarge6\n');
+}
+if (deb_check(prefix: 'ethereal-common', release: '3.1', reference: '0.10.10-2sarge6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ethereal-common is vulnerable in Debian 3.1.\nUpgrade to ethereal-common_0.10.10-2sarge6\n');
+}
+if (deb_check(prefix: 'ethereal-dev', release: '3.1', reference: '0.10.10-2sarge6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ethereal-dev is vulnerable in Debian 3.1.\nUpgrade to ethereal-dev_0.10.10-2sarge6\n');
+}
+if (deb_check(prefix: 'tethereal', release: '3.1', reference: '0.10.10-2sarge6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package tethereal is vulnerable in Debian 3.1.\nUpgrade to tethereal_0.10.10-2sarge6\n');
+}
+if (deb_check(prefix: 'ethereal', release: '4.0', reference: '0.99')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ethereal is vulnerable in Debian 4.0.\nUpgrade to ethereal_0.99\n');
+}
+if (deb_check(prefix: 'ethereal', release: '3.1', reference: '0.10.10-2sarge6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ethereal is vulnerable in Debian sarge.\nUpgrade to ethereal_0.10.10-2sarge6\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1128.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1128.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1128.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,79 @@
+# This script was automatically generated from the dsa-1128
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Yan Rong Ge discovered that wrong permissions on a shared memory page
+in heartbeat, the subsystem for High-Availability Linux could be
+exploited by a local attacker to cause a denial of service.
+For the stable distribution (sarge) this problem has been fixed in
+version 1.2.3-9sarge5.
+For the unstable distribution (sid) this problem will be fixed soon.
+We recommend that you upgrade your heartbeat packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1128
+Risk factor : High';
+
+if (description) {
+ script_id(22670);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1128");
+ script_cve_id("CVE-2006-3815");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1128] DSA-1128-1 heartbeat");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1128-1 heartbeat");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'heartbeat', release: '3.1', reference: '1.2.3-9sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package heartbeat is vulnerable in Debian 3.1.\nUpgrade to heartbeat_1.2.3-9sarge5\n');
+}
+if (deb_check(prefix: 'heartbeat-dev', release: '3.1', reference: '1.2.3-9sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package heartbeat-dev is vulnerable in Debian 3.1.\nUpgrade to heartbeat-dev_1.2.3-9sarge5\n');
+}
+if (deb_check(prefix: 'ldirectord', release: '3.1', reference: '1.2.3-9sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ldirectord is vulnerable in Debian 3.1.\nUpgrade to ldirectord_1.2.3-9sarge5\n');
+}
+if (deb_check(prefix: 'libpils-dev', release: '3.1', reference: '1.2.3-9sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libpils-dev is vulnerable in Debian 3.1.\nUpgrade to libpils-dev_1.2.3-9sarge5\n');
+}
+if (deb_check(prefix: 'libpils0', release: '3.1', reference: '1.2.3-9sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libpils0 is vulnerable in Debian 3.1.\nUpgrade to libpils0_1.2.3-9sarge5\n');
+}
+if (deb_check(prefix: 'libstonith-dev', release: '3.1', reference: '1.2.3-9sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libstonith-dev is vulnerable in Debian 3.1.\nUpgrade to libstonith-dev_1.2.3-9sarge5\n');
+}
+if (deb_check(prefix: 'libstonith0', release: '3.1', reference: '1.2.3-9sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libstonith0 is vulnerable in Debian 3.1.\nUpgrade to libstonith0_1.2.3-9sarge5\n');
+}
+if (deb_check(prefix: 'stonith', release: '3.1', reference: '1.2.3-9sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package stonith is vulnerable in Debian 3.1.\nUpgrade to stonith_1.2.3-9sarge5\n');
+}
+if (deb_check(prefix: 'heartbeat', release: '3.1', reference: '1.2.3-9sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package heartbeat is vulnerable in Debian sarge.\nUpgrade to heartbeat_1.2.3-9sarge5\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1129.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1129.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1129.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,66 @@
+# This script was automatically generated from the dsa-1129
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Ulf Härnhammar and Max Vozeler from the Debian Security Audit Project
+have found several format string security bugs in osiris, a
+network-wide system integrity monitor control interface. A remote
+attacker could exploit them and cause a denial of service or execute
+arbitrary code.
+For the stable distribution (sarge) these problems have been fixed in
+version 4.0.6-1sarge1.
+For the unstable distribution (sid) these problems have been fixed in
+version 4.2.0-2.
+We recommend that you upgrade your osiris packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1129
+Risk factor : High';
+
+if (description) {
+ script_id(22671);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1129");
+ script_cve_id("CVE-2006-3120");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1129] DSA-1129-1 osiris");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1129-1 osiris");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'osiris', release: '3.1', reference: '4.0.6-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package osiris is vulnerable in Debian 3.1.\nUpgrade to osiris_4.0.6-1sarge1\n');
+}
+if (deb_check(prefix: 'osirisd', release: '3.1', reference: '4.0.6-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package osirisd is vulnerable in Debian 3.1.\nUpgrade to osirisd_4.0.6-1sarge1\n');
+}
+if (deb_check(prefix: 'osirismd', release: '3.1', reference: '4.0.6-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package osirismd is vulnerable in Debian 3.1.\nUpgrade to osirismd_4.0.6-1sarge1\n');
+}
+if (deb_check(prefix: 'osiris', release: '4.0', reference: '4.2.0-2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package osiris is vulnerable in Debian 4.0.\nUpgrade to osiris_4.2.0-2\n');
+}
+if (deb_check(prefix: 'osiris', release: '3.1', reference: '4.0.6-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package osiris is vulnerable in Debian sarge.\nUpgrade to osiris_4.0.6-1sarge1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1130.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1130.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1130.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,57 @@
+# This script was automatically generated from the dsa-1130
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+A cross-site scripting vulnerability has been discovered in sitebar,
+a web based bookmark manager written in PHP, which allows remote
+attackers to inject arbitrary web script or HTML.
+For the stable distribution (sarge) this problem has been fixed in
+version 3.2.6-7.1.
+For the unstable distribution (sid) this problem has been fixed in
+version 3.3.8-1.1.
+We recommend that you upgrade your sitebar package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1130
+Risk factor : High';
+
+if (description) {
+ script_id(22672);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1130");
+ script_cve_id("CVE-2006-3320");
+ script_bugtraq_id(18680);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1130] DSA-1130-1 sitebar");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1130-1 sitebar");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'sitebar', release: '3.1', reference: '3.2.6-7.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package sitebar is vulnerable in Debian 3.1.\nUpgrade to sitebar_3.2.6-7.1\n');
+}
+if (deb_check(prefix: 'sitebar', release: '4.0', reference: '3.3.8-1.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package sitebar is vulnerable in Debian 4.0.\nUpgrade to sitebar_3.3.8-1.1\n');
+}
+if (deb_check(prefix: 'sitebar', release: '3.1', reference: '3.2.6-7.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package sitebar is vulnerable in Debian sarge.\nUpgrade to sitebar_3.2.6-7.1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1131.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1131.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1131.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,83 @@
+# This script was automatically generated from the dsa-1131
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Mark Dowd discovered a buffer overflow in the mod_rewrite component of
+apache, a versatile high-performance HTTP server. In some situations a
+remote attacker could exploit this to execute arbitrary code.
+For the stable distribution (sarge) this problem has been fixed in version 1.3.33-6sarge2.
+For the unstable distribution (sid) this problem will be fixed shortly.
+We recommend that you upgrade your apache package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1131
+Risk factor : High';
+
+if (description) {
+ script_id(22673);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1131");
+ script_cve_id("CVE-2006-3747");
+ script_xref(name: "CERT", value: "395412");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1131] DSA-1131-1 apache");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1131-1 apache");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'apache', release: '3.1', reference: '1.3.33-6sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache is vulnerable in Debian 3.1.\nUpgrade to apache_1.3.33-6sarge2\n');
+}
+if (deb_check(prefix: 'apache-common', release: '3.1', reference: '1.3.33-6sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache-common is vulnerable in Debian 3.1.\nUpgrade to apache-common_1.3.33-6sarge2\n');
+}
+if (deb_check(prefix: 'apache-dbg', release: '3.1', reference: '1.3.33-6sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache-dbg is vulnerable in Debian 3.1.\nUpgrade to apache-dbg_1.3.33-6sarge2\n');
+}
+if (deb_check(prefix: 'apache-dev', release: '3.1', reference: '1.3.33-6sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache-dev is vulnerable in Debian 3.1.\nUpgrade to apache-dev_1.3.33-6sarge2\n');
+}
+if (deb_check(prefix: 'apache-doc', release: '3.1', reference: '1.3.33-6sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache-doc is vulnerable in Debian 3.1.\nUpgrade to apache-doc_1.3.33-6sarge2\n');
+}
+if (deb_check(prefix: 'apache-perl', release: '3.1', reference: '1.3.33-6sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache-perl is vulnerable in Debian 3.1.\nUpgrade to apache-perl_1.3.33-6sarge2\n');
+}
+if (deb_check(prefix: 'apache-ssl', release: '3.1', reference: '1.3.33-6sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache-ssl is vulnerable in Debian 3.1.\nUpgrade to apache-ssl_1.3.33-6sarge2\n');
+}
+if (deb_check(prefix: 'apache-utils', release: '3.1', reference: '1.3.33-6sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache-utils is vulnerable in Debian 3.1.\nUpgrade to apache-utils_1.3.33-6sarge2\n');
+}
+if (deb_check(prefix: 'libapache-mod-perl', release: '3.1', reference: '1.29.0.3-6sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libapache-mod-perl is vulnerable in Debian 3.1.\nUpgrade to libapache-mod-perl_1.29.0.3-6sarge2\n');
+}
+if (deb_check(prefix: 'apache', release: '3.1', reference: '1.3.33-6sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache is vulnerable in Debian sarge.\nUpgrade to apache_1.3.33-6sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1132.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1132.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1132.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,96 @@
+# This script was automatically generated from the dsa-1132
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Mark Dowd discovered a buffer overflow in the mod_rewrite component of
+apache, a versatile high-performance HTTP server. In some situations a
+remote attacker could exploit this to execute arbitrary code.
+For the stable distribution (sarge) this problem has been fixed in
+version 2.0.54-5sarge1.
+For the unstable distribution (sid) this problem will be fixed shortly.
+We recommend that you upgrade your apache2 package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1132
+Risk factor : High';
+
+if (description) {
+ script_id(22674);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1132");
+ script_cve_id("CVE-2006-3747");
+ script_xref(name: "CERT", value: "395412");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1132] DSA-1132-1 apache2");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1132-1 apache2");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'apache2', release: '3.1', reference: '2.0.54-5sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache2 is vulnerable in Debian 3.1.\nUpgrade to apache2_2.0.54-5sarge1\n');
+}
+if (deb_check(prefix: 'apache2-common', release: '3.1', reference: '2.0.54-5sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache2-common is vulnerable in Debian 3.1.\nUpgrade to apache2-common_2.0.54-5sarge1\n');
+}
+if (deb_check(prefix: 'apache2-doc', release: '3.1', reference: '2.0.54-5sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache2-doc is vulnerable in Debian 3.1.\nUpgrade to apache2-doc_2.0.54-5sarge1\n');
+}
+if (deb_check(prefix: 'apache2-mpm-perchild', release: '3.1', reference: '2.0.54-5sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache2-mpm-perchild is vulnerable in Debian 3.1.\nUpgrade to apache2-mpm-perchild_2.0.54-5sarge1\n');
+}
+if (deb_check(prefix: 'apache2-mpm-prefork', release: '3.1', reference: '2.0.54-5sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache2-mpm-prefork is vulnerable in Debian 3.1.\nUpgrade to apache2-mpm-prefork_2.0.54-5sarge1\n');
+}
+if (deb_check(prefix: 'apache2-mpm-threadpool', release: '3.1', reference: '2.0.54-5sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache2-mpm-threadpool is vulnerable in Debian 3.1.\nUpgrade to apache2-mpm-threadpool_2.0.54-5sarge1\n');
+}
+if (deb_check(prefix: 'apache2-mpm-worker', release: '3.1', reference: '2.0.54-5sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache2-mpm-worker is vulnerable in Debian 3.1.\nUpgrade to apache2-mpm-worker_2.0.54-5sarge1\n');
+}
+if (deb_check(prefix: 'apache2-prefork-dev', release: '3.1', reference: '2.0.54-5sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache2-prefork-dev is vulnerable in Debian 3.1.\nUpgrade to apache2-prefork-dev_2.0.54-5sarge1\n');
+}
+if (deb_check(prefix: 'apache2-threaded-dev', release: '3.1', reference: '2.0.54-5sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache2-threaded-dev is vulnerable in Debian 3.1.\nUpgrade to apache2-threaded-dev_2.0.54-5sarge1\n');
+}
+if (deb_check(prefix: 'apache2-utils', release: '3.1', reference: '2.0.54-5sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache2-utils is vulnerable in Debian 3.1.\nUpgrade to apache2-utils_2.0.54-5sarge1\n');
+}
+if (deb_check(prefix: 'libapr0', release: '3.1', reference: '2.0.54-5sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libapr0 is vulnerable in Debian 3.1.\nUpgrade to libapr0_2.0.54-5sarge1\n');
+}
+if (deb_check(prefix: 'libapr0-dev', release: '3.1', reference: '2.0.54-5sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libapr0-dev is vulnerable in Debian 3.1.\nUpgrade to libapr0-dev_2.0.54-5sarge1\n');
+}
+if (deb_check(prefix: 'apache2', release: '3.1', reference: '2.0.54-5sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache2 is vulnerable in Debian sarge.\nUpgrade to apache2_2.0.54-5sarge1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1133.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1133.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1133.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,66 @@
+# This script was automatically generated from the dsa-1133
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Several remote vulnerabilities have been discovered in the Mantis bug
+tracking system, which may lead to the execution of arbitrary web script.
+The Common Vulnerabilities and Exposures project identifies the following
+problems:
+ A cross-site scripting vulnerability was discovered in
+ config_defaults_inc.php.
+ Cross-site scripting vulnerabilities were discovered in query_store.php
+ and manage_proj_create.php.
+ Multiple cross-site scripting vulnerabilities were discovered in
+ view_all_set.php, manage_user_page.php, view_filters_page.php and
+ proj_doc_delete.php.
+ Multiple cross-site scripting vulnerabilities were discovered in
+ view_all_set.php.
+For the stable distribution (sarge) these problems have been fixed in
+version 0.19.2-5sarge4.1.
+For the unstable distribution (sid) these problems have been fixed in
+version 0.19.4-3.1.
+We recommend that you upgrade your mantis package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1133
+Risk factor : High';
+
+if (description) {
+ script_id(22675);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1133");
+ script_cve_id("CVE-2006-0664", "CVE-2006-0665", "CVE-2006-0841", "CVE-2006-1577");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1133] DSA-1133-1 mantis");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1133-1 mantis");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'mantis', release: '3.1', reference: '0.19.2-5sarge4.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mantis is vulnerable in Debian 3.1.\nUpgrade to mantis_0.19.2-5sarge4.1\n');
+}
+if (deb_check(prefix: 'mantis', release: '4.0', reference: '0.19.4-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mantis is vulnerable in Debian 4.0.\nUpgrade to mantis_0.19.4-3.1\n');
+}
+if (deb_check(prefix: 'mantis', release: '3.1', reference: '0.19.2-5sarge4.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mantis is vulnerable in Debian sarge.\nUpgrade to mantis_0.19.2-5sarge4.1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1134.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1134.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1134.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,121 @@
+# This script was automatically generated from the dsa-1134
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Several security related problems have been discovered in Mozilla
+which are also present in Mozilla Thunderbird. The Common
+Vulnerabilities and Exposures project identifies the following
+vulnerabilities:
+ Eric Foley discovered that a user can be tricked to expose a local
+ file to a remote attacker by displaying a local file as image in
+ connection with other vulnerabilities. [MFSA-2006-39]
+ XUL attributes are associated with the wrong URL under certain
+ circumstances, which might allow remote attackers to bypass
+ restrictions. [MFSA-2006-35]
+ Paul Nickerson discovered that content-defined setters on an
+ object prototype were getting called by privileged user interface
+ code, and "moz_bug_r_a4" demonstrated that the higher privilege
+ level could be passed along to the content-defined attack code.
+ [MFSA-2006-37]
+ A vulnerability allows remote attackers to execute arbitrary code
+ and create notifications that are executed in a privileged
+ context. [MFSA-2006-43]
+ Mikolaj Habryn discovered a buffer overflow in the crypto.signText function
+ that allows remote attackers to execute arbitrary code via certain
+ optional Certificate Authority name arguments. [MFSA-2006-38]
+ Mozilla team members discovered several crashes during testing of
+ the browser engine showing evidence of memory corruption which may
+ also lead to the execution of arbitrary code. This problem has
+ only partially been corrected. [MFSA-2006-32]
+ An integer overflow allows remote attackers to cause a denial of
+ service and may permit the execution of arbitrary code.
+ [MFSA-2006-32]
+ Masatoshi Kimura discovered a double-free vulnerability that
+ allows remote attackers to cause a denial of service and possibly
+ execute arbitrary code via a VCard. [MFSA-2006-40]
+ Chuck McAuley discovered that a text input box can be pre-filled
+ with a filename and then turned into a file-upload control,
+ allowing a malicious website to steal any local file whose name
+ they can guess. [MFSA-2006-41, MFSA-2006-23, CVE-2006-1729]
+ Masatoshi Kimura discovered that the Unicode Byte-order-Mark (BOM)
+ is stripped from UTF-8 pages during the conversion to Unicode
+ before the parser sees the web page, which allows remote attackers
+ to conduct cross-site scripting (XSS) attacks. [MFSA-2006-42]
+ Paul Nickerson discovered that the fix for CVE-2005-0752 can be
+ bypassed using nested javascript: URLs, allowing the attacker to
+ execute privileged code. [MFSA-2005-34, MFSA-2006-36]
+ Paul Nickerson demonstrated that if an attacker could convince a
+ user to right-click on a broken image and choose "View Image" from
+ the context menu then he could get JavaScript to
+ run. [MFSA-2006-34]
+ Kazuho Oku discovered that Mozilla\'s lenient handling of HTTP
+ header syntax may allow remote attackers to trick the browser to
+ interpret certain responses as if they were responses from two
+ different sites. [MFSA-2006-33]
+ The Mozilla researcher "moz_bug_r_a4" discovered that JavaScri
+[...]
+
+Solution : http://www.debian.org/security/2006/dsa-1134
+Risk factor : High';
+
+if (description) {
+ script_id(22676);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1134");
+ script_cve_id("CVE-2006-1942", "CVE-2006-2775", "CVE-2006-2776", "CVE-2006-2777", "CVE-2006-2778", "CVE-2006-2779", "CVE-2006-2780");
+ script_bugtraq_id(18228);
+ script_xref(name: "CERT", value: "237257");
+ script_xref(name: "CERT", value: "243153");
+ script_xref(name: "CERT", value: "421529");
+ script_xref(name: "CERT", value: "466673");
+ script_xref(name: "CERT", value: "575969");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1134] DSA-1134-1 mozilla-thunderbird");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1134-1 mozilla-thunderbird");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'mozilla-thunderbird', release: '3.1', reference: '1.0.2-2.sarge1.0.8a')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-thunderbird is vulnerable in Debian 3.1.\nUpgrade to mozilla-thunderbird_1.0.2-2.sarge1.0.8a\n');
+}
+if (deb_check(prefix: 'mozilla-thunderbird-dev', release: '3.1', reference: '1.0.2-2.sarge1.0.8a')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-thunderbird-dev is vulnerable in Debian 3.1.\nUpgrade to mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8a\n');
+}
+if (deb_check(prefix: 'mozilla-thunderbird-inspector', release: '3.1', reference: '1.0.2-2.sarge1.0.8a')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-thunderbird-inspector is vulnerable in Debian 3.1.\nUpgrade to mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8a\n');
+}
+if (deb_check(prefix: 'mozilla-thunderbird-offline', release: '3.1', reference: '1.0.2-2.sarge1.0.8a')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-thunderbird-offline is vulnerable in Debian 3.1.\nUpgrade to mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8a\n');
+}
+if (deb_check(prefix: 'mozilla-thunderbird-typeaheadfind', release: '3.1', reference: '1.0.2-2.sarge1.0.8a')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-thunderbird-typeaheadfind is vulnerable in Debian 3.1.\nUpgrade to mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8a\n');
+}
+if (deb_check(prefix: 'mozilla-thunderbird', release: '4.0', reference: '1.5.0')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-thunderbird is vulnerable in Debian 4.0.\nUpgrade to mozilla-thunderbird_1.5.0\n');
+}
+if (deb_check(prefix: 'mozilla-thunderbird', release: '3.1', reference: '1.0.2-2.sarge1.0.8a')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-thunderbird is vulnerable in Debian sarge.\nUpgrade to mozilla-thunderbird_1.0.2-2.sarge1.0.8a\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1135.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1135.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1135.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,82 @@
+# This script was automatically generated from the dsa-1135
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Kevin Kofler discovered several stack-based buffer overflows in the
+LookupTRM::lookup function in libtunepimp, a MusicBrainz tagging
+library, which allows remote attackers to cause a denial of service or
+execute arbitrary code.
+For the stable distribution (sarge) these problems have been fixed in
+version 0.3.0-3sarge2.
+For the unstable distribution (sid) these problems have been fixed in
+version 0.4.2-4.
+We recommend that you upgrade your libtunepimp packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1135
+Risk factor : High';
+
+if (description) {
+ script_id(22677);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1135");
+ script_cve_id("CVE-2006-3600");
+ script_bugtraq_id(18961);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1135] DSA-1135-1 libtunepimp");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1135-1 libtunepimp");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'libtunepimp-bin', release: '3.1', reference: '0.3.0-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libtunepimp-bin is vulnerable in Debian 3.1.\nUpgrade to libtunepimp-bin_0.3.0-3sarge2\n');
+}
+if (deb_check(prefix: 'libtunepimp-perl', release: '3.1', reference: '0.3.0-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libtunepimp-perl is vulnerable in Debian 3.1.\nUpgrade to libtunepimp-perl_0.3.0-3sarge2\n');
+}
+if (deb_check(prefix: 'libtunepimp2', release: '3.1', reference: '0.3.0-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libtunepimp2 is vulnerable in Debian 3.1.\nUpgrade to libtunepimp2_0.3.0-3sarge2\n');
+}
+if (deb_check(prefix: 'libtunepimp2-dev', release: '3.1', reference: '0.3.0-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libtunepimp2-dev is vulnerable in Debian 3.1.\nUpgrade to libtunepimp2-dev_0.3.0-3sarge2\n');
+}
+if (deb_check(prefix: 'python-tunepimp', release: '3.1', reference: '0.3.0-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python-tunepimp is vulnerable in Debian 3.1.\nUpgrade to python-tunepimp_0.3.0-3sarge2\n');
+}
+if (deb_check(prefix: 'python2.2-tunepimp', release: '3.1', reference: '0.3.0-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.2-tunepimp is vulnerable in Debian 3.1.\nUpgrade to python2.2-tunepimp_0.3.0-3sarge2\n');
+}
+if (deb_check(prefix: 'python2.3-tunepimp', release: '3.1', reference: '0.3.0-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.3-tunepimp is vulnerable in Debian 3.1.\nUpgrade to python2.3-tunepimp_0.3.0-3sarge2\n');
+}
+if (deb_check(prefix: 'libtunepimp', release: '4.0', reference: '0.4.2-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libtunepimp is vulnerable in Debian 4.0.\nUpgrade to libtunepimp_0.4.2-4\n');
+}
+if (deb_check(prefix: 'libtunepimp', release: '3.1', reference: '0.3.0-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libtunepimp is vulnerable in Debian sarge.\nUpgrade to libtunepimp_0.3.0-3sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1136.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1136.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1136.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,59 @@
+# This script was automatically generated from the dsa-1136
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+<q>infamous41md</q> and Chris Evans discovered several heap based buffer
+overflows in xpdf, the Portable Document Format (PDF) suite, which are
+also present in gpdf, the viewer with Gtk bindings, and which can lead
+to a denial of service by crashing the application or possibly to the
+execution of arbitrary code.
+For the stable distribution (sarge) these problems have been fixed in
+version 2.8.2-1.2sarge5.
+For the unstable distribution (sid) these problems have been fixed in
+version 2.10.0-4.
+We recommend that you upgrade your gpdf package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1136
+Risk factor : High';
+
+if (description) {
+ script_id(22678);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1136");
+ script_cve_id("CVE-2005-2097");
+ script_bugtraq_id(14529);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1136] DSA-1136-1 gpdf");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1136-1 gpdf");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'gpdf', release: '3.1', reference: '2.8.2-1.2sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gpdf is vulnerable in Debian 3.1.\nUpgrade to gpdf_2.8.2-1.2sarge5\n');
+}
+if (deb_check(prefix: 'gpdf', release: '4.0', reference: '2.10.0-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gpdf is vulnerable in Debian 4.0.\nUpgrade to gpdf_2.10.0-4\n');
+}
+if (deb_check(prefix: 'gpdf', release: '3.1', reference: '2.8.2-1.2sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gpdf is vulnerable in Debian sarge.\nUpgrade to gpdf_2.8.2-1.2sarge5\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1137.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1137.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1137.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,88 @@
+# This script was automatically generated from the dsa-1137
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Tavis Ormandy of the Google Security Team discovered several problems
+in the TIFF library. The Common Vulnerabilities and Exposures project
+identifies the following issues:
+ Several stack-buffer overflows have been discovered.
+ A heap overflow vulnerability in the JPEG decoder may overrun a
+ buffer with more data than expected.
+ A heap overflow vulnerability in the PixarLog decoder may allow an
+ attacker to execute arbitrary code.
+ A heap overflow vulnerability has been discovered in the NeXT RLE
+ decoder.
+ An loop was discovered where a 16bit unsigned short was used to
+ iterate over a 32bit unsigned value so that the loop would never
+ terminate and continue forever.
+ Multiple unchecked arithmetic operations were uncovered, including
+ a number of the range checking operations designed to ensure the
+ offsets specified in TIFF directories are legitimate.
+ A flaw was also uncovered in libtiffs custom tag support which may
+ result in abnormal behaviour, crashes, or potentially arbitrary
+ code execution.
+For the stable distribution (sarge) these problems have been fixed in
+version 3.7.2-7.
+For the unstable distribution (sid) these problems have been fixed in
+version 3.8.2-6.
+We recommend that you upgrade your libtiff packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1137
+Risk factor : High';
+
+if (description) {
+ script_id(22679);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1137");
+ script_cve_id("CVE-2006-3459", "CVE-2006-3460", "CVE-2006-3461", "CVE-2006-3462", "CVE-2006-3463", "CVE-2006-3464", "CVE-2006-3465");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1137] DSA-1137-1 tiff");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1137-1 tiff");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'libtiff-opengl', release: '3.1', reference: '3.7.2-7')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libtiff-opengl is vulnerable in Debian 3.1.\nUpgrade to libtiff-opengl_3.7.2-7\n');
+}
+if (deb_check(prefix: 'libtiff-tools', release: '3.1', reference: '3.7.2-7')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libtiff-tools is vulnerable in Debian 3.1.\nUpgrade to libtiff-tools_3.7.2-7\n');
+}
+if (deb_check(prefix: 'libtiff4', release: '3.1', reference: '3.7.2-7')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libtiff4 is vulnerable in Debian 3.1.\nUpgrade to libtiff4_3.7.2-7\n');
+}
+if (deb_check(prefix: 'libtiff4-dev', release: '3.1', reference: '3.7.2-7')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libtiff4-dev is vulnerable in Debian 3.1.\nUpgrade to libtiff4-dev_3.7.2-7\n');
+}
+if (deb_check(prefix: 'libtiffxx0', release: '3.1', reference: '3.7.2-7')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libtiffxx0 is vulnerable in Debian 3.1.\nUpgrade to libtiffxx0_3.7.2-7\n');
+}
+if (deb_check(prefix: 'tiff', release: '4.0', reference: '3.8.2-6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package tiff is vulnerable in Debian 4.0.\nUpgrade to tiff_3.8.2-6\n');
+}
+if (deb_check(prefix: 'tiff', release: '3.1', reference: '3.7.2-7')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package tiff is vulnerable in Debian sarge.\nUpgrade to tiff_3.7.2-7\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1138.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1138.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1138.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,55 @@
+# This script was automatically generated from the dsa-1138
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Carlo Contavalli discovered an integer overflow in CFS, a cryptographic
+filesystem, which allows local users to crash the encryption daemon.
+For the stable distribution (sarge) this problem has been fixed in
+version 1.4.1-15sarge1.
+For the unstable distribution (sid) this problem has been fixed in
+version 1.4.1-17.
+We recommend that you upgrade your cfs package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1138
+Risk factor : High';
+
+if (description) {
+ script_id(22680);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1138");
+ script_cve_id("CVE-2006-3123");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1138] DSA-1138-1 cfs");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1138-1 cfs");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'cfs', release: '3.1', reference: '1.4.1-15sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package cfs is vulnerable in Debian 3.1.\nUpgrade to cfs_1.4.1-15sarge1\n');
+}
+if (deb_check(prefix: 'cfs', release: '4.0', reference: '1.4.1-17')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package cfs is vulnerable in Debian 4.0.\nUpgrade to cfs_1.4.1-17\n');
+}
+if (deb_check(prefix: 'cfs', release: '3.1', reference: '1.4.1-15sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package cfs is vulnerable in Debian sarge.\nUpgrade to cfs_1.4.1-15sarge1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1139.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1139.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1139.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,112 @@
+# This script was automatically generated from the dsa-1139
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+It was discovered that the interpreter for the Ruby language does not
+properly maintain "safe levels" for aliasing, directory accesses and
+regular expressions, which might lead to a bypass of security
+restrictions.
+For the stable distribution (sarge) this problem has been fixed in
+version 1.6.8-12sarge2.
+The unstable distribution (sid) does no longer contain ruby1.6 packages.
+We recommend that you upgrade your Ruby packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1139
+Risk factor : High';
+
+if (description) {
+ script_id(22681);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1139");
+ script_cve_id("CVE-2006-3694");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1139] DSA-1139-1 ruby1.6");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1139-1 ruby1.6");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'irb1.6', release: '3.1', reference: '1.6.8-12sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package irb1.6 is vulnerable in Debian 3.1.\nUpgrade to irb1.6_1.6.8-12sarge2\n');
+}
+if (deb_check(prefix: 'libcurses-ruby1.6', release: '3.1', reference: '1.6.8-12sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libcurses-ruby1.6 is vulnerable in Debian 3.1.\nUpgrade to libcurses-ruby1.6_1.6.8-12sarge2\n');
+}
+if (deb_check(prefix: 'libdbm-ruby1.6', release: '3.1', reference: '1.6.8-12sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libdbm-ruby1.6 is vulnerable in Debian 3.1.\nUpgrade to libdbm-ruby1.6_1.6.8-12sarge2\n');
+}
+if (deb_check(prefix: 'libgdbm-ruby1.6', release: '3.1', reference: '1.6.8-12sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgdbm-ruby1.6 is vulnerable in Debian 3.1.\nUpgrade to libgdbm-ruby1.6_1.6.8-12sarge2\n');
+}
+if (deb_check(prefix: 'libpty-ruby1.6', release: '3.1', reference: '1.6.8-12sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libpty-ruby1.6 is vulnerable in Debian 3.1.\nUpgrade to libpty-ruby1.6_1.6.8-12sarge2\n');
+}
+if (deb_check(prefix: 'libreadline-ruby1.6', release: '3.1', reference: '1.6.8-12sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libreadline-ruby1.6 is vulnerable in Debian 3.1.\nUpgrade to libreadline-ruby1.6_1.6.8-12sarge2\n');
+}
+if (deb_check(prefix: 'libruby1.6', release: '3.1', reference: '1.6.8-12sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libruby1.6 is vulnerable in Debian 3.1.\nUpgrade to libruby1.6_1.6.8-12sarge2\n');
+}
+if (deb_check(prefix: 'libruby1.6-dbg', release: '3.1', reference: '1.6.8-12sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libruby1.6-dbg is vulnerable in Debian 3.1.\nUpgrade to libruby1.6-dbg_1.6.8-12sarge2\n');
+}
+if (deb_check(prefix: 'libsdbm-ruby1.6', release: '3.1', reference: '1.6.8-12sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libsdbm-ruby1.6 is vulnerable in Debian 3.1.\nUpgrade to libsdbm-ruby1.6_1.6.8-12sarge2\n');
+}
+if (deb_check(prefix: 'libsyslog-ruby1.6', release: '3.1', reference: '1.6.8-12sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libsyslog-ruby1.6 is vulnerable in Debian 3.1.\nUpgrade to libsyslog-ruby1.6_1.6.8-12sarge2\n');
+}
+if (deb_check(prefix: 'libtcltk-ruby1.6', release: '3.1', reference: '1.6.8-12sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libtcltk-ruby1.6 is vulnerable in Debian 3.1.\nUpgrade to libtcltk-ruby1.6_1.6.8-12sarge2\n');
+}
+if (deb_check(prefix: 'libtk-ruby1.6', release: '3.1', reference: '1.6.8-12sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libtk-ruby1.6 is vulnerable in Debian 3.1.\nUpgrade to libtk-ruby1.6_1.6.8-12sarge2\n');
+}
+if (deb_check(prefix: 'ruby1.6', release: '3.1', reference: '1.6.8-12sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ruby1.6 is vulnerable in Debian 3.1.\nUpgrade to ruby1.6_1.6.8-12sarge2\n');
+}
+if (deb_check(prefix: 'ruby1.6-dev', release: '3.1', reference: '1.6.8-12sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ruby1.6-dev is vulnerable in Debian 3.1.\nUpgrade to ruby1.6-dev_1.6.8-12sarge2\n');
+}
+if (deb_check(prefix: 'ruby1.6-elisp', release: '3.1', reference: '1.6.8-12sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ruby1.6-elisp is vulnerable in Debian 3.1.\nUpgrade to ruby1.6-elisp_1.6.8-12sarge2\n');
+}
+if (deb_check(prefix: 'ruby1.6-examples', release: '3.1', reference: '1.6.8-12sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ruby1.6-examples is vulnerable in Debian 3.1.\nUpgrade to ruby1.6-examples_1.6.8-12sarge2\n');
+}
+if (deb_check(prefix: 'ruby1.6', release: '3.1', reference: '1.6.8-12sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ruby1.6 is vulnerable in Debian sarge.\nUpgrade to ruby1.6_1.6.8-12sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1140.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1140.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1140.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,56 @@
+# This script was automatically generated from the dsa-1140
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Evgeny Legerov discovered that overly large comments can crash gnupg,
+the GNU privacy guard - a free PGP replacement.
+For the stable distribution (sarge) this problem has been fixed in
+version 1.4.1-1.sarge5.
+For the unstable distribution (sid) this problem has been fixed in
+version 1.4.5-1.
+We recommend that you upgrade your gnupg package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1140
+Risk factor : High';
+
+if (description) {
+ script_id(22682);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1140");
+ script_cve_id("CVE-2006-3746");
+ script_bugtraq_id(19110);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1140] DSA-1140-1 gnupg");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1140-1 gnupg");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'gnupg', release: '3.1', reference: '1.4.1-1.sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gnupg is vulnerable in Debian 3.1.\nUpgrade to gnupg_1.4.1-1.sarge5\n');
+}
+if (deb_check(prefix: 'gnupg', release: '4.0', reference: '1.4.5-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gnupg is vulnerable in Debian 4.0.\nUpgrade to gnupg_1.4.5-1\n');
+}
+if (deb_check(prefix: 'gnupg', release: '3.1', reference: '1.4.1-1.sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gnupg is vulnerable in Debian sarge.\nUpgrade to gnupg_1.4.1-1.sarge5\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1141.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1141.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1141.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,65 @@
+# This script was automatically generated from the dsa-1141
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Evgeny Legerov discovered that overly large comments can crash gnupg,
+the GNU privacy guard - a free PGP replacement, which is also present
+in the development branch.
+For the stable distribution (sarge) this problem has been fixed in
+version 1.9.15-6sarge2.
+For the unstable distribution (sid) this problem has been fixed in
+version 1.9.20-2.
+We recommend that you upgrade your gnupg2 package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1141
+Risk factor : High';
+
+if (description) {
+ script_id(22683);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1141");
+ script_cve_id("CVE-2006-3746");
+ script_bugtraq_id(19110);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1141] DSA-1141-1 gnupg2");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1141-1 gnupg2");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'gnupg-agent', release: '3.1', reference: '1.9.15-6sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gnupg-agent is vulnerable in Debian 3.1.\nUpgrade to gnupg-agent_1.9.15-6sarge2\n');
+}
+if (deb_check(prefix: 'gnupg2', release: '3.1', reference: '1.9.15-6sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gnupg2 is vulnerable in Debian 3.1.\nUpgrade to gnupg2_1.9.15-6sarge2\n');
+}
+if (deb_check(prefix: 'gpgsm', release: '3.1', reference: '1.9.15-6sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gpgsm is vulnerable in Debian 3.1.\nUpgrade to gpgsm_1.9.15-6sarge2\n');
+}
+if (deb_check(prefix: 'gnupg2', release: '4.0', reference: '1.9.20-2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gnupg2 is vulnerable in Debian 4.0.\nUpgrade to gnupg2_1.9.20-2\n');
+}
+if (deb_check(prefix: 'gnupg2', release: '3.1', reference: '1.9.15-6sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gnupg2 is vulnerable in Debian sarge.\nUpgrade to gnupg2_1.9.15-6sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1142.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1142.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1142.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,77 @@
+# This script was automatically generated from the dsa-1142
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Luigi Auriemma discovered missing boundary checks in freeciv, a clone
+of the well known Civilisation game, which can be exploited by remote
+attackers to cause a denial of service (crash) and possibly execute
+arbitrary code.
+For the stable distribution (sarge) these problems have been fixed in
+version 2.0.1-1sarge2.
+For the unstable distribution (sid) these problems will be fixed soon.
+We recommend that you upgrade your freeciv package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1142
+Risk factor : High';
+
+if (description) {
+ script_id(22684);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1142");
+ script_cve_id("CVE-2006-3913");
+ script_bugtraq_id(19117);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1142] DSA-1142-1 freeciv");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1142-1 freeciv");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'freeciv', release: '3.1', reference: '2.0.1-1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package freeciv is vulnerable in Debian 3.1.\nUpgrade to freeciv_2.0.1-1sarge2\n');
+}
+if (deb_check(prefix: 'freeciv-client-gtk', release: '3.1', reference: '2.0.1-1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package freeciv-client-gtk is vulnerable in Debian 3.1.\nUpgrade to freeciv-client-gtk_2.0.1-1sarge2\n');
+}
+if (deb_check(prefix: 'freeciv-client-xaw3d', release: '3.1', reference: '2.0.1-1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package freeciv-client-xaw3d is vulnerable in Debian 3.1.\nUpgrade to freeciv-client-xaw3d_2.0.1-1sarge2\n');
+}
+if (deb_check(prefix: 'freeciv-data', release: '3.1', reference: '2.0.1-1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package freeciv-data is vulnerable in Debian 3.1.\nUpgrade to freeciv-data_2.0.1-1sarge2\n');
+}
+if (deb_check(prefix: 'freeciv-gtk', release: '3.1', reference: '2.0.1-1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package freeciv-gtk is vulnerable in Debian 3.1.\nUpgrade to freeciv-gtk_2.0.1-1sarge2\n');
+}
+if (deb_check(prefix: 'freeciv-server', release: '3.1', reference: '2.0.1-1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package freeciv-server is vulnerable in Debian 3.1.\nUpgrade to freeciv-server_2.0.1-1sarge2\n');
+}
+if (deb_check(prefix: 'freeciv-xaw3d', release: '3.1', reference: '2.0.1-1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package freeciv-xaw3d is vulnerable in Debian 3.1.\nUpgrade to freeciv-xaw3d_2.0.1-1sarge2\n');
+}
+if (deb_check(prefix: 'freeciv', release: '3.1', reference: '2.0.1-1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package freeciv is vulnerable in Debian sarge.\nUpgrade to freeciv_2.0.1-1sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1143.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1143.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1143.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,59 @@
+# This script was automatically generated from the dsa-1143
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Justin Winschief and Andrew Steets discovered a bug in dhcp, the DHCP
+server for automatic IP address assignment, which causes the server to
+unexpectedly exit.
+For the stable distribution (sarge) this problem has been fixed in
+version 2.0pl5-19.1sarge2.
+For the unstable distribution (sid) this problem will be fixed soon.
+We recommend that you upgrade your dhcp package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1143
+Risk factor : High';
+
+if (description) {
+ script_id(22685);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1143");
+ script_cve_id("CVE-2006-3122");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1143] DSA-1143-1 dhcp");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1143-1 dhcp");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'dhcp', release: '3.1', reference: '2.0pl5-19.1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package dhcp is vulnerable in Debian 3.1.\nUpgrade to dhcp_2.0pl5-19.1sarge2\n');
+}
+if (deb_check(prefix: 'dhcp-client', release: '3.1', reference: '2.0pl5-19.1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package dhcp-client is vulnerable in Debian 3.1.\nUpgrade to dhcp-client_2.0pl5-19.1sarge2\n');
+}
+if (deb_check(prefix: 'dhcp-relay', release: '3.1', reference: '2.0pl5-19.1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package dhcp-relay is vulnerable in Debian 3.1.\nUpgrade to dhcp-relay_2.0pl5-19.1sarge2\n');
+}
+if (deb_check(prefix: 'dhcp', release: '3.1', reference: '2.0pl5-19.1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package dhcp is vulnerable in Debian sarge.\nUpgrade to dhcp_2.0pl5-19.1sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1144.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1144.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1144.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,64 @@
+# This script was automatically generated from the dsa-1144
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+It was discovered that one of the utilities shipped with chmlib, a
+library for dealing with Microsoft CHM files, performs insufficient
+sanitising of filenames, which might lead to directory traversal.
+For the stable distribution (sarge) this problem has been fixed in
+version 0.35-6sarge3.
+For the unstable distribution (sid) this problem has been fixed in
+version 0.38-1.
+We recommend that you upgrade your chmlib-bin package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1144
+Risk factor : High';
+
+if (description) {
+ script_id(22686);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1144");
+ script_cve_id("CVE-2006-3178");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1144] DSA-1144-1 chmlib");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1144-1 chmlib");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'chmlib', release: '3.1', reference: '0.35-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package chmlib is vulnerable in Debian 3.1.\nUpgrade to chmlib_0.35-6sarge3\n');
+}
+if (deb_check(prefix: 'chmlib-bin', release: '3.1', reference: '0.35-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package chmlib-bin is vulnerable in Debian 3.1.\nUpgrade to chmlib-bin_0.35-6sarge3\n');
+}
+if (deb_check(prefix: 'chmlib-dev', release: '3.1', reference: '0.35-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package chmlib-dev is vulnerable in Debian 3.1.\nUpgrade to chmlib-dev_0.35-6sarge3\n');
+}
+if (deb_check(prefix: 'chmlib', release: '4.0', reference: '0.38-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package chmlib is vulnerable in Debian 4.0.\nUpgrade to chmlib_0.38-1\n');
+}
+if (deb_check(prefix: 'chmlib', release: '3.1', reference: '0.35-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package chmlib is vulnerable in Debian sarge.\nUpgrade to chmlib_0.35-6sarge3\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1145.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1145.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1145.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,81 @@
+# This script was automatically generated from the dsa-1145
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Several remote vulnerabilities have been discovered in freeradius, a
+high-performance RADIUS server, which may lead to SQL injection or denial
+of service. The Common Vulnerabilities and Exposures project identifies
+the following problems:
+ An SQL injection vulnerability has been discovered in the
+ rlm_sqlcounter module.
+ Multiple buffer overflows have been discovered, allowing denial of
+ service.
+For the stable distribution (sarge) these problems have been fixed in
+version 1.0.2-4sarge3.
+For the unstable distribution (sid) these problems have been fixed in
+version 1.0.5-1.
+We recommend that you upgrade your freeradius packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1145
+Risk factor : High';
+
+if (description) {
+ script_id(22687);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1145");
+ script_cve_id("CVE-2005-4745", "CVE-2005-4746");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1145] DSA-1145-1 freeradius");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1145-1 freeradius");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'freeradius', release: '3.1', reference: '1.0.2-4sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package freeradius is vulnerable in Debian 3.1.\nUpgrade to freeradius_1.0.2-4sarge3\n');
+}
+if (deb_check(prefix: 'freeradius-dialupadmin', release: '3.1', reference: '1.0.2-4sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package freeradius-dialupadmin is vulnerable in Debian 3.1.\nUpgrade to freeradius-dialupadmin_1.0.2-4sarge3\n');
+}
+if (deb_check(prefix: 'freeradius-iodbc', release: '3.1', reference: '1.0.2-4sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package freeradius-iodbc is vulnerable in Debian 3.1.\nUpgrade to freeradius-iodbc_1.0.2-4sarge3\n');
+}
+if (deb_check(prefix: 'freeradius-krb5', release: '3.1', reference: '1.0.2-4sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package freeradius-krb5 is vulnerable in Debian 3.1.\nUpgrade to freeradius-krb5_1.0.2-4sarge3\n');
+}
+if (deb_check(prefix: 'freeradius-ldap', release: '3.1', reference: '1.0.2-4sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package freeradius-ldap is vulnerable in Debian 3.1.\nUpgrade to freeradius-ldap_1.0.2-4sarge3\n');
+}
+if (deb_check(prefix: 'freeradius-mysql', release: '3.1', reference: '1.0.2-4sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package freeradius-mysql is vulnerable in Debian 3.1.\nUpgrade to freeradius-mysql_1.0.2-4sarge3\n');
+}
+if (deb_check(prefix: 'freeradius', release: '4.0', reference: '1.0.5-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package freeradius is vulnerable in Debian 4.0.\nUpgrade to freeradius_1.0.5-1\n');
+}
+if (deb_check(prefix: 'freeradius', release: '3.1', reference: '1.0.2-4sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package freeradius is vulnerable in Debian sarge.\nUpgrade to freeradius_1.0.2-4sarge3\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1146.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1146.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1146.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,100 @@
+# This script was automatically generated from the dsa-1146
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+In certain application programs packaged in the MIT Kerberos 5 source
+distribution, calls to setuid() and seteuid() are not always checked
+for success and may fail with some PAM configurations. A local
+user could exploit one of these vulnerabilities to result in privilege
+escalation. No exploit code is known to exist at this time.
+For the stable distribution (sarge) these problems have been fixed in
+version 1.3.6-2sarge3.
+For the unstable distribution (sid) these problems have been fixed in
+version 1.4.3-9.
+We recommend that you upgrade your krb5 packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1146
+Risk factor : High';
+
+if (description) {
+ script_id(22688);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1146");
+ script_cve_id("CVE-2006-3083", "CVE-2006-3084");
+ script_xref(name: "CERT", value: "401660");
+ script_xref(name: "CERT", value: "580124");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1146] DSA-1146-1 krb5");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1146-1 krb5");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'krb5-admin-server', release: '3.1', reference: '1.3.6-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package krb5-admin-server is vulnerable in Debian 3.1.\nUpgrade to krb5-admin-server_1.3.6-2sarge3\n');
+}
+if (deb_check(prefix: 'krb5-clients', release: '3.1', reference: '1.3.6-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package krb5-clients is vulnerable in Debian 3.1.\nUpgrade to krb5-clients_1.3.6-2sarge3\n');
+}
+if (deb_check(prefix: 'krb5-doc', release: '3.1', reference: '1.3.6-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package krb5-doc is vulnerable in Debian 3.1.\nUpgrade to krb5-doc_1.3.6-2sarge3\n');
+}
+if (deb_check(prefix: 'krb5-ftpd', release: '3.1', reference: '1.3.6-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package krb5-ftpd is vulnerable in Debian 3.1.\nUpgrade to krb5-ftpd_1.3.6-2sarge3\n');
+}
+if (deb_check(prefix: 'krb5-kdc', release: '3.1', reference: '1.3.6-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package krb5-kdc is vulnerable in Debian 3.1.\nUpgrade to krb5-kdc_1.3.6-2sarge3\n');
+}
+if (deb_check(prefix: 'krb5-rsh-server', release: '3.1', reference: '1.3.6-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package krb5-rsh-server is vulnerable in Debian 3.1.\nUpgrade to krb5-rsh-server_1.3.6-2sarge3\n');
+}
+if (deb_check(prefix: 'krb5-telnetd', release: '3.1', reference: '1.3.6-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package krb5-telnetd is vulnerable in Debian 3.1.\nUpgrade to krb5-telnetd_1.3.6-2sarge3\n');
+}
+if (deb_check(prefix: 'krb5-user', release: '3.1', reference: '1.3.6-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package krb5-user is vulnerable in Debian 3.1.\nUpgrade to krb5-user_1.3.6-2sarge3\n');
+}
+if (deb_check(prefix: 'libkadm55', release: '3.1', reference: '1.3.6-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libkadm55 is vulnerable in Debian 3.1.\nUpgrade to libkadm55_1.3.6-2sarge3\n');
+}
+if (deb_check(prefix: 'libkrb5-dev', release: '3.1', reference: '1.3.6-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libkrb5-dev is vulnerable in Debian 3.1.\nUpgrade to libkrb5-dev_1.3.6-2sarge3\n');
+}
+if (deb_check(prefix: 'libkrb53', release: '3.1', reference: '1.3.6-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libkrb53 is vulnerable in Debian 3.1.\nUpgrade to libkrb53_1.3.6-2sarge3\n');
+}
+if (deb_check(prefix: 'krb5', release: '4.0', reference: '1.4.3-9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package krb5 is vulnerable in Debian 4.0.\nUpgrade to krb5_1.4.3-9\n');
+}
+if (deb_check(prefix: 'krb5', release: '3.1', reference: '1.3.6-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package krb5 is vulnerable in Debian sarge.\nUpgrade to krb5_1.3.6-2sarge3\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1147.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1147.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1147.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,56 @@
+# This script was automatically generated from the dsa-1147
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Ayman Hourieh discovered that Drupal, a dynamic website platform,
+performs insufficient input sanitising in the user module, which
+might lead to cross-site scripting.
+For the stable distribution (sarge) this problem has been fixed in
+version 4.5.3-6.1sarge3.
+For the unstable distribution (sid) this problem has been fixed in
+version 4.5.8-2.
+We recommend that you upgrade your drupal package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1147
+Risk factor : High';
+
+if (description) {
+ script_id(22689);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1147");
+ script_cve_id("CVE-2006-4002");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1147] DSA-1147-1 drupal");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1147-1 drupal");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'drupal', release: '3.1', reference: '4.5.3-6.1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package drupal is vulnerable in Debian 3.1.\nUpgrade to drupal_4.5.3-6.1sarge3\n');
+}
+if (deb_check(prefix: 'drupal', release: '4.0', reference: '4.5.8-2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package drupal is vulnerable in Debian 4.0.\nUpgrade to drupal_4.5.8-2\n');
+}
+if (deb_check(prefix: 'drupal', release: '3.1', reference: '4.5.3-6.1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package drupal is vulnerable in Debian sarge.\nUpgrade to drupal_4.5.3-6.1sarge3\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1148.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1148.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1148.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,62 @@
+# This script was automatically generated from the dsa-1148
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Several remote vulnerabilities have been discovered in gallery, a web-based
+photo album. The Common Vulnerabilities and Exposures project identifies
+the following problems:
+ A cross-site scripting vulnerability allows injection of web script
+ code through HTML or EXIF information.
+ A cross-site scripting vulnerability in the user registration allows
+ injection of web script code.
+ Missing input sanitising in the stats modules allows information
+ disclosure.
+For the stable distribution (sarge) these problems have been fixed in
+version 1.5-1sarge2.
+For the unstable distribution (sid) these problems have been fixed in
+version 1.5-2.
+We recommend that you upgrade your gallery package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1148
+Risk factor : High';
+
+if (description) {
+ script_id(22690);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1148");
+ script_cve_id("CVE-2005-2734", "CVE-2006-0330", "CVE-2006-4030");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1148] DSA-1148-1 gallery");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1148-1 gallery");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'gallery', release: '3.1', reference: '1.5-1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gallery is vulnerable in Debian 3.1.\nUpgrade to gallery_1.5-1sarge2\n');
+}
+if (deb_check(prefix: 'gallery', release: '4.0', reference: '1.5-2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gallery is vulnerable in Debian 4.0.\nUpgrade to gallery_1.5-2\n');
+}
+if (deb_check(prefix: 'gallery', release: '3.1', reference: '1.5-1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gallery is vulnerable in Debian sarge.\nUpgrade to gallery_1.5-1sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1149.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1149.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1149.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,57 @@
+# This script was automatically generated from the dsa-1149
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Tavis Ormandy from the Google Security Team discovered a missing
+boundary check in ncompress, the original Lempel-Ziv compress and
+uncompress programs, which allows a specially crafted datastream to
+underflow a buffer with attacker controlled data.
+For the stable distribution (sarge) this problem has been fixed in
+version 4.2.4-15sarge2.
+For the unstable distribution (sid) this problem has been fixed in
+version 4.2.4-15sarge2.
+We recommend that you upgrade your ncompress package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1149
+Risk factor : High';
+
+if (description) {
+ script_id(22691);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1149");
+ script_cve_id("CVE-2006-1168");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1149] DSA-1149-1 ncompress");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1149-1 ncompress");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'ncompress', release: '3.1', reference: '4.2.4-15sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ncompress is vulnerable in Debian 3.1.\nUpgrade to ncompress_4.2.4-15sarge2\n');
+}
+if (deb_check(prefix: 'ncompress', release: '4.0', reference: '4.2.4-15sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ncompress is vulnerable in Debian 4.0.\nUpgrade to ncompress_4.2.4-15sarge2\n');
+}
+if (deb_check(prefix: 'ncompress', release: '3.1', reference: '4.2.4-15sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ncompress is vulnerable in Debian sarge.\nUpgrade to ncompress_4.2.4-15sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1150.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1150.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1150.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,61 @@
+# This script was automatically generated from the dsa-1150
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+A bug has been discovered in several packages that execute the
+setuid() system call without checking for success when trying to drop
+privileges, which may fail with some PAM configurations.
+For the stable distribution (sarge) this problem has been fixed in
+version 4.0.3-31sarge8.
+For the unstable distribution (sid) this problem has been fixed in
+version 4.0.17-2.
+We recommend that you upgrade your passwd package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1150
+Risk factor : High';
+
+if (description) {
+ script_id(22692);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1150");
+ script_cve_id("CVE-2006-3378");
+ script_bugtraq_id(18850);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1150] DSA-1150-1 shadow");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1150-1 shadow");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'login', release: '3.1', reference: '4.0.3-31sarge8')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package login is vulnerable in Debian 3.1.\nUpgrade to login_4.0.3-31sarge8\n');
+}
+if (deb_check(prefix: 'passwd', release: '3.1', reference: '4.0.3-31sarge8')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package passwd is vulnerable in Debian 3.1.\nUpgrade to passwd_4.0.3-31sarge8\n');
+}
+if (deb_check(prefix: 'shadow', release: '4.0', reference: '4.0.17-2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package shadow is vulnerable in Debian 4.0.\nUpgrade to shadow_4.0.17-2\n');
+}
+if (deb_check(prefix: 'shadow', release: '3.1', reference: '4.0.3-31sarge8')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package shadow is vulnerable in Debian sarge.\nUpgrade to shadow_4.0.3-31sarge8\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1151.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1151.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1151.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,84 @@
+# This script was automatically generated from the dsa-1151
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Yan Rong Ge discovered out-of-boundary memory access in heartbeat, the
+subsystem for High-Availability Linux. This could be used by a remote
+attacker to cause a denial of service.
+For the stable distribution (sarge) this problem has been fixed in
+version 1.2.3-9sarge6.
+For the unstable distribution (sid) this problem has been fixed in
+version 1.2.4-14 and heartbeat-2 2.0.6-2.
+We recommend that you upgrade your heartbeat packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1151
+Risk factor : High';
+
+if (description) {
+ script_id(22693);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1151");
+ script_cve_id("CVE-2006-3121");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1151] DSA-1151-1 heartbeat");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1151-1 heartbeat");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'heartbeat', release: '3.1', reference: '1.2.3-9sarge6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package heartbeat is vulnerable in Debian 3.1.\nUpgrade to heartbeat_1.2.3-9sarge6\n');
+}
+if (deb_check(prefix: 'heartbeat-dev', release: '3.1', reference: '1.2.3-9sarge6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package heartbeat-dev is vulnerable in Debian 3.1.\nUpgrade to heartbeat-dev_1.2.3-9sarge6\n');
+}
+if (deb_check(prefix: 'ldirectord', release: '3.1', reference: '1.2.3-9sarge6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ldirectord is vulnerable in Debian 3.1.\nUpgrade to ldirectord_1.2.3-9sarge6\n');
+}
+if (deb_check(prefix: 'libpils-dev', release: '3.1', reference: '1.2.3-9sarge6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libpils-dev is vulnerable in Debian 3.1.\nUpgrade to libpils-dev_1.2.3-9sarge6\n');
+}
+if (deb_check(prefix: 'libpils0', release: '3.1', reference: '1.2.3-9sarge6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libpils0 is vulnerable in Debian 3.1.\nUpgrade to libpils0_1.2.3-9sarge6\n');
+}
+if (deb_check(prefix: 'libstonith-dev', release: '3.1', reference: '1.2.3-9sarge6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libstonith-dev is vulnerable in Debian 3.1.\nUpgrade to libstonith-dev_1.2.3-9sarge6\n');
+}
+if (deb_check(prefix: 'libstonith0', release: '3.1', reference: '1.2.3-9sarge6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libstonith0 is vulnerable in Debian 3.1.\nUpgrade to libstonith0_1.2.3-9sarge6\n');
+}
+if (deb_check(prefix: 'stonith', release: '3.1', reference: '1.2.3-9sarge6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package stonith is vulnerable in Debian 3.1.\nUpgrade to stonith_1.2.3-9sarge6\n');
+}
+if (deb_check(prefix: 'heartbeat', release: '4.0', reference: '1.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package heartbeat is vulnerable in Debian 4.0.\nUpgrade to heartbeat_1.2\n');
+}
+if (deb_check(prefix: 'heartbeat', release: '3.1', reference: '1.2.3-9sarge6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package heartbeat is vulnerable in Debian sarge.\nUpgrade to heartbeat_1.2.3-9sarge6\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1152.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1152.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1152.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,90 @@
+# This script was automatically generated from the dsa-1152
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Felix Wiemann discovered that trac, an enhanced Wiki and issue
+tracking system for software development projects, can be used to
+disclose arbitrary local files. To fix this problem, python-docutils
+needs to be updated as well.
+For the stable distribution (sarge) this problem has been fixed in
+version 0.8.1-3sarge5 of trac and version 0.3.7-2sarge1 of
+python-docutils.
+For the unstable distribution (sid) this problem has been fixed in
+version 0.9.6-1.
+We recommend that you upgrade your trac and python-docutils packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1152
+Risk factor : High';
+
+if (description) {
+ script_id(22694);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1152");
+ script_cve_id("CVE-2006-3695");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1152] DSA-1152-1 trac");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1152-1 trac");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'python-docutils', release: '3.1', reference: '0.3.7-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python-docutils is vulnerable in Debian 3.1.\nUpgrade to python-docutils_0.3.7-2sarge1\n');
+}
+if (deb_check(prefix: 'python-roman', release: '3.1', reference: '0.3.7-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python-roman is vulnerable in Debian 3.1.\nUpgrade to python-roman_0.3.7-2sarge1\n');
+}
+if (deb_check(prefix: 'python2.1-difflib', release: '3.1', reference: '0.3.7-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.1-difflib is vulnerable in Debian 3.1.\nUpgrade to python2.1-difflib_0.3.7-2sarge1\n');
+}
+if (deb_check(prefix: 'python2.1-textwrap', release: '3.1', reference: '0.3.7-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.1-textwrap is vulnerable in Debian 3.1.\nUpgrade to python2.1-textwrap_0.3.7-2sarge1\n');
+}
+if (deb_check(prefix: 'python2.2-docutils', release: '3.1', reference: '0.3.7-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.2-docutils is vulnerable in Debian 3.1.\nUpgrade to python2.2-docutils_0.3.7-2sarge1\n');
+}
+if (deb_check(prefix: 'python2.2-textwrap', release: '3.1', reference: '0.3.7-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.2-textwrap is vulnerable in Debian 3.1.\nUpgrade to python2.2-textwrap_0.3.7-2sarge1\n');
+}
+if (deb_check(prefix: 'python2.3-docutils', release: '3.1', reference: '0.3.7-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.3-docutils is vulnerable in Debian 3.1.\nUpgrade to python2.3-docutils_0.3.7-2sarge1\n');
+}
+if (deb_check(prefix: 'python2.4-docutils', release: '3.1', reference: '0.3.7-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.4-docutils is vulnerable in Debian 3.1.\nUpgrade to python2.4-docutils_0.3.7-2sarge1\n');
+}
+if (deb_check(prefix: 'trac', release: '3.1', reference: '0.8.1-3sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package trac is vulnerable in Debian 3.1.\nUpgrade to trac_0.8.1-3sarge5\n');
+}
+if (deb_check(prefix: 'trac', release: '4.0', reference: '0.9.6-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package trac is vulnerable in Debian 4.0.\nUpgrade to trac_0.9.6-1\n');
+}
+if (deb_check(prefix: 'trac', release: '3.1', reference: '0.8')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package trac is vulnerable in Debian sarge.\nUpgrade to trac_0.8\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1153.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1153.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1153.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,91 @@
+# This script was automatically generated from the dsa-1153
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Damian Put discovered a heap overflow vulnerability in the UPX
+unpacker of the ClamAV anti-virus toolkit which could allow remote
+attackers to execute arbitrary code or cause denial of service.
+For the stable distribution (sarge) this problem has been fixed in
+version 0.84-2.sarge.10.
+For the stable distribution (sarge) this problem has been fixed in
+version 0.88.4-0volatile1 in the volatile archive.
+For the unstable distribution (sid) this problem has been fixed in
+version 0.88.4-2.
+We recommend that you upgrade your clamav packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1153
+Risk factor : High';
+
+if (description) {
+ script_id(22695);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1153");
+ script_cve_id("CVE-2006-4018");
+ script_bugtraq_id(19381);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1153] DSA-1153-1 clamav");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1153-1 clamav");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'clamav', release: '3.1', reference: '0.84-2.sarge.10')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package clamav is vulnerable in Debian 3.1.\nUpgrade to clamav_0.84-2.sarge.10\n');
+}
+if (deb_check(prefix: 'clamav-base', release: '3.1', reference: '0.84-2.sarge.10')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package clamav-base is vulnerable in Debian 3.1.\nUpgrade to clamav-base_0.84-2.sarge.10\n');
+}
+if (deb_check(prefix: 'clamav-daemon', release: '3.1', reference: '0.84-2.sarge.10')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package clamav-daemon is vulnerable in Debian 3.1.\nUpgrade to clamav-daemon_0.84-2.sarge.10\n');
+}
+if (deb_check(prefix: 'clamav-docs', release: '3.1', reference: '0.84-2.sarge.10')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package clamav-docs is vulnerable in Debian 3.1.\nUpgrade to clamav-docs_0.84-2.sarge.10\n');
+}
+if (deb_check(prefix: 'clamav-freshclam', release: '3.1', reference: '0.84-2.sarge.10')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package clamav-freshclam is vulnerable in Debian 3.1.\nUpgrade to clamav-freshclam_0.84-2.sarge.10\n');
+}
+if (deb_check(prefix: 'clamav-milter', release: '3.1', reference: '0.84-2.sarge.10')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package clamav-milter is vulnerable in Debian 3.1.\nUpgrade to clamav-milter_0.84-2.sarge.10\n');
+}
+if (deb_check(prefix: 'clamav-testfiles', release: '3.1', reference: '0.84-2.sarge.10')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package clamav-testfiles is vulnerable in Debian 3.1.\nUpgrade to clamav-testfiles_0.84-2.sarge.10\n');
+}
+if (deb_check(prefix: 'libclamav-dev', release: '3.1', reference: '0.84-2.sarge.10')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libclamav-dev is vulnerable in Debian 3.1.\nUpgrade to libclamav-dev_0.84-2.sarge.10\n');
+}
+if (deb_check(prefix: 'libclamav1', release: '3.1', reference: '0.84-2.sarge.10')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libclamav1 is vulnerable in Debian 3.1.\nUpgrade to libclamav1_0.84-2.sarge.10\n');
+}
+if (deb_check(prefix: 'clamav', release: '4.0', reference: '0.88.4-2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package clamav is vulnerable in Debian 4.0.\nUpgrade to clamav_0.88.4-2\n');
+}
+if (deb_check(prefix: 'clamav', release: '3.1', reference: '0.88')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package clamav is vulnerable in Debian sarge.\nUpgrade to clamav_0.88\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1154.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1154.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1154.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,57 @@
+# This script was automatically generated from the dsa-1154
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+James Bercegay of GulfTech Security Research discovered a vulnerability
+in SquirrelMail where an authenticated user could overwrite random
+variables in the compose script. This might be exploited to read or
+write the preferences or attachment files of other users.
+For the stable distribution (sarge) this problem has been fixed in
+version 1.4.4-9.
+For the unstable distribution (sid) this problem has been fixed in
+version 1.4.8-1.
+We recommend that you upgrade your squirrelmail package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1154
+Risk factor : High';
+
+if (description) {
+ script_id(22696);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1154");
+ script_cve_id("CVE-2006-4019");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1154] DSA-1154-1 squirrelmail");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1154-1 squirrelmail");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'squirrelmail', release: '3.1', reference: '1.4.4-9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package squirrelmail is vulnerable in Debian 3.1.\nUpgrade to squirrelmail_1.4.4-9\n');
+}
+if (deb_check(prefix: 'squirrelmail', release: '4.0', reference: '1.4.8-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package squirrelmail is vulnerable in Debian 4.0.\nUpgrade to squirrelmail_1.4.8-1\n');
+}
+if (deb_check(prefix: 'squirrelmail', release: '3.1', reference: '1.4.4-9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package squirrelmail is vulnerable in Debian sarge.\nUpgrade to squirrelmail_1.4.4-9\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1155.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1155.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1155.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,103 @@
+# This script was automatically generated from the dsa-1155
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+It turned out that the sendmail binary depends on libsasl2 (>= 2.1.19.dfsg1)
+which is neither available in the stable nor in the security archive.
+This version is scheduled for the inclusion in the next update of the
+stable release, though.
+You\'ll have to download the referenced file for your architecture from
+below and install it with dpkg -i.
+As an alternative, temporarily adding the following line to
+/etc/apt/sources.list will mitigate the problem as well:
+Here is the original security advisory for completeness:
+Frank Sheiness discovered that a MIME conversion routine in sendmail,
+a powerful, efficient, and scalable mail transport agent, could be
+tricked by a specially crafted mail to perform an endless recursion.
+For the stable distribution (sarge) this problem has been fixed in
+version 8.13.4-3sarge2.
+For the unstable distribution (sid) this problem has been fixed in
+version 8.13.7-1.
+We recommend that you upgrade your sendmail package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1155
+Risk factor : High';
+
+if (description) {
+ script_id(22697);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1155");
+ script_cve_id("CVE-2006-1173");
+ script_bugtraq_id(18433);
+ script_xref(name: "CERT", value: "146718");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1155] DSA-1155-2 sendmail");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1155-2 sendmail");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'libmilter-dev', release: '3.1', reference: '8.13.4-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libmilter-dev is vulnerable in Debian 3.1.\nUpgrade to libmilter-dev_8.13.4-3sarge2\n');
+}
+if (deb_check(prefix: 'libmilter0', release: '3.1', reference: '8.13.4-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libmilter0 is vulnerable in Debian 3.1.\nUpgrade to libmilter0_8.13.4-3sarge2\n');
+}
+if (deb_check(prefix: 'libsasl2', release: '3.1', reference: '2.1.19.dfsg1-0sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libsasl2 is vulnerable in Debian 3.1.\nUpgrade to libsasl2_2.1.19.dfsg1-0sarge2\n');
+}
+if (deb_check(prefix: 'rmail', release: '3.1', reference: '8.13.4-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package rmail is vulnerable in Debian 3.1.\nUpgrade to rmail_8.13.4-3sarge2\n');
+}
+if (deb_check(prefix: 'sendmail', release: '3.1', reference: '8.13.4-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package sendmail is vulnerable in Debian 3.1.\nUpgrade to sendmail_8.13.4-3sarge2\n');
+}
+if (deb_check(prefix: 'sendmail-base', release: '3.1', reference: '8.13.4-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package sendmail-base is vulnerable in Debian 3.1.\nUpgrade to sendmail-base_8.13.4-3sarge2\n');
+}
+if (deb_check(prefix: 'sendmail-bin', release: '3.1', reference: '8.13.4-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package sendmail-bin is vulnerable in Debian 3.1.\nUpgrade to sendmail-bin_8.13.4-3sarge2\n');
+}
+if (deb_check(prefix: 'sendmail-cf', release: '3.1', reference: '8.13.4-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package sendmail-cf is vulnerable in Debian 3.1.\nUpgrade to sendmail-cf_8.13.4-3sarge2\n');
+}
+if (deb_check(prefix: 'sendmail-doc', release: '3.1', reference: '8.13.4-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package sendmail-doc is vulnerable in Debian 3.1.\nUpgrade to sendmail-doc_8.13.4-3sarge2\n');
+}
+if (deb_check(prefix: 'sensible-mda', release: '3.1', reference: '8.13.4-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package sensible-mda is vulnerable in Debian 3.1.\nUpgrade to sensible-mda_8.13.4-3sarge2\n');
+}
+if (deb_check(prefix: 'sendmail', release: '4.0', reference: '8.13.7-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package sendmail is vulnerable in Debian 4.0.\nUpgrade to sendmail_8.13.7-1\n');
+}
+if (deb_check(prefix: 'sendmail', release: '3.1', reference: '8.13.4-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package sendmail is vulnerable in Debian sarge.\nUpgrade to sendmail_8.13.4-3sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1156.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1156.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1156.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,180 @@
+# This script was automatically generated from the dsa-1156
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Ludwig Nussel discovered that kdm, the X display manager for KDE, handles
+access to the session type configuration file insecurely, which may lead
+to the disclosure of arbitrary files through a symlink attack.
+For the stable distribution (sarge) this problem has been fixed in
+version 3.3.2-1sarge3.
+For the unstable distribution (sid) this problem has been fixed in
+version 3.5.2-2.
+We recommend that you upgrade your kdm package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1156
+Risk factor : High';
+
+if (description) {
+ script_id(22698);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1156");
+ script_cve_id("CVE-2006-2449");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1156] DSA-1156-1 kdebase");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1156-1 kdebase");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'kappfinder', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kappfinder is vulnerable in Debian 3.1.\nUpgrade to kappfinder_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'kate', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kate is vulnerable in Debian 3.1.\nUpgrade to kate_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'kcontrol', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kcontrol is vulnerable in Debian 3.1.\nUpgrade to kcontrol_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'kdebase', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kdebase is vulnerable in Debian 3.1.\nUpgrade to kdebase_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'kdebase-bin', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kdebase-bin is vulnerable in Debian 3.1.\nUpgrade to kdebase-bin_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'kdebase-data', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kdebase-data is vulnerable in Debian 3.1.\nUpgrade to kdebase-data_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'kdebase-dev', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kdebase-dev is vulnerable in Debian 3.1.\nUpgrade to kdebase-dev_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'kdebase-doc', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kdebase-doc is vulnerable in Debian 3.1.\nUpgrade to kdebase-doc_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'kdebase-kio-plugins', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kdebase-kio-plugins is vulnerable in Debian 3.1.\nUpgrade to kdebase-kio-plugins_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'kdepasswd', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kdepasswd is vulnerable in Debian 3.1.\nUpgrade to kdepasswd_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'kdeprint', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kdeprint is vulnerable in Debian 3.1.\nUpgrade to kdeprint_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'kdesktop', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kdesktop is vulnerable in Debian 3.1.\nUpgrade to kdesktop_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'kdm', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kdm is vulnerable in Debian 3.1.\nUpgrade to kdm_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'kfind', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kfind is vulnerable in Debian 3.1.\nUpgrade to kfind_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'khelpcenter', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package khelpcenter is vulnerable in Debian 3.1.\nUpgrade to khelpcenter_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'kicker', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kicker is vulnerable in Debian 3.1.\nUpgrade to kicker_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'klipper', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package klipper is vulnerable in Debian 3.1.\nUpgrade to klipper_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'kmenuedit', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kmenuedit is vulnerable in Debian 3.1.\nUpgrade to kmenuedit_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'konqueror', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package konqueror is vulnerable in Debian 3.1.\nUpgrade to konqueror_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'konqueror-nsplugins', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package konqueror-nsplugins is vulnerable in Debian 3.1.\nUpgrade to konqueror-nsplugins_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'konsole', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package konsole is vulnerable in Debian 3.1.\nUpgrade to konsole_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'kpager', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kpager is vulnerable in Debian 3.1.\nUpgrade to kpager_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'kpersonalizer', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kpersonalizer is vulnerable in Debian 3.1.\nUpgrade to kpersonalizer_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'ksmserver', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ksmserver is vulnerable in Debian 3.1.\nUpgrade to ksmserver_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'ksplash', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ksplash is vulnerable in Debian 3.1.\nUpgrade to ksplash_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'ksysguard', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ksysguard is vulnerable in Debian 3.1.\nUpgrade to ksysguard_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'ksysguardd', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ksysguardd is vulnerable in Debian 3.1.\nUpgrade to ksysguardd_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'ktip', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ktip is vulnerable in Debian 3.1.\nUpgrade to ktip_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'kwin', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kwin is vulnerable in Debian 3.1.\nUpgrade to kwin_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'libkonq4', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libkonq4 is vulnerable in Debian 3.1.\nUpgrade to libkonq4_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'libkonq4-dev', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libkonq4-dev is vulnerable in Debian 3.1.\nUpgrade to libkonq4-dev_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'xfonts-konsole', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xfonts-konsole is vulnerable in Debian 3.1.\nUpgrade to xfonts-konsole_3.3.2-1sarge3\n');
+}
+if (deb_check(prefix: 'kdebase', release: '4.0', reference: '3.5.2-2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kdebase is vulnerable in Debian 4.0.\nUpgrade to kdebase_3.5.2-2\n');
+}
+if (deb_check(prefix: 'kdebase', release: '3.1', reference: '3.3.2-1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kdebase is vulnerable in Debian sarge.\nUpgrade to kdebase_3.3.2-1sarge3\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1157.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1157.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1157.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,114 @@
+# This script was automatically generated from the dsa-1157
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Several vulnerabilities have been discovered in the interpreter for the
+Ruby language, which may lead to the bypass of security restrictions or
+denial of service. The Common Vulnerabilities and Exposures project
+identifies the following problems:
+ It was discovered that the use of blocking sockets can lead to denial
+ of service.
+ It was discovered that Ruby does not properly maintain "safe levels"
+ for aliasing, directory accesses and regular expressions, which might
+ lead to a bypass of security restrictions.
+For the stable distribution (sarge) these problems have been fixed in
+version 1.8.2-7sarge4.
+For the unstable distribution (sid) these problems have been fixed in
+version 1.8.4-3.
+We recommend that you upgrade your Ruby packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1157
+Risk factor : High';
+
+if (description) {
+ script_id(22699);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1157");
+ script_cve_id("CVE-2006-1931", "CVE-2006-3694");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1157] DSA-1157-1 ruby1.8");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1157-1 ruby1.8");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'irb1.8', release: '3.1', reference: '1.8.2-7sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package irb1.8 is vulnerable in Debian 3.1.\nUpgrade to irb1.8_1.8.2-7sarge4\n');
+}
+if (deb_check(prefix: 'libdbm-ruby1.8', release: '3.1', reference: '1.8.2-7sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libdbm-ruby1.8 is vulnerable in Debian 3.1.\nUpgrade to libdbm-ruby1.8_1.8.2-7sarge4\n');
+}
+if (deb_check(prefix: 'libgdbm-ruby1.8', release: '3.1', reference: '1.8.2-7sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgdbm-ruby1.8 is vulnerable in Debian 3.1.\nUpgrade to libgdbm-ruby1.8_1.8.2-7sarge4\n');
+}
+if (deb_check(prefix: 'libopenssl-ruby1.8', release: '3.1', reference: '1.8.2-7sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libopenssl-ruby1.8 is vulnerable in Debian 3.1.\nUpgrade to libopenssl-ruby1.8_1.8.2-7sarge4\n');
+}
+if (deb_check(prefix: 'libreadline-ruby1.8', release: '3.1', reference: '1.8.2-7sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libreadline-ruby1.8 is vulnerable in Debian 3.1.\nUpgrade to libreadline-ruby1.8_1.8.2-7sarge4\n');
+}
+if (deb_check(prefix: 'libruby1.8', release: '3.1', reference: '1.8.2-7sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libruby1.8 is vulnerable in Debian 3.1.\nUpgrade to libruby1.8_1.8.2-7sarge4\n');
+}
+if (deb_check(prefix: 'libruby1.8-dbg', release: '3.1', reference: '1.8.2-7sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libruby1.8-dbg is vulnerable in Debian 3.1.\nUpgrade to libruby1.8-dbg_1.8.2-7sarge4\n');
+}
+if (deb_check(prefix: 'libtcltk-ruby1.8', release: '3.1', reference: '1.8.2-7sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libtcltk-ruby1.8 is vulnerable in Debian 3.1.\nUpgrade to libtcltk-ruby1.8_1.8.2-7sarge4\n');
+}
+if (deb_check(prefix: 'rdoc1.8', release: '3.1', reference: '1.8.2-7sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package rdoc1.8 is vulnerable in Debian 3.1.\nUpgrade to rdoc1.8_1.8.2-7sarge4\n');
+}
+if (deb_check(prefix: 'ri1.8', release: '3.1', reference: '1.8.2-7sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ri1.8 is vulnerable in Debian 3.1.\nUpgrade to ri1.8_1.8.2-7sarge4\n');
+}
+if (deb_check(prefix: 'ruby1.8', release: '3.1', reference: '1.8.2-7sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ruby1.8 is vulnerable in Debian 3.1.\nUpgrade to ruby1.8_1.8.2-7sarge4\n');
+}
+if (deb_check(prefix: 'ruby1.8-dev', release: '3.1', reference: '1.8.2-7sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ruby1.8-dev is vulnerable in Debian 3.1.\nUpgrade to ruby1.8-dev_1.8.2-7sarge4\n');
+}
+if (deb_check(prefix: 'ruby1.8-elisp', release: '3.1', reference: '1.8.2-7sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ruby1.8-elisp is vulnerable in Debian 3.1.\nUpgrade to ruby1.8-elisp_1.8.2-7sarge4\n');
+}
+if (deb_check(prefix: 'ruby1.8-examples', release: '3.1', reference: '1.8.2-7sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ruby1.8-examples is vulnerable in Debian 3.1.\nUpgrade to ruby1.8-examples_1.8.2-7sarge4\n');
+}
+if (deb_check(prefix: 'ruby1.8', release: '4.0', reference: '1.8.4-3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ruby1.8 is vulnerable in Debian 4.0.\nUpgrade to ruby1.8_1.8.4-3\n');
+}
+if (deb_check(prefix: 'ruby1.8', release: '3.1', reference: '1.8.2-7sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ruby1.8 is vulnerable in Debian sarge.\nUpgrade to ruby1.8_1.8.2-7sarge4\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1158.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1158.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1158.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,58 @@
+# This script was automatically generated from the dsa-1158
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Ulf Härnhammar from the Debian Security Audit Project discovered that
+streamripper, a utility to record online radio-streams, performs
+insufficient sanitising of data received from the streaming server,
+which might lead to buffer overflows and the execution of arbitrary
+code.
+For the stable distribution (sarge) this problem has been fixed in
+version 1.61.7-1sarge1.
+For the unstable distribution (sid) this problem has been fixed in
+version 1.61.25-2.
+We recommend that you upgrade your streamripper package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1158
+Risk factor : High';
+
+if (description) {
+ script_id(22700);
+ script_version("$Revision: 1.3 $");
+ script_xref(name: "DSA", value: "1158");
+ script_cve_id("CVE-2006-3124");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1158] DSA-1158-1 streamripper");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1158-1 streamripper");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'streamripper', release: '3.1', reference: '1.61.7-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package streamripper is vulnerable in Debian 3.1.\nUpgrade to streamripper_1.61.7-1sarge1\n');
+}
+if (deb_check(prefix: 'streamripper', release: '4.0', reference: '1.61.25-2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package streamripper is vulnerable in Debian 4.0.\nUpgrade to streamripper_1.61.25-2\n');
+}
+if (deb_check(prefix: 'streamripper', release: '3.1', reference: '1.61.7-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package streamripper is vulnerable in Debian sarge.\nUpgrade to streamripper_1.61.7-1sarge1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1159.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1159.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1159.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,101 @@
+# This script was automatically generated from the dsa-1159
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+The latest security updates of Mozilla Thunderbird introduced a
+regression that led to a disfunctional attachment panel which warrants
+a correction to fix this issue. For reference please find below the
+original advisory text:
+Several security related problems have been discovered in Mozilla and
+derived products such as Mozilla Thunderbird. The Common
+Vulnerabilities and Exposures project identifies the following
+vulnerabilities:
+ Mozilla team members discovered several crashes during testing of
+ the browser engine showing evidence of memory corruption which may
+ also lead to the execution of arbitrary code. The last bit of
+ this problem will be corrected with the next update. You can
+ prevent any trouble by disabling Javascript. [MFSA-2006-32]
+ The Javascript engine might allow remote attackers to execute
+ arbitrary code. [MFSA-2006-50]
+ Multiple integer overflows in the Javascript engine might allow
+ remote attackers to execute arbitrary code. [MFSA-2006-50]
+ Specially crafted Javascript allows remote attackers to execute
+ arbitrary code. [MFSA-2006-51]
+ Remote Proxy AutoConfig (PAC) servers could execute code with elevated
+ privileges via a specially crafted PAC script. [MFSA-2006-52]
+ Scripts with the UniversalBrowserRead privilege could gain
+ UniversalXPConnect privileges and possibly execute code or obtain
+ sensitive data. [MFSA-2006-53]
+ A cross-site scripting vulnerability allows remote attackers to
+ inject arbitrary web script or HTML. [MFSA-2006-54]
+For the stable distribution (sarge) these problems have been fixed in
+version 1.0.2-2.sarge1.0.8b.2.
+For the unstable distribution (sid) these problems have been fixed in
+version 1.5.0.5-1.
+We recommend that you upgrade your mozilla-thunderbird package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1159
+Risk factor : High';
+
+if (description) {
+ script_id(22701);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1159");
+ script_cve_id("CVE-2006-2779", "CVE-2006-3805", "CVE-2006-3806", "CVE-2006-3807", "CVE-2006-3808", "CVE-2006-3809", "CVE-2006-3810");
+ script_bugtraq_id(18228, 19181);
+ script_xref(name: "CERT", value: "466673");
+ script_xref(name: "CERT", value: "655892");
+ script_xref(name: "CERT", value: "687396");
+ script_xref(name: "CERT", value: "876420");
+ script_xref(name: "CERT", value: "911004");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1159] DSA-1159-2 mozilla-thunderbird");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1159-2 mozilla-thunderbird");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'mozilla-thunderbird', release: '3.1', reference: '1.0.2-2.sarge1.0.8b.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-thunderbird is vulnerable in Debian 3.1.\nUpgrade to mozilla-thunderbird_1.0.2-2.sarge1.0.8b.2\n');
+}
+if (deb_check(prefix: 'mozilla-thunderbird-dev', release: '3.1', reference: '1.0.2-2.sarge1.0.8b.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-thunderbird-dev is vulnerable in Debian 3.1.\nUpgrade to mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8b.2\n');
+}
+if (deb_check(prefix: 'mozilla-thunderbird-inspector', release: '3.1', reference: '1.0.2-2.sarge1.0.8b.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-thunderbird-inspector is vulnerable in Debian 3.1.\nUpgrade to mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8b.2\n');
+}
+if (deb_check(prefix: 'mozilla-thunderbird-offline', release: '3.1', reference: '1.0.2-2.sarge1.0.8b.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-thunderbird-offline is vulnerable in Debian 3.1.\nUpgrade to mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8b.2\n');
+}
+if (deb_check(prefix: 'mozilla-thunderbird-typeaheadfind', release: '3.1', reference: '1.0.2-2.sarge1.0.8b.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-thunderbird-typeaheadfind is vulnerable in Debian 3.1.\nUpgrade to mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8b.2\n');
+}
+if (deb_check(prefix: 'mozilla-thunderbird', release: '4.0', reference: '1.5.0.5-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-thunderbird is vulnerable in Debian 4.0.\nUpgrade to mozilla-thunderbird_1.5.0.5-1\n');
+}
+if (deb_check(prefix: 'mozilla-thunderbird', release: '3.1', reference: '1.0.2-2.sarge1.0.8b.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-thunderbird is vulnerable in Debian sarge.\nUpgrade to mozilla-thunderbird_1.0.2-2.sarge1.0.8b.2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1160.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1160.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1160.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,129 @@
+# This script was automatically generated from the dsa-1160
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+The latest security updates of Mozilla introduced a regression that
+led to a disfunctional attachment panel which warrants a correction to
+fix this issue. For reference please find below the original advisory
+text:
+Several security related problems have been discovered in Mozilla and
+derived products. The Common Vulnerabilities and Exposures project
+identifies the following vulnerabilities:
+ Mozilla team members discovered several crashes during testing of
+ the browser engine showing evidence of memory corruption which may
+ also lead to the execution of arbitrary code. The last bit of
+ this problem will be corrected with the next update. You can
+ prevent any trouble by disabling Javascript. [MFSA-2006-32]
+ The Javascript engine might allow remote attackers to execute
+ arbitrary code. [MFSA-2006-50]
+ Multiple integer overflows in the Javascript engine might allow
+ remote attackers to execute arbitrary code. [MFSA-2006-50]
+ Specially crafted Javascript allows remote attackers to execute
+ arbitrary code. [MFSA-2006-51]
+ Remote Proxy AutoConfig (PAC) servers could execute code with elevated
+ privileges via a specially crafted PAC script. [MFSA-2006-52]
+ Scripts with the UniversalBrowserRead privilege could gain
+ UniversalXPConnect privileges and possibly execute code or obtain
+ sensitive data. [MFSA-2006-53]
+ A cross-site scripting vulnerability allows remote attackers to
+ inject arbitrary web script or HTML. [MFSA-2006-54]
+For the stable distribution (sarge) these problems have been fixed in
+version 1.7.8-1sarge7.2.2.
+For the unstable distribution (sid) these problems won\'t be fixed
+since its end of lifetime has been reached and the package will soon
+be removed.
+We recommend that you upgrade your mozilla package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1160
+Risk factor : High';
+
+if (description) {
+ script_id(22702);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1160");
+ script_cve_id("CVE-2006-2779", "CVE-2006-3805", "CVE-2006-3806", "CVE-2006-3807", "CVE-2006-3808", "CVE-2006-3809", "CVE-2006-3810");
+ script_bugtraq_id(18228, 19181);
+ script_xref(name: "CERT", value: "466673");
+ script_xref(name: "CERT", value: "655892");
+ script_xref(name: "CERT", value: "687396");
+ script_xref(name: "CERT", value: "876420");
+ script_xref(name: "CERT", value: "911004");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1160] DSA-1160-2 mozilla");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1160-2 mozilla");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'libnspr-dev', release: '3.1', reference: '1.7.8-1sarge7.2.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libnspr-dev is vulnerable in Debian 3.1.\nUpgrade to libnspr-dev_1.7.8-1sarge7.2.2\n');
+}
+if (deb_check(prefix: 'libnspr4', release: '3.1', reference: '1.7.8-1sarge7.2.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libnspr4 is vulnerable in Debian 3.1.\nUpgrade to libnspr4_1.7.8-1sarge7.2.2\n');
+}
+if (deb_check(prefix: 'libnss-dev', release: '3.1', reference: '1.7.8-1sarge7.2.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libnss-dev is vulnerable in Debian 3.1.\nUpgrade to libnss-dev_1.7.8-1sarge7.2.2\n');
+}
+if (deb_check(prefix: 'libnss3', release: '3.1', reference: '1.7.8-1sarge7.2.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libnss3 is vulnerable in Debian 3.1.\nUpgrade to libnss3_1.7.8-1sarge7.2.2\n');
+}
+if (deb_check(prefix: 'mozilla', release: '3.1', reference: '1.7.8-1sarge7.2.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla is vulnerable in Debian 3.1.\nUpgrade to mozilla_1.7.8-1sarge7.2.2\n');
+}
+if (deb_check(prefix: 'mozilla-browser', release: '3.1', reference: '1.7.8-1sarge7.2.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-browser is vulnerable in Debian 3.1.\nUpgrade to mozilla-browser_1.7.8-1sarge7.2.2\n');
+}
+if (deb_check(prefix: 'mozilla-calendar', release: '3.1', reference: '1.7.8-1sarge7.2.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-calendar is vulnerable in Debian 3.1.\nUpgrade to mozilla-calendar_1.7.8-1sarge7.2.2\n');
+}
+if (deb_check(prefix: 'mozilla-chatzilla', release: '3.1', reference: '1.7.8-1sarge7.2.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-chatzilla is vulnerable in Debian 3.1.\nUpgrade to mozilla-chatzilla_1.7.8-1sarge7.2.2\n');
+}
+if (deb_check(prefix: 'mozilla-dev', release: '3.1', reference: '1.7.8-1sarge7.2.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-dev is vulnerable in Debian 3.1.\nUpgrade to mozilla-dev_1.7.8-1sarge7.2.2\n');
+}
+if (deb_check(prefix: 'mozilla-dom-inspector', release: '3.1', reference: '1.7.8-1sarge7.2.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-dom-inspector is vulnerable in Debian 3.1.\nUpgrade to mozilla-dom-inspector_1.7.8-1sarge7.2.2\n');
+}
+if (deb_check(prefix: 'mozilla-js-debugger', release: '3.1', reference: '1.7.8-1sarge7.2.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-js-debugger is vulnerable in Debian 3.1.\nUpgrade to mozilla-js-debugger_1.7.8-1sarge7.2.2\n');
+}
+if (deb_check(prefix: 'mozilla-mailnews', release: '3.1', reference: '1.7.8-1sarge7.2.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-mailnews is vulnerable in Debian 3.1.\nUpgrade to mozilla-mailnews_1.7.8-1sarge7.2.2\n');
+}
+if (deb_check(prefix: 'mozilla-psm', release: '3.1', reference: '1.7.8-1sarge7.2.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-psm is vulnerable in Debian 3.1.\nUpgrade to mozilla-psm_1.7.8-1sarge7.2.2\n');
+}
+if (deb_check(prefix: 'mozilla', release: '3.1', reference: '1.7.8-1sarge7.2.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla is vulnerable in Debian sarge.\nUpgrade to mozilla_1.7.8-1sarge7.2.2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1161.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1161.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1161.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,86 @@
+# This script was automatically generated from the dsa-1161
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+The latest security updates of Mozilla Firefox introduced a regression
+that led to a disfunctional attachment panel which warrants a
+correction to fix this issue. For reference please find below the
+original advisory text:
+Several security related problems have been discovered in Mozilla and
+derived products like Mozilla Firefox. The Common Vulnerabilities and
+Exposures project identifies the following vulnerabilities:
+ The Javascript engine might allow remote attackers to execute
+ arbitrary code. [MFSA-2006-50]
+ Multiple integer overflows in the Javascript engine might allow
+ remote attackers to execute arbitrary code. [MFSA-2006-50]
+ Specially crafted Javascript allows remote attackers to execute
+ arbitrary code. [MFSA-2006-51]
+ Remote Proxy AutoConfig (PAC) servers could execute code with elevated
+ privileges via a specially crafted PAC script. [MFSA-2006-52]
+ Scripts with the UniversalBrowserRead privilege could gain
+ UniversalXPConnect privileges and possibly execute code or obtain
+ sensitive data. [MFSA-2006-53]
+ Multiple vulnerabilities allow remote attackers to cause a denial
+ of service (crash) and possibly execute arbitrary code.
+ [MFSA-2006-55]
+For the stable distribution (sarge) these problems have been fixed in
+version 1.0.4-2sarge11.
+For the unstable distribution (sid) these problems have been fixed in
+version 1.5.dfsg+1.5.0.5-1.
+We recommend that you upgrade your mozilla-firefox package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1161
+Risk factor : High';
+
+if (description) {
+ script_id(22703);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1161");
+ script_cve_id("CVE-2006-3805", "CVE-2006-3806", "CVE-2006-3807", "CVE-2006-3808", "CVE-2006-3809", "CVE-2006-3811");
+ script_bugtraq_id(19181);
+ script_xref(name: "CERT", value: "655892");
+ script_xref(name: "CERT", value: "687396");
+ script_xref(name: "CERT", value: "876420");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1161] DSA-1161-2 mozilla-firefox");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1161-2 mozilla-firefox");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'mozilla-firefox', release: '3.1', reference: '1.0.4-2sarge11')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-firefox is vulnerable in Debian 3.1.\nUpgrade to mozilla-firefox_1.0.4-2sarge11\n');
+}
+if (deb_check(prefix: 'mozilla-firefox-dom-inspector', release: '3.1', reference: '1.0.4-2sarge11')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-firefox-dom-inspector is vulnerable in Debian 3.1.\nUpgrade to mozilla-firefox-dom-inspector_1.0.4-2sarge11\n');
+}
+if (deb_check(prefix: 'mozilla-firefox-gnome-support', release: '3.1', reference: '1.0.4-2sarge11')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-firefox-gnome-support is vulnerable in Debian 3.1.\nUpgrade to mozilla-firefox-gnome-support_1.0.4-2sarge11\n');
+}
+if (deb_check(prefix: 'mozilla-firefox', release: '4.0', reference: '1.5.dfsg+1.5.0.5-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-firefox is vulnerable in Debian 4.0.\nUpgrade to mozilla-firefox_1.5.dfsg+1.5.0.5-1\n');
+}
+if (deb_check(prefix: 'mozilla-firefox', release: '3.1', reference: '1.0.4-2sarge11')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-firefox is vulnerable in Debian sarge.\nUpgrade to mozilla-firefox_1.0.4-2sarge11\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1162.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1162.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1162.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,85 @@
+# This script was automatically generated from the dsa-1162
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Luigi Auriemma discovered several buffer overflows in libmusicbrainz,
+a CD index library, that allow remote attackers to cause a denial of
+service or execute arbitrary code.
+For the stable distribution (sarge) these problems have been fixed in
+version 2.0.2-10sarge1 and 2.1.1-3sarge1.
+For the unstable distribution (sid) these problems have been fixed in
+version 2.1.4-1.
+We recommend that you upgrade your libmusicbrainz packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1162
+Risk factor : High';
+
+if (description) {
+ script_id(22704);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1162");
+ script_cve_id("CVE-2006-4197");
+ script_bugtraq_id(19508);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1162] DSA-1162-1 libmusicbrainz-2.0");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1162-1 libmusicbrainz-2.0");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'libmusicbrainz2', release: '3.1', reference: '2.0.2-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libmusicbrainz2 is vulnerable in Debian 3.1.\nUpgrade to libmusicbrainz2_2.0.2-10sarge1\n');
+}
+if (deb_check(prefix: 'libmusicbrainz2-dev', release: '3.1', reference: '2.0.2-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libmusicbrainz2-dev is vulnerable in Debian 3.1.\nUpgrade to libmusicbrainz2-dev_2.0.2-10sarge1\n');
+}
+if (deb_check(prefix: 'libmusicbrainz4', release: '3.1', reference: '2.1.1-3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libmusicbrainz4 is vulnerable in Debian 3.1.\nUpgrade to libmusicbrainz4_2.1.1-3sarge1\n');
+}
+if (deb_check(prefix: 'libmusicbrainz4-dev', release: '3.1', reference: '2.1.1-3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libmusicbrainz4-dev is vulnerable in Debian 3.1.\nUpgrade to libmusicbrainz4-dev_2.1.1-3sarge1\n');
+}
+if (deb_check(prefix: 'python-musicbrainz', release: '3.1', reference: '2.0.2-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python-musicbrainz is vulnerable in Debian 3.1.\nUpgrade to python-musicbrainz_2.0.2-10sarge1\n');
+}
+if (deb_check(prefix: 'python2.1-musicbrainz', release: '3.1', reference: '2.0.2-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.1-musicbrainz is vulnerable in Debian 3.1.\nUpgrade to python2.1-musicbrainz_2.0.2-10sarge1\n');
+}
+if (deb_check(prefix: 'python2.2-musicbrainz', release: '3.1', reference: '2.0.2-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.2-musicbrainz is vulnerable in Debian 3.1.\nUpgrade to python2.2-musicbrainz_2.0.2-10sarge1\n');
+}
+if (deb_check(prefix: 'python2.3-musicbrainz', release: '3.1', reference: '2.0.2-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.3-musicbrainz is vulnerable in Debian 3.1.\nUpgrade to python2.3-musicbrainz_2.0.2-10sarge1\n');
+}
+if (deb_check(prefix: 'libmusicbrainz-2.0,', release: '4.0', reference: '2.1.4-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libmusicbrainz-2.0, is vulnerable in Debian 4.0.\nUpgrade to libmusicbrainz-2.0,_2.1.4-1\n');
+}
+if (deb_check(prefix: 'libmusicbrainz-2.0,', release: '3.1', reference: '2.0')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libmusicbrainz-2.0, is vulnerable in Debian sarge.\nUpgrade to libmusicbrainz-2.0,_2.0\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1163.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1163.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1163.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,51 @@
+# This script was automatically generated from the dsa-1163
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Michael Gehring discovered several potential out-of-bounds index
+accesses in gtetrinet, a multiplayer Tetris-like game, which may allow
+a remote server to execute arbitrary code.
+For the stable distribution (sarge) these problems have been fixed in
+version 0.7.8-1sarge2.
+For the unstable distribution (sid) these problems will be fixed soon.
+We recommend that you upgrade your gtetrinet package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1163
+Risk factor : High';
+
+if (description) {
+ script_id(22705);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1163");
+ script_cve_id("CVE-2006-3125");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1163] DSA-1163-1 gtetrinet");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1163-1 gtetrinet");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'gtetrinet', release: '3.1', reference: '0.7.8-1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gtetrinet is vulnerable in Debian 3.1.\nUpgrade to gtetrinet_0.7.8-1sarge2\n');
+}
+if (deb_check(prefix: 'gtetrinet', release: '3.1', reference: '0.7.8-1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gtetrinet is vulnerable in Debian sarge.\nUpgrade to gtetrinet_0.7.8-1sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1164.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1164.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1164.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,92 @@
+# This script was automatically generated from the dsa-1164
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+A programming error has been discovered in sendmail, an alternative
+mail transport agent for Debian, that could allow a remote attacker to
+crash the sendmail process by sending a specially crafted email
+message.
+Please note that in order to install this update you also need
+libsasl2 library from proposed updates as outlined in DSA 1155-2.
+For the stable distribution (sarge) this problem has been fixed in
+version 8.13.3-3sarge3.
+For the unstable distribution (sid) this problem has been fixed in
+version 8.13.8-1.
+We recommend that you upgrade your sendmail package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1164
+Risk factor : High';
+
+if (description) {
+ script_id(22706);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1164");
+ script_cve_id("CVE-2006-4434");
+ script_bugtraq_id(19714);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1164] DSA-1164-1 sendmail");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1164-1 sendmail");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'libmilter-dev', release: '3.1', reference: '8.13.4-3sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libmilter-dev is vulnerable in Debian 3.1.\nUpgrade to libmilter-dev_8.13.4-3sarge3\n');
+}
+if (deb_check(prefix: 'libmilter0', release: '3.1', reference: '8.13.4-3sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libmilter0 is vulnerable in Debian 3.1.\nUpgrade to libmilter0_8.13.4-3sarge3\n');
+}
+if (deb_check(prefix: 'rmail', release: '3.1', reference: '8.13.4-3sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package rmail is vulnerable in Debian 3.1.\nUpgrade to rmail_8.13.4-3sarge3\n');
+}
+if (deb_check(prefix: 'sendmail', release: '3.1', reference: '8.13.4-3sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package sendmail is vulnerable in Debian 3.1.\nUpgrade to sendmail_8.13.4-3sarge3\n');
+}
+if (deb_check(prefix: 'sendmail-base', release: '3.1', reference: '8.13.4-3sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package sendmail-base is vulnerable in Debian 3.1.\nUpgrade to sendmail-base_8.13.4-3sarge3\n');
+}
+if (deb_check(prefix: 'sendmail-bin', release: '3.1', reference: '8.13.4-3sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package sendmail-bin is vulnerable in Debian 3.1.\nUpgrade to sendmail-bin_8.13.4-3sarge3\n');
+}
+if (deb_check(prefix: 'sendmail-cf', release: '3.1', reference: '8.13.4-3sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package sendmail-cf is vulnerable in Debian 3.1.\nUpgrade to sendmail-cf_8.13.4-3sarge3\n');
+}
+if (deb_check(prefix: 'sendmail-doc', release: '3.1', reference: '8.13.4-3sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package sendmail-doc is vulnerable in Debian 3.1.\nUpgrade to sendmail-doc_8.13.4-3sarge3\n');
+}
+if (deb_check(prefix: 'sensible-mda', release: '3.1', reference: '8.13.4-3sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package sensible-mda is vulnerable in Debian 3.1.\nUpgrade to sensible-mda_8.13.4-3sarge3\n');
+}
+if (deb_check(prefix: 'sendmail', release: '4.0', reference: '8.13.8-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package sendmail is vulnerable in Debian 4.0.\nUpgrade to sendmail_8.13.8-1\n');
+}
+if (deb_check(prefix: 'sendmail', release: '3.1', reference: '8.13.3-3sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package sendmail is vulnerable in Debian sarge.\nUpgrade to sendmail_8.13.3-3sarge3\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1165.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1165.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1165.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,57 @@
+# This script was automatically generated from the dsa-1165
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Lionel Elie Mamane discovered a security vulnerability in
+capi4hylafax, tools for faxing over a CAPI 2.0 device, that allows
+remote attackers to execute arbitrary commands on the fax receiving
+system.
+For the stable distribution (sarge) this problem has been fixed in
+version 01.02.03-10sarge2.
+For the unstable distribution (sid) this problem has been fixed in
+version 01.03.00.99.svn.300-3.
+We recommend that you upgrade your capi4hylafax package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1165
+Risk factor : High';
+
+if (description) {
+ script_id(22707);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1165");
+ script_cve_id("CVE-2006-3126");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1165] DSA-1165-1 capi4hylafax");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1165-1 capi4hylafax");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'capi4hylafax', release: '3.1', reference: '01.02.03-10sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package capi4hylafax is vulnerable in Debian 3.1.\nUpgrade to capi4hylafax_01.02.03-10sarge2\n');
+}
+if (deb_check(prefix: 'capi4hylafax', release: '4.0', reference: '01.03.00.99.svn.300-3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package capi4hylafax is vulnerable in Debian 4.0.\nUpgrade to capi4hylafax_01.03.00.99.svn.300-3\n');
+}
+if (deb_check(prefix: 'capi4hylafax', release: '3.1', reference: '01.02.03-10sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package capi4hylafax is vulnerable in Debian sarge.\nUpgrade to capi4hylafax_01.02.03-10sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1166.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1166.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1166.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,57 @@
+# This script was automatically generated from the dsa-1166
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Luigi Auriemma discovered a buffer overflow in the loading component
+of cheesetracker, a sound module tracking program, which could allow a
+maliciously constructed input file to execute arbitrary code.
+For the stable distribution (sarge) this problem has been fixed in
+version 0.9.9-1sarge1.
+For the unstable distribution (sid) this problem has been fixed in
+version 0.9.9-6.
+We recommend that you upgrade your cheesetracker package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1166
+Risk factor : High';
+
+if (description) {
+ script_id(22708);
+ script_version("$Revision: 1.3 $");
+ script_xref(name: "DSA", value: "1166");
+ script_cve_id("CVE-2006-3814");
+ script_bugtraq_id(20060723);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1166] DSA-1166-2 cheesetracker");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1166-2 cheesetracker");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'cheesetracker', release: '3.1', reference: '0.9.9-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package cheesetracker is vulnerable in Debian 3.1.\nUpgrade to cheesetracker_0.9.9-1sarge1\n');
+}
+if (deb_check(prefix: 'cheesetracker', release: '4.0', reference: '0.9.9-6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package cheesetracker is vulnerable in Debian 4.0.\nUpgrade to cheesetracker_0.9.9-6\n');
+}
+if (deb_check(prefix: 'cheesetracker', release: '3.1', reference: '0.9.9-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package cheesetracker is vulnerable in Debian sarge.\nUpgrade to cheesetracker_0.9.9-1sarge1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1167.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1167.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1167.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,94 @@
+# This script was automatically generated from the dsa-1167
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Several remote vulnerabilities have been discovered in the Apache, the
+worlds most popular webserver, which may lead to the execution of arbitrary
+web script. The Common Vulnerabilities and Exposures project identifies
+the following problems:
+ A cross-site scripting (XSS) flaw exists in the mod_imap component of
+ the Apache server.
+ Apache does not sanitize the Expect header from an HTTP request when
+ it is reflected back in an error message, which might allow cross-site
+ scripting (XSS) style attacks.
+For the stable distribution (sarge) these problems have been fixed in
+version 1.3.33-6sarge3.
+For the unstable distribution (sid) these problems have been fixed in
+version 1.3.34-3.
+We recommend that you upgrade your apache package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1167
+Risk factor : High';
+
+if (description) {
+ script_id(22709);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1167");
+ script_cve_id("CVE-2005-3352", "CVE-2006-3918");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1167] DSA-1167-1 apache");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1167-1 apache");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'apache', release: '3.1', reference: '1.3.33-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache is vulnerable in Debian 3.1.\nUpgrade to apache_1.3.33-6sarge3\n');
+}
+if (deb_check(prefix: 'apache-common', release: '3.1', reference: '1.3.33-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache-common is vulnerable in Debian 3.1.\nUpgrade to apache-common_1.3.33-6sarge3\n');
+}
+if (deb_check(prefix: 'apache-dbg', release: '3.1', reference: '1.3.33-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache-dbg is vulnerable in Debian 3.1.\nUpgrade to apache-dbg_1.3.33-6sarge3\n');
+}
+if (deb_check(prefix: 'apache-dev', release: '3.1', reference: '1.3.33-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache-dev is vulnerable in Debian 3.1.\nUpgrade to apache-dev_1.3.33-6sarge3\n');
+}
+if (deb_check(prefix: 'apache-doc', release: '3.1', reference: '1.3.33-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache-doc is vulnerable in Debian 3.1.\nUpgrade to apache-doc_1.3.33-6sarge3\n');
+}
+if (deb_check(prefix: 'apache-perl', release: '3.1', reference: '1.3.33-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache-perl is vulnerable in Debian 3.1.\nUpgrade to apache-perl_1.3.33-6sarge3\n');
+}
+if (deb_check(prefix: 'apache-ssl', release: '3.1', reference: '1.3.33-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache-ssl is vulnerable in Debian 3.1.\nUpgrade to apache-ssl_1.3.33-6sarge3\n');
+}
+if (deb_check(prefix: 'apache-utils', release: '3.1', reference: '1.3.33-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache-utils is vulnerable in Debian 3.1.\nUpgrade to apache-utils_1.3.33-6sarge3\n');
+}
+if (deb_check(prefix: 'libapache-mod-perl', release: '3.1', reference: '1.29.0.3-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libapache-mod-perl is vulnerable in Debian 3.1.\nUpgrade to libapache-mod-perl_1.29.0.3-6sarge3\n');
+}
+if (deb_check(prefix: 'apache', release: '4.0', reference: '1.3.34-3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache is vulnerable in Debian 4.0.\nUpgrade to apache_1.3.34-3\n');
+}
+if (deb_check(prefix: 'apache', release: '3.1', reference: '1.3.33-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package apache is vulnerable in Debian sarge.\nUpgrade to apache_1.3.33-6sarge3\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1168.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1168.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1168.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,72 @@
+# This script was automatically generated from the dsa-1168
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Several remote vulnerabilities have been discovered in Imagemagick, a
+collection of image manipulation tools, which may lead to the execution
+of arbitrary code. The Common Vulnerabilities and Exposures project
+identifies the following problems:
+ Eero Häkkinen discovered that the display tool allocates insufficient
+ memory for globbing patterns, which might lead to a buffer overflow.
+ Tavis Ormandy from the Google Security Team discovered that the Sun
+ bitmap decoder performs insufficient input sanitising, which might
+ lead to buffer overflows and the execution of arbitrary code.
+ Tavis Ormandy from the Google Security Team discovered that the XCF
+ image decoder performs insufficient input sanitising, which might
+ lead to buffer overflows and the execution of arbitrary code.
+For the stable distribution (sarge) these problems have been fixed in
+version 6:6.0.6.2-2.7.
+For the unstable distribution (sid) these problems will be fixed soon.
+We recommend that you upgrade your imagemagick packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1168
+Risk factor : High';
+
+if (description) {
+ script_id(22710);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1168");
+ script_cve_id("CVE-2006-2440", "CVE-2006-3743", "CVE-2006-3744");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1168] DSA-1168-1 imagemagick");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1168-1 imagemagick");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'imagemagick', release: '3.1', reference: '6.0.6.2-2.7')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package imagemagick is vulnerable in Debian 3.1.\nUpgrade to imagemagick_6.0.6.2-2.7\n');
+}
+if (deb_check(prefix: 'libmagick6', release: '3.1', reference: '6.0.6.2-2.7')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libmagick6 is vulnerable in Debian 3.1.\nUpgrade to libmagick6_6.0.6.2-2.7\n');
+}
+if (deb_check(prefix: 'libmagick6-dev', release: '3.1', reference: '6.0.6.2-2.7')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libmagick6-dev is vulnerable in Debian 3.1.\nUpgrade to libmagick6-dev_6.0.6.2-2.7\n');
+}
+if (deb_check(prefix: 'perlmagick', release: '3.1', reference: '6.0.6.2-2.7')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package perlmagick is vulnerable in Debian 3.1.\nUpgrade to perlmagick_6.0.6.2-2.7\n');
+}
+if (deb_check(prefix: 'imagemagick', release: '3.1', reference: '6.0.6.2-2.7')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package imagemagick is vulnerable in Debian sarge.\nUpgrade to imagemagick_6.0.6.2-2.7\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1169.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1169.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1169.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,79 @@
+# This script was automatically generated from the dsa-1169
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Several local vulnerabilities have been discovered in the MySQL
+database server. The Common Vulnerabilities and Exposures project
+identifies the following problems:
+ Michal Prokopiuk discovered that remote authenticated users are
+ permitted to create and access a database if the lowercase
+ spelling is the same as one they have been granted access to.
+ Beat Vontobel discovered that certain queries replicated to a
+ slave could crash the client and thus terminate the replication.
+For the stable distribution (sarge) these problems have been fixed in
+version 4.1.11a-4sarge7. Version 4.0 is not affected by these
+problems.
+For the unstable distribution (sid) these problems have been fixed in
+version 5.0.24-3. The replication problem only exists in version 4.1.
+We recommend that you upgrade your mysql-server-4.1 package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1169
+Risk factor : High';
+
+if (description) {
+ script_id(22711);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1169");
+ script_cve_id("CVE-2006-4226", "CVE-2006-4380");
+ script_bugtraq_id(19559);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1169] DSA-1169-1 mysql-dfsg-4.1");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1169-1 mysql-dfsg-4.1");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'libmysqlclient14', release: '3.1', reference: '4.1.11a-4sarge7')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libmysqlclient14 is vulnerable in Debian 3.1.\nUpgrade to libmysqlclient14_4.1.11a-4sarge7\n');
+}
+if (deb_check(prefix: 'libmysqlclient14-dev', release: '3.1', reference: '4.1.11a-4sarge7')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libmysqlclient14-dev is vulnerable in Debian 3.1.\nUpgrade to libmysqlclient14-dev_4.1.11a-4sarge7\n');
+}
+if (deb_check(prefix: 'mysql-client-4.1', release: '3.1', reference: '4.1.11a-4sarge7')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mysql-client-4.1 is vulnerable in Debian 3.1.\nUpgrade to mysql-client-4.1_4.1.11a-4sarge7\n');
+}
+if (deb_check(prefix: 'mysql-common-4.1', release: '3.1', reference: '4.1.11a-4sarge7')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mysql-common-4.1 is vulnerable in Debian 3.1.\nUpgrade to mysql-common-4.1_4.1.11a-4sarge7\n');
+}
+if (deb_check(prefix: 'mysql-server-4.1', release: '3.1', reference: '4.1.11a-4sarge7')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mysql-server-4.1 is vulnerable in Debian 3.1.\nUpgrade to mysql-server-4.1_4.1.11a-4sarge7\n');
+}
+if (deb_check(prefix: 'mysql-dfsg-4.1', release: '4.0', reference: '5.0.24-3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mysql-dfsg-4.1 is vulnerable in Debian 4.0.\nUpgrade to mysql-dfsg-4.1_5.0.24-3\n');
+}
+if (deb_check(prefix: 'mysql-dfsg-4.1', release: '3.1', reference: '4.1.11a-4sarge7')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mysql-dfsg-4.1 is vulnerable in Debian sarge.\nUpgrade to mysql-dfsg-4.1_4.1.11a-4sarge7\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1170.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1170.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1170.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,165 @@
+# This script was automatically generated from the dsa-1170
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Jürgen Weigert discovered that upon unpacking JAR archives fastjar
+from the GNU Compiler Collection does not check the path for included
+files and allows to create or overwrite files in upper directories.
+For the stable distribution (sarge) this problem has been fixed in
+version 3.4.3-13sarge1.
+For the unstable distribution (sid) this problem has been fixed in
+version 4.1.1-11.
+We recommend that you upgrade your fastjar package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1170
+Risk factor : High';
+
+if (description) {
+ script_id(22712);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1170");
+ script_cve_id("CVE-2006-3619");
+ script_bugtraq_id(15669);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1170] DSA-1170-1 gcc-3.4");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1170-1 gcc-3.4");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'cpp-3.4', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package cpp-3.4 is vulnerable in Debian 3.1.\nUpgrade to cpp-3.4_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'cpp-3.4-doc', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package cpp-3.4-doc is vulnerable in Debian 3.1.\nUpgrade to cpp-3.4-doc_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'fastjar', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package fastjar is vulnerable in Debian 3.1.\nUpgrade to fastjar_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'g77-3.4', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package g77-3.4 is vulnerable in Debian 3.1.\nUpgrade to g77-3.4_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'g77-3.4-doc', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package g77-3.4-doc is vulnerable in Debian 3.1.\nUpgrade to g77-3.4-doc_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'gcc-3.4', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gcc-3.4 is vulnerable in Debian 3.1.\nUpgrade to gcc-3.4_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'gcc-3.4-base', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gcc-3.4-base is vulnerable in Debian 3.1.\nUpgrade to gcc-3.4-base_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'gcc-3.4-doc', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gcc-3.4-doc is vulnerable in Debian 3.1.\nUpgrade to gcc-3.4-doc_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'gcc-3.4-hppa64', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gcc-3.4-hppa64 is vulnerable in Debian 3.1.\nUpgrade to gcc-3.4-hppa64_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'gcj-3.4', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gcj-3.4 is vulnerable in Debian 3.1.\nUpgrade to gcj-3.4_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'gij-3.4', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gij-3.4 is vulnerable in Debian 3.1.\nUpgrade to gij-3.4_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'gnat-3.4', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gnat-3.4 is vulnerable in Debian 3.1.\nUpgrade to gnat-3.4_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'gnat-3.4-doc', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gnat-3.4-doc is vulnerable in Debian 3.1.\nUpgrade to gnat-3.4-doc_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'gobjc-3.4', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gobjc-3.4 is vulnerable in Debian 3.1.\nUpgrade to gobjc-3.4_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'gpc-2.1-3.4', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gpc-2.1-3.4 is vulnerable in Debian 3.1.\nUpgrade to gpc-2.1-3.4_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'gpc-2.1-3.4-doc', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gpc-2.1-3.4-doc is vulnerable in Debian 3.1.\nUpgrade to gpc-2.1-3.4-doc_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'lib32gcc1', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package lib32gcc1 is vulnerable in Debian 3.1.\nUpgrade to lib32gcc1_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'lib64gcc1', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package lib64gcc1 is vulnerable in Debian 3.1.\nUpgrade to lib64gcc1_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'libffi3', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libffi3 is vulnerable in Debian 3.1.\nUpgrade to libffi3_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'libffi3-dev', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libffi3-dev is vulnerable in Debian 3.1.\nUpgrade to libffi3-dev_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'libgcc1', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgcc1 is vulnerable in Debian 3.1.\nUpgrade to libgcc1_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'libgcc2', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgcc2 is vulnerable in Debian 3.1.\nUpgrade to libgcc2_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'libgcj5', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgcj5 is vulnerable in Debian 3.1.\nUpgrade to libgcj5_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'libgcj5-awt', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgcj5-awt is vulnerable in Debian 3.1.\nUpgrade to libgcj5-awt_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'libgcj5-common', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgcj5-common is vulnerable in Debian 3.1.\nUpgrade to libgcj5-common_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'libgcj5-dev', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgcj5-dev is vulnerable in Debian 3.1.\nUpgrade to libgcj5-dev_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'libgnat-3.4', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgnat-3.4 is vulnerable in Debian 3.1.\nUpgrade to libgnat-3.4_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'treelang-3.4', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package treelang-3.4 is vulnerable in Debian 3.1.\nUpgrade to treelang-3.4_3.4.3-13sarge1\n');
+}
+if (deb_check(prefix: 'gcc-3.4', release: '4.0', reference: '4.1.1-11')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gcc-3.4 is vulnerable in Debian 4.0.\nUpgrade to gcc-3.4_4.1.1-11\n');
+}
+if (deb_check(prefix: 'gcc-3.4', release: '3.1', reference: '3.4.3-13sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gcc-3.4 is vulnerable in Debian sarge.\nUpgrade to gcc-3.4_3.4.3-13sarge1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1171.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1171.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1171.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,85 @@
+# This script was automatically generated from the dsa-1171
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Several remote vulnerabilities have been discovered in the Ethereal network
+scanner, which may lead to the execution of arbitrary code. The Common
+Vulnerabilities and Exposures project identifies the following problems:
+ It was discovered that the Q.2391 dissector is vulnerable to denial
+ of service caused by memory exhaustion.
+ It was discovered that the FC-FCS, RSVP and ISIS-LSP dissectors are
+ vulnerable to denial of service caused by memory exhaustion.
+ It was discovered that the IrDA and SMB dissectors are vulnerable to
+ denial of service caused by memory corruption.
+ It was discovered that the SLIMP3 and AgentX dissectors are vulnerable
+ to code injection caused by buffer overflows.
+ It was discovered that the BER dissector is vulnerable to denial of
+ service caused by an infinite loop.
+ It was discovered that the NCP and RTnet dissectors are vulnerable to
+ denial of service caused by a null pointer dereference.
+ It was discovered that the X11 dissector is vulnerable to denial of service
+ caused by a division through zero.
+This update also fixes a 64 bit-specific regression in the ASN.1 decoder, which
+was introduced in a previous DSA.
+For the stable distribution (sarge) these problems have been fixed in
+version 0.10.10-2sarge8.
+For the unstable distribution (sid) these problems have been fixed in
+version 0.99.2-5.1 of wireshark, the network sniffer formerly known as
+ethereal.
+We recommend that you upgrade your ethereal packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1171
+Risk factor : High';
+
+if (description) {
+ script_id(22713);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1171");
+ script_cve_id("CVE-2005-3241", "CVE-2005-3242", "CVE-2005-3243", "CVE-2005-3244", "CVE-2005-3246", "CVE-2005-3248", "CVE-2006-4333");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1171] DSA-1171-1 ethereal");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1171-1 ethereal");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'ethereal', release: '3.1', reference: '0.10.10-2sarge8')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ethereal is vulnerable in Debian 3.1.\nUpgrade to ethereal_0.10.10-2sarge8\n');
+}
+if (deb_check(prefix: 'ethereal-common', release: '3.1', reference: '0.10.10-2sarge8')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ethereal-common is vulnerable in Debian 3.1.\nUpgrade to ethereal-common_0.10.10-2sarge8\n');
+}
+if (deb_check(prefix: 'ethereal-dev', release: '3.1', reference: '0.10.10-2sarge8')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ethereal-dev is vulnerable in Debian 3.1.\nUpgrade to ethereal-dev_0.10.10-2sarge8\n');
+}
+if (deb_check(prefix: 'tethereal', release: '3.1', reference: '0.10.10-2sarge8')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package tethereal is vulnerable in Debian 3.1.\nUpgrade to tethereal_0.10.10-2sarge8\n');
+}
+if (deb_check(prefix: 'ethereal', release: '4.0', reference: '0.99.2-5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ethereal is vulnerable in Debian 4.0.\nUpgrade to ethereal_0.99.2-5\n');
+}
+if (deb_check(prefix: 'ethereal', release: '3.1', reference: '0.10.10-2sarge8')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ethereal is vulnerable in Debian sarge.\nUpgrade to ethereal_0.10.10-2sarge8\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1172.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1172.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1172.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,99 @@
+# This script was automatically generated from the dsa-1172
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Two vulnerabilities have been discovered in BIND9, the Berkeley
+Internet Name Domain server. The first relates to SIG query
+processing and the second relates to a condition that can trigger an
+INSIST failure, both lead to a denial of service.
+For the stable distribution (sarge) these problems have been fixed in
+version 9.2.4-1sarge1.
+For the unstable distribution (sid) these problems have been fixed in
+version 9.3.2-P1-1.
+We recommend that you upgrade your bind9 package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1172
+Risk factor : High';
+
+if (description) {
+ script_id(22714);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1172");
+ script_cve_id("CVE-2006-4095", "CVE-2006-4096");
+ script_xref(name: "CERT", value: "697164");
+ script_xref(name: "CERT", value: "915404");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1172] DSA-1172-1 bind9");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1172-1 bind9");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'bind9', release: '3.1', reference: '9.2.4-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package bind9 is vulnerable in Debian 3.1.\nUpgrade to bind9_9.2.4-1sarge1\n');
+}
+if (deb_check(prefix: 'bind9-doc', release: '3.1', reference: '9.2.4-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package bind9-doc is vulnerable in Debian 3.1.\nUpgrade to bind9-doc_9.2.4-1sarge1\n');
+}
+if (deb_check(prefix: 'bind9-host', release: '3.1', reference: '9.2.4-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package bind9-host is vulnerable in Debian 3.1.\nUpgrade to bind9-host_9.2.4-1sarge1\n');
+}
+if (deb_check(prefix: 'dnsutils', release: '3.1', reference: '9.2.4-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package dnsutils is vulnerable in Debian 3.1.\nUpgrade to dnsutils_9.2.4-1sarge1\n');
+}
+if (deb_check(prefix: 'libbind-dev', release: '3.1', reference: '9.2.4-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libbind-dev is vulnerable in Debian 3.1.\nUpgrade to libbind-dev_9.2.4-1sarge1\n');
+}
+if (deb_check(prefix: 'libdns16', release: '3.1', reference: '9.2.4-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libdns16 is vulnerable in Debian 3.1.\nUpgrade to libdns16_9.2.4-1sarge1\n');
+}
+if (deb_check(prefix: 'libisc7', release: '3.1', reference: '9.2.4-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libisc7 is vulnerable in Debian 3.1.\nUpgrade to libisc7_9.2.4-1sarge1\n');
+}
+if (deb_check(prefix: 'libisccc0', release: '3.1', reference: '9.2.4-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libisccc0 is vulnerable in Debian 3.1.\nUpgrade to libisccc0_9.2.4-1sarge1\n');
+}
+if (deb_check(prefix: 'libisccfg0', release: '3.1', reference: '9.2.4-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libisccfg0 is vulnerable in Debian 3.1.\nUpgrade to libisccfg0_9.2.4-1sarge1\n');
+}
+if (deb_check(prefix: 'liblwres1', release: '3.1', reference: '9.2.4-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package liblwres1 is vulnerable in Debian 3.1.\nUpgrade to liblwres1_9.2.4-1sarge1\n');
+}
+if (deb_check(prefix: 'lwresd', release: '3.1', reference: '9.2.4-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package lwresd is vulnerable in Debian 3.1.\nUpgrade to lwresd_9.2.4-1sarge1\n');
+}
+if (deb_check(prefix: 'bind9', release: '4.0', reference: '9.3.2-P1-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package bind9 is vulnerable in Debian 4.0.\nUpgrade to bind9_9.3.2-P1-1\n');
+}
+if (deb_check(prefix: 'bind9', release: '3.1', reference: '9.2.4-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package bind9 is vulnerable in Debian sarge.\nUpgrade to bind9_9.2.4-1sarge1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1173.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1173.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1173.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,68 @@
+# This script was automatically generated from the dsa-1173
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Daniel Bleichenbacher discovered a flaw in the OpenSSL cryptographic package
+that could allow an attacker to generate a forged signature that OpenSSL
+will accept as valid.
+For the stable distribution (sarge) this problem has been fixed in
+version 0.9.7e-3sarge2.
+For the unstable distribution (sid) this problem has been fixed in
+version 0.9.8b-3.
+We recommend that you upgrade your openssl packages. Note that services
+linking against the openssl shared libraries will need to be restarted.
+Common examples of such services include most Mail Transport Agents, SSH
+servers, and web servers.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1173
+Risk factor : High';
+
+if (description) {
+ script_id(22715);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1173");
+ script_cve_id("CVE-2006-4339");
+ script_bugtraq_id(19849);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1173] DSA-1173-1 openssl");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1173-1 openssl");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'libssl-dev', release: '3.1', reference: '0.9.7e-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libssl-dev is vulnerable in Debian 3.1.\nUpgrade to libssl-dev_0.9.7e-3sarge2\n');
+}
+if (deb_check(prefix: 'libssl0.9.7', release: '3.1', reference: '0.9.7e-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libssl0.9.7 is vulnerable in Debian 3.1.\nUpgrade to libssl0.9.7_0.9.7e-3sarge2\n');
+}
+if (deb_check(prefix: 'openssl', release: '3.1', reference: '0.9.7e-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openssl is vulnerable in Debian 3.1.\nUpgrade to openssl_0.9.7e-3sarge2\n');
+}
+if (deb_check(prefix: 'openssl', release: '4.0', reference: '0.9.8b-3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openssl is vulnerable in Debian 4.0.\nUpgrade to openssl_0.9.8b-3\n');
+}
+if (deb_check(prefix: 'openssl', release: '3.1', reference: '0.9.7e-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openssl is vulnerable in Debian sarge.\nUpgrade to openssl_0.9.7e-3sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1174.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1174.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1174.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,56 @@
+# This script was automatically generated from the dsa-1174
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Daniel Bleichenbacher discovered a flaw in the OpenSSL cryptographic package
+that could allow an attacker to generate a forged signature that OpenSSL
+will accept as valid.
+For the stable distribution (sarge) this problem has been fixed in
+version 0.9.6m-1sarge2.
+This package exists only for compatibility with older software, and is
+not present in the unstable or testing branches of Debian.
+We recommend that you upgrade your openssl packages. Note that services
+linking against the openssl shared libraries will need to be restarted.
+Common examples of such services include most Mail Transport Agents, SSH
+servers, and web servers.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1174
+Risk factor : High';
+
+if (description) {
+ script_id(22716);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1174");
+ script_cve_id("CVE-2006-4339");
+ script_bugtraq_id(19849);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1174] DSA-1174-1 openssl096");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1174-1 openssl096");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'libssl0.9.6', release: '3.1', reference: '0.9.6m-1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libssl0.9.6 is vulnerable in Debian 3.1.\nUpgrade to libssl0.9.6_0.9.6m-1sarge2\n');
+}
+if (deb_check(prefix: 'openssl096', release: '3.1', reference: '0.9.6m-1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openssl096 is vulnerable in Debian sarge.\nUpgrade to openssl096_0.9.6m-1sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1175.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1175.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1175.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,60 @@
+# This script was automatically generated from the dsa-1175
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+A flaw has been found in isakmpd, OpenBSD\'s implementation of the
+Internet Key Exchange protocol, that caused Security Associations to be
+created with a replay window of 0 when isakmpd was acting as the
+responder during SA negotiation. This could allow an attacker to
+re-inject sniffed IPsec packets, which would not be checked against the
+replay counter.
+For the stable distribution (sarge) this problem has been fixed in
+version 20041012-1sarge1.
+For the unstable distribution (sid) this problem has been fixed in
+version 20041012-4.
+We recommend that you upgrade your isakmpd package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1175
+Risk factor : High';
+
+if (description) {
+ script_id(22717);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1175");
+ script_cve_id("CVE-2006-4436");
+ script_bugtraq_id(19712);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1175] DSA-1175-1 isakmpd");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1175-1 isakmpd");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'isakmpd', release: '3.1', reference: '20041012-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package isakmpd is vulnerable in Debian 3.1.\nUpgrade to isakmpd_20041012-1sarge1\n');
+}
+if (deb_check(prefix: 'isakmpd', release: '4.0', reference: '20041012-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package isakmpd is vulnerable in Debian 4.0.\nUpgrade to isakmpd_20041012-4\n');
+}
+if (deb_check(prefix: 'isakmpd', release: '3.1', reference: '20041012-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package isakmpd is vulnerable in Debian sarge.\nUpgrade to isakmpd_20041012-1sarge1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1176.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1176.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1176.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,52 @@
+# This script was automatically generated from the dsa-1176
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+It was discovered that the Zope web application server does not disable
+the csv_table directive in web pages containing ReST markup, allowing
+the exposure of files readable by the Zope server.
+For the stable distribution (sarge) this problem has been fixed in
+version 2.7.5-2sarge2.
+The unstable distribution (sid) doesn\'t contain zope2.7 any longer, for
+zope2.8 this problem has been fixed in version 2.8.8-2.
+We recommend that you upgrade your Zope package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1176
+Risk factor : High';
+
+if (description) {
+ script_id(22718);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1176");
+ script_cve_id("CVE-2006-4684");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1176] DSA-1176-1 zope2.7");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1176-1 zope2.7");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'zope2.7', release: '3.1', reference: '2.7.5-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package zope2.7 is vulnerable in Debian 3.1.\nUpgrade to zope2.7_2.7.5-2sarge3\n');
+}
+if (deb_check(prefix: 'zope2.7', release: '3.1', reference: '2.7.5-2sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package zope2.7 is vulnerable in Debian sarge.\nUpgrade to zope2.7_2.7.5-2sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1177.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1177.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1177.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,155 @@
+# This script was automatically generated from the dsa-1177
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Hendrik Weimer discovered that it is possible for a normal user to
+disable the login shell of the root account via usermin, a web-based
+administration tool.
+For the stable distribution (sarge) this problem has been fixed in
+version 1.110-3.1.
+In the upstream distribution this problem is fixed in version 1.220.
+We recommend that you upgrade your usermin package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1177
+Risk factor : High';
+
+if (description) {
+ script_id(22719);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1177");
+ script_cve_id("CVE-2006-4246");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1177] DSA-1177-1 usermin");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1177-1 usermin");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'usermin', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin is vulnerable in Debian 3.1.\nUpgrade to usermin_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-at', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-at is vulnerable in Debian 3.1.\nUpgrade to usermin-at_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-changepass', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-changepass is vulnerable in Debian 3.1.\nUpgrade to usermin-changepass_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-chfn', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-chfn is vulnerable in Debian 3.1.\nUpgrade to usermin-chfn_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-commands', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-commands is vulnerable in Debian 3.1.\nUpgrade to usermin-commands_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-cron', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-cron is vulnerable in Debian 3.1.\nUpgrade to usermin-cron_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-cshrc', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-cshrc is vulnerable in Debian 3.1.\nUpgrade to usermin-cshrc_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-fetchmail', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-fetchmail is vulnerable in Debian 3.1.\nUpgrade to usermin-fetchmail_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-forward', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-forward is vulnerable in Debian 3.1.\nUpgrade to usermin-forward_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-gnupg', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-gnupg is vulnerable in Debian 3.1.\nUpgrade to usermin-gnupg_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-htaccess', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-htaccess is vulnerable in Debian 3.1.\nUpgrade to usermin-htaccess_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-htpasswd', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-htpasswd is vulnerable in Debian 3.1.\nUpgrade to usermin-htpasswd_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-mailbox', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-mailbox is vulnerable in Debian 3.1.\nUpgrade to usermin-mailbox_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-man', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-man is vulnerable in Debian 3.1.\nUpgrade to usermin-man_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-mysql', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-mysql is vulnerable in Debian 3.1.\nUpgrade to usermin-mysql_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-plan', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-plan is vulnerable in Debian 3.1.\nUpgrade to usermin-plan_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-postgresql', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-postgresql is vulnerable in Debian 3.1.\nUpgrade to usermin-postgresql_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-proc', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-proc is vulnerable in Debian 3.1.\nUpgrade to usermin-proc_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-procmail', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-procmail is vulnerable in Debian 3.1.\nUpgrade to usermin-procmail_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-quota', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-quota is vulnerable in Debian 3.1.\nUpgrade to usermin-quota_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-schedule', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-schedule is vulnerable in Debian 3.1.\nUpgrade to usermin-schedule_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-shell', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-shell is vulnerable in Debian 3.1.\nUpgrade to usermin-shell_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-spamassassin', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-spamassassin is vulnerable in Debian 3.1.\nUpgrade to usermin-spamassassin_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-ssh', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-ssh is vulnerable in Debian 3.1.\nUpgrade to usermin-ssh_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-tunnel', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-tunnel is vulnerable in Debian 3.1.\nUpgrade to usermin-tunnel_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-updown', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-updown is vulnerable in Debian 3.1.\nUpgrade to usermin-updown_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin-usermount', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin-usermount is vulnerable in Debian 3.1.\nUpgrade to usermin-usermount_1.110-3.1\n');
+}
+if (deb_check(prefix: 'usermin', release: '3.1', reference: '1.110-3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package usermin is vulnerable in Debian sarge.\nUpgrade to usermin_1.110-3.1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1178.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1178.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1178.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,63 @@
+# This script was automatically generated from the dsa-1178
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+It was discovered that an integer overflow in freetype\'s PCF font code
+may lead to denial of service and potential execution of arbitrary code.
+For the stable distribution (sarge) this problem has been fixed in
+version 2.1.7-6.
+For the unstable distribution (sid) this problem has been fixed in
+version 2.2.1-5.
+We recommend that you upgrade your freetype package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1178
+Risk factor : High';
+
+if (description) {
+ script_id(22720);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1178");
+ script_cve_id("CVE-2006-3467");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1178] DSA-1178-1 freetype");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1178-1 freetype");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'freetype2-demos', release: '3.1', reference: '2.1.7-6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package freetype2-demos is vulnerable in Debian 3.1.\nUpgrade to freetype2-demos_2.1.7-6\n');
+}
+if (deb_check(prefix: 'libfreetype6', release: '3.1', reference: '2.1.7-6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libfreetype6 is vulnerable in Debian 3.1.\nUpgrade to libfreetype6_2.1.7-6\n');
+}
+if (deb_check(prefix: 'libfreetype6-dev', release: '3.1', reference: '2.1.7-6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libfreetype6-dev is vulnerable in Debian 3.1.\nUpgrade to libfreetype6-dev_2.1.7-6\n');
+}
+if (deb_check(prefix: 'freetype', release: '4.0', reference: '2.2.1-5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package freetype is vulnerable in Debian 4.0.\nUpgrade to freetype_2.2.1-5\n');
+}
+if (deb_check(prefix: 'freetype', release: '3.1', reference: '2.1.7-6')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package freetype is vulnerable in Debian sarge.\nUpgrade to freetype_2.1.7-6\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1179.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1179.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1179.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,99 @@
+# This script was automatically generated from the dsa-1179
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Luigi Auriemma discovered several buffer overflows in alsaplayer, a
+PCM player designed for ALSA, that can lead to a crash of the
+application and maybe worse outcome.
+For the stable distribution (sarge) these problems have been fixed in
+version 0.99.76-0.3sarge1.
+For the unstable distribution (sid) these problems will be fixed soon.
+We recommend that you upgrade your alsaplayer package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1179
+Risk factor : High';
+
+if (description) {
+ script_id(22721);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1179");
+ script_cve_id("CVE-2006-4089");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1179] DSA-1179-1 alsaplayer");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1179-1 alsaplayer");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'alsaplayer', release: '3.1', reference: '0.99.76-0.3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package alsaplayer is vulnerable in Debian 3.1.\nUpgrade to alsaplayer_0.99.76-0.3sarge1\n');
+}
+if (deb_check(prefix: 'alsaplayer-alsa', release: '3.1', reference: '0.99.76-0.3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package alsaplayer-alsa is vulnerable in Debian 3.1.\nUpgrade to alsaplayer-alsa_0.99.76-0.3sarge1\n');
+}
+if (deb_check(prefix: 'alsaplayer-common', release: '3.1', reference: '0.99.76-0.3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package alsaplayer-common is vulnerable in Debian 3.1.\nUpgrade to alsaplayer-common_0.99.76-0.3sarge1\n');
+}
+if (deb_check(prefix: 'alsaplayer-daemon', release: '3.1', reference: '0.99.76-0.3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package alsaplayer-daemon is vulnerable in Debian 3.1.\nUpgrade to alsaplayer-daemon_0.99.76-0.3sarge1\n');
+}
+if (deb_check(prefix: 'alsaplayer-esd', release: '3.1', reference: '0.99.76-0.3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package alsaplayer-esd is vulnerable in Debian 3.1.\nUpgrade to alsaplayer-esd_0.99.76-0.3sarge1\n');
+}
+if (deb_check(prefix: 'alsaplayer-gtk', release: '3.1', reference: '0.99.76-0.3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package alsaplayer-gtk is vulnerable in Debian 3.1.\nUpgrade to alsaplayer-gtk_0.99.76-0.3sarge1\n');
+}
+if (deb_check(prefix: 'alsaplayer-jack', release: '3.1', reference: '0.99.76-0.3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package alsaplayer-jack is vulnerable in Debian 3.1.\nUpgrade to alsaplayer-jack_0.99.76-0.3sarge1\n');
+}
+if (deb_check(prefix: 'alsaplayer-nas', release: '3.1', reference: '0.99.76-0.3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package alsaplayer-nas is vulnerable in Debian 3.1.\nUpgrade to alsaplayer-nas_0.99.76-0.3sarge1\n');
+}
+if (deb_check(prefix: 'alsaplayer-oss', release: '3.1', reference: '0.99.76-0.3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package alsaplayer-oss is vulnerable in Debian 3.1.\nUpgrade to alsaplayer-oss_0.99.76-0.3sarge1\n');
+}
+if (deb_check(prefix: 'alsaplayer-text', release: '3.1', reference: '0.99.76-0.3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package alsaplayer-text is vulnerable in Debian 3.1.\nUpgrade to alsaplayer-text_0.99.76-0.3sarge1\n');
+}
+if (deb_check(prefix: 'alsaplayer-xosd', release: '3.1', reference: '0.99.76-0.3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package alsaplayer-xosd is vulnerable in Debian 3.1.\nUpgrade to alsaplayer-xosd_0.99.76-0.3sarge1\n');
+}
+if (deb_check(prefix: 'libalsaplayer-dev', release: '3.1', reference: '0.99.76-0.3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libalsaplayer-dev is vulnerable in Debian 3.1.\nUpgrade to libalsaplayer-dev_0.99.76-0.3sarge1\n');
+}
+if (deb_check(prefix: 'libalsaplayer0', release: '3.1', reference: '0.99.76-0.3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libalsaplayer0 is vulnerable in Debian 3.1.\nUpgrade to libalsaplayer0_0.99.76-0.3sarge1\n');
+}
+if (deb_check(prefix: 'alsaplayer', release: '3.1', reference: '0.99.76-0.3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package alsaplayer is vulnerable in Debian sarge.\nUpgrade to alsaplayer_0.99.76-0.3sarge1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1180.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1180.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1180.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,64 @@
+# This script was automatically generated from the dsa-1180
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Luigi Auriemma discovered two security related bugs in bomberclone, a
+free Bomberman clone. The Common Vulnerabilities and Exposures
+project identifies the following problems:
+ The program copies remotely provided data unchecked which could
+ lead to a denial of service via an application crash.
+ Bomberclone uses remotely provided data as length argument which
+ can lead to the disclosure of private information.
+For the stable distribution (sarge) these problems have been fixed in
+version 0.11.5-1sarge2.
+For the unstable distribution (sid) these problems have been fixed in
+version 0.11.7-0.1.
+We recommend that you upgrade your bomberclone package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1180
+Risk factor : High';
+
+if (description) {
+ script_id(22722);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1180");
+ script_cve_id("CVE-2006-4005", "CVE-2006-4006");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1180] DSA-1180-1 bomberclone");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1180-1 bomberclone");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'bomberclone', release: '3.1', reference: '0.11.5-1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package bomberclone is vulnerable in Debian 3.1.\nUpgrade to bomberclone_0.11.5-1sarge2\n');
+}
+if (deb_check(prefix: 'bomberclone-data', release: '3.1', reference: '0.11.5-1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package bomberclone-data is vulnerable in Debian 3.1.\nUpgrade to bomberclone-data_0.11.5-1sarge2\n');
+}
+if (deb_check(prefix: 'bomberclone', release: '4.0', reference: '0.11.7-0.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package bomberclone is vulnerable in Debian 4.0.\nUpgrade to bomberclone_0.11.7-0.1\n');
+}
+if (deb_check(prefix: 'bomberclone', release: '3.1', reference: '0.11.5-1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package bomberclone is vulnerable in Debian sarge.\nUpgrade to bomberclone_0.11.5-1sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1181.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1181.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1181.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,66 @@
+# This script was automatically generated from the dsa-1181
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Tavis Ormandy from the Google Security Team discovered several
+vulnerabilities in gzip, the GNU compression utility. The Common
+Vulnerabilities and Exposures project identifies the following problems:
+ A null pointer dereference may lead to denial of service if gzip is
+ used in an automated manner.
+ Missing boundary checks may lead to stack modification, allowing
+ execution of arbitrary code.
+ A buffer underflow in the pack support code may lead to execution of
+ arbitrary code.
+ A buffer underflow in the LZH support code may lead to execution of
+ arbitrary code.
+ An infinite loop may lead to denial of service if gzip is used in
+ an automated manner.
+For the stable distribution (sarge) these problems have been fixed in
+version 1.3.5-10sarge2.
+For the unstable distribution (sid) these problems have been fixed in
+version 1.3.5-15.
+We recommend that you upgrade your gzip package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1181
+Risk factor : High';
+
+if (description) {
+ script_id(22723);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1181");
+ script_cve_id("CVE-2006-4334", "CVE-2006-4335", "CVE-2006-4336", "CVE-2006-4337", "CVE-2006-4338");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1181] DSA-1181-1 gzip");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1181-1 gzip");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'gzip', release: '3.1', reference: '1.3.5-10sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gzip is vulnerable in Debian 3.1.\nUpgrade to gzip_1.3.5-10sarge2\n');
+}
+if (deb_check(prefix: 'gzip', release: '4.0', reference: '1.3.5-15')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gzip is vulnerable in Debian 4.0.\nUpgrade to gzip_1.3.5-15\n');
+}
+if (deb_check(prefix: 'gzip', release: '3.1', reference: '1.3.5-10sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gzip is vulnerable in Debian sarge.\nUpgrade to gzip_1.3.5-10sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1182.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1182.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1182.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,64 @@
+# This script was automatically generated from the dsa-1182
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Daniel Bleichenbacher discovered a flaw in GNU TLS cryptographic package
+that could allow an attacker to generate a forged signature that GNU TLS
+will accept as valid.
+For the stable distribution (sarge) this problem has been fixed in
+version 1.0.16-13.2sarge2.
+The unstable distribution (sid) does no longer contain gnutls11, for
+gnutls13 this problem has been fixed in version 1.4.4-1.
+We recommend that you upgrade your GNU TLS package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1182
+Risk factor : High';
+
+if (description) {
+ script_id(22724);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1182");
+ script_cve_id("CVE-2006-4790");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1182] DSA-1182-1 gnutls11");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1182-1 gnutls11");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'gnutls-bin', release: '3.1', reference: '1.0.16-13.2sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gnutls-bin is vulnerable in Debian 3.1.\nUpgrade to gnutls-bin_1.0.16-13.2sarge2\n');
+}
+if (deb_check(prefix: 'libgnutls11', release: '3.1', reference: '1.0.16-13.2sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgnutls11 is vulnerable in Debian 3.1.\nUpgrade to libgnutls11_1.0.16-13.2sarge2\n');
+}
+if (deb_check(prefix: 'libgnutls11-dbg', release: '3.1', reference: '1.0.16-13.2sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgnutls11-dbg is vulnerable in Debian 3.1.\nUpgrade to libgnutls11-dbg_1.0.16-13.2sarge2\n');
+}
+if (deb_check(prefix: 'libgnutls11-dev', release: '3.1', reference: '1.0.16-13.2sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libgnutls11-dev is vulnerable in Debian 3.1.\nUpgrade to libgnutls11-dev_1.0.16-13.2sarge2\n');
+}
+if (deb_check(prefix: 'gnutls11', release: '3.1', reference: '1.0.16-13.2sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package gnutls11 is vulnerable in Debian sarge.\nUpgrade to gnutls11_1.0.16-13.2sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1183.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1183.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1183.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,674 @@
+# This script was automatically generated from the dsa-1183
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Several security related problems have been discovered in the Linux
+kernel which may lead to a denial of service or even the execution of
+arbitrary code. The Common Vulnerabilities and Exposures project
+identifies the following problems:
+ A buffer overflow in NFS readlink handling allows a malicious
+ remote server to cause a denial of service.
+ Diego Calleja Garcia discovered a buffer overflow in the DVD
+ handling code that could be exploited by a specially crafted DVD
+ USB storage device to execute arbitrary code.
+ A bug in the SCSI driver allows a local user to cause a denial of
+ service.
+ Patrick McHardy discovered a bug in the SNMP NAT helper that
+ allows remote attackers to cause a denial of service.
+ A race condition in the socket buffer handling allows remote
+ attackers to cause a denial of service.
+ Wei Wang discovered a bug in the SCTP implementation that allows
+ local users to cause a denial of service and possibly gain root
+ privileges.
+ David Miller reported a problem with the fix for CVE-2006-3745
+ that allows local users to crash the system via an SCTP
+ socket with a certain SO_LINGER value.
+The following matrix explains which kernel version for which
+architecture fixes the problem mentioned above:
+For the unstable distribution (sid) these problems won\'t be fixed
+anymore in the 2.4 kernel series.
+We recommend that you upgrade your kernel package and reboot the
+machine. If you have built a custom kernel from the kernel source
+package, you will need to rebuild to take advantage of these fixes.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1183
+Risk factor : High';
+
+if (description) {
+ script_id(22725);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1183");
+ script_cve_id("CVE-2005-4798", "CVE-2006-1528", "CVE-2006-2444", "CVE-2006-2446", "CVE-2006-2935", "CVE-2006-3745", "CVE-2006-4535");
+ script_bugtraq_id(18081, 18101, 18847, 19666, 20087);
+ script_xref(name: "CERT", value: "681569");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1183] DSA-1183-1 kernel-source-2.4.27");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1183-1 kernel-source-2.4.27");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'fai-kernels', release: '3.1', reference: '1.9.1sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package fai-kernels is vulnerable in Debian 3.1.\nUpgrade to fai-kernels_1.9.1sarge4\n');
+}
+if (deb_check(prefix: 'kernel-build-2.4.27', release: '3.1', reference: '2.4.27-2sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.4.27 is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.4.27_2.4.27-2sarge4\n');
+}
+if (deb_check(prefix: 'kernel-build-2.4.27-2', release: '3.1', reference: '2.4.27-9sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.4.27-2 is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.4.27-2_2.4.27-9sarge1\n');
+}
+if (deb_check(prefix: 'kernel-build-2.4.27-3', release: '3.1', reference: '2.4.27-9sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.4.27-3 is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.4.27-3_2.4.27-9sarge4\n');
+}
+if (deb_check(prefix: 'kernel-build-2.4.27-apus', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.4.27-apus is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.4.27-apus_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-build-2.4.27-nubus', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.4.27-nubus is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.4.27-nubus_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-build-2.4.27-powerpc', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.4.27-powerpc is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.4.27-powerpc_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-build-2.4.27-powerpc-small', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.4.27-powerpc-small is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.4.27-powerpc-small_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-build-2.4.27-powerpc-smp', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.4.27-powerpc-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.4.27-powerpc-smp_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-doc-2.4.27', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-doc-2.4.27 is vulnerable in Debian 3.1.\nUpgrade to kernel-doc-2.4.27_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-doc-2.4.27-speakup', release: '3.1', reference: '2.4.27-1.1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-doc-2.4.27-speakup is vulnerable in Debian 3.1.\nUpgrade to kernel-doc-2.4.27-speakup_2.4.27-1.1sarge3\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27', release: '3.1', reference: '2.4.27-10.sarge4.040815-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27_2.4.27-10.sarge4.040815-1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-2', release: '3.1', reference: '2.4.27-9sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-2 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-2_2.4.27-9sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-2-386', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-2-386 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-2-386_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-2-586tsc', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-2-586tsc is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-2-586tsc_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-2-686', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-2-686 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-2-686_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-2-686-smp', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-2-686-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-2-686-smp_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-2-generic', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-2-generic is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-2-generic_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-2-itanium', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-2-itanium is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-2-itanium_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-2-itanium-smp', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-2-itanium-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-2-itanium-smp_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-2-k6', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-2-k6 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-2-k6_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-2-k7', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-2-k7 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-2-k7_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-2-k7-smp', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-2-k7-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-2-k7-smp_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-2-mckinley', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-2-mckinley is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-2-mckinley_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-2-mckinley-smp', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-2-mckinley-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-2-mckinley-smp_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-2-smp', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-2-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-2-smp_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-2-sparc32', release: '3.1', reference: '2.4.27-9sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-2-sparc32 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-2-sparc32_2.4.27-9sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-2-sparc32-smp', release: '3.1', reference: '2.4.27-9sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-2-sparc32-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-2-sparc32-smp_2.4.27-9sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-2-sparc64', release: '3.1', reference: '2.4.27-9sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-2-sparc64 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-2-sparc64_2.4.27-9sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-2-sparc64-smp', release: '3.1', reference: '2.4.27-9sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-2-sparc64-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-2-sparc64-smp_2.4.27-9sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-3', release: '3.1', reference: '2.4.27-9sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-3 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-3_2.4.27-9sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-3-386', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-3-386 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-3-386_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-3-586tsc', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-3-586tsc is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-3-586tsc_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-3-686', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-3-686 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-3-686_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-3-686-smp', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-3-686-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-3-686-smp_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-3-generic', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-3-generic is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-3-generic_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-3-itanium', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-3-itanium is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-3-itanium_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-3-itanium-smp', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-3-itanium-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-3-itanium-smp_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-3-k6', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-3-k6 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-3-k6_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-3-k7', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-3-k7 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-3-k7_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-3-k7-smp', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-3-k7-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-3-k7-smp_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-3-mckinley', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-3-mckinley is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-3-mckinley_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-3-mckinley-smp', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-3-mckinley-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-3-mckinley-smp_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-3-smp', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-3-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-3-smp_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-3-sparc32', release: '3.1', reference: '2.4.27-9sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-3-sparc32 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-3-sparc32_2.4.27-9sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-3-sparc32-smp', release: '3.1', reference: '2.4.27-9sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-3-sparc32-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-3-sparc32-smp_2.4.27-9sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-3-sparc64', release: '3.1', reference: '2.4.27-9sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-3-sparc64 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-3-sparc64_2.4.27-9sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-3-sparc64-smp', release: '3.1', reference: '2.4.27-9sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-3-sparc64-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-3-sparc64-smp_2.4.27-9sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-apus', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-apus is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-apus_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-nubus', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-nubus is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-nubus_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-powerpc', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-powerpc is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-powerpc_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.4.27-speakup', release: '3.1', reference: '2.4.27-1.1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.4.27-speakup is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.4.27-speakup_2.4.27-1.1sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4-itanium', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4-itanium is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4-itanium_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4-itanium-smp', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4-itanium-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4-itanium-smp_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4-mckinley', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4-mckinley is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4-mckinley_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4-mckinley-smp', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4-mckinley-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4-mckinley-smp_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-2-386', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-2-386 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-2-386_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-2-586tsc', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-2-586tsc is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-2-586tsc_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-2-686', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-2-686 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-2-686_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-2-686-smp', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-2-686-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-2-686-smp_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-2-generic', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-2-generic is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-2-generic_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-2-itanium', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-2-itanium is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-2-itanium_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-2-itanium-smp', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-2-itanium-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-2-itanium-smp_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-2-k6', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-2-k6 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-2-k6_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-2-k7', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-2-k7 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-2-k7_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-2-k7-smp', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-2-k7-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-2-k7-smp_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-2-mckinley', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-2-mckinley is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-2-mckinley_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-2-mckinley-smp', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-2-mckinley-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-2-mckinley-smp_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-2-s390', release: '3.1', reference: '2.4.27-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-2-s390 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-2-s390_2.4.27-2sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-2-s390-tape', release: '3.1', reference: '2.4.27-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-2-s390-tape is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-2-s390-tape_2.4.27-2sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-2-s390x', release: '3.1', reference: '2.4.27-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-2-s390x is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-2-s390x_2.4.27-2sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-2-smp', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-2-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-2-smp_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-2-sparc32', release: '3.1', reference: '2.4.27-9sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-2-sparc32 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-2-sparc32_2.4.27-9sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-2-sparc32-smp', release: '3.1', reference: '2.4.27-9sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-2-sparc32-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-2-sparc32-smp_2.4.27-9sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-2-sparc64', release: '3.1', reference: '2.4.27-9sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-2-sparc64 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-2-sparc64_2.4.27-9sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-2-sparc64-smp', release: '3.1', reference: '2.4.27-9sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-2-sparc64-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-2-sparc64-smp_2.4.27-9sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-3-386', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-3-386 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-3-386_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-3-586tsc', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-3-586tsc is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-3-586tsc_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-3-686', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-3-686 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-3-686_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-3-686-smp', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-3-686-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-3-686-smp_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-3-generic', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-3-generic is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-3-generic_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-3-itanium', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-3-itanium is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-3-itanium_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-3-itanium-smp', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-3-itanium-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-3-itanium-smp_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-3-k6', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-3-k6 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-3-k6_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-3-k7', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-3-k7 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-3-k7_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-3-k7-smp', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-3-k7-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-3-k7-smp_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-3-mckinley', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-3-mckinley is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-3-mckinley_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-3-mckinley-smp', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-3-mckinley-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-3-mckinley-smp_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-3-s390', release: '3.1', reference: '2.4.27-2sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-3-s390 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-3-s390_2.4.27-2sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-3-s390-tape', release: '3.1', reference: '2.4.27-2sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-3-s390-tape is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-3-s390-tape_2.4.27-2sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-3-s390x', release: '3.1', reference: '2.4.27-2sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-3-s390x is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-3-s390x_2.4.27-2sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-3-smp', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-3-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-3-smp_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-3-sparc32', release: '3.1', reference: '2.4.27-9sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-3-sparc32 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-3-sparc32_2.4.27-9sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-3-sparc32-smp', release: '3.1', reference: '2.4.27-9sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-3-sparc32-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-3-sparc32-smp_2.4.27-9sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-3-sparc64', release: '3.1', reference: '2.4.27-9sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-3-sparc64 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-3-sparc64_2.4.27-9sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-3-sparc64-smp', release: '3.1', reference: '2.4.27-9sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-3-sparc64-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-3-sparc64-smp_2.4.27-9sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-amiga', release: '3.1', reference: '2.4.27-3sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-amiga is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-amiga_2.4.27-3sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-apus', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-apus is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-apus_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-atari', release: '3.1', reference: '2.4.27-3sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-atari is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-atari_2.4.27-3sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-bast', release: '3.1', reference: '2.4.27-2sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-bast is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-bast_2.4.27-2sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-bvme6000', release: '3.1', reference: '2.4.27-3sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-bvme6000 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-bvme6000_2.4.27-3sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-lart', release: '3.1', reference: '2.4.27-2sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-lart is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-lart_2.4.27-2sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-mac', release: '3.1', reference: '2.4.27-3sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-mac is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-mac_2.4.27-3sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-mvme147', release: '3.1', reference: '2.4.27-3sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-mvme147 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-mvme147_2.4.27-3sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-mvme16x', release: '3.1', reference: '2.4.27-3sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-mvme16x is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-mvme16x_2.4.27-3sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-netwinder', release: '3.1', reference: '2.4.27-2sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-netwinder is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-netwinder_2.4.27-2sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-nubus', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-nubus is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-nubus_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-powerpc', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-powerpc is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-powerpc_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-powerpc-small', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-powerpc-small is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-powerpc-small_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-powerpc-smp', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-powerpc-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-powerpc-smp_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-q40', release: '3.1', reference: '2.4.27-3sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-q40 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-q40_2.4.27-3sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-r3k-kn02', release: '3.1', reference: '2.4.27-10.sarge4.040815-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-r3k-kn02 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-r3k-kn02_2.4.27-10.sarge4.040815-1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-r4k-ip22', release: '3.1', reference: '2.4.27-10.sarge4.040815-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-r4k-ip22 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-r4k-ip22_2.4.27-10.sarge4.040815-1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-r4k-kn04', release: '3.1', reference: '2.4.27-10.sarge4.040815-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-r4k-kn04 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-r4k-kn04_2.4.27-10.sarge4.040815-1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-r5k-cobalt', release: '3.1', reference: '2.4.27-10.sarge4.040815-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-r5k-cobalt is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-r5k-cobalt_2.4.27-10.sarge4.040815-1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-r5k-ip22', release: '3.1', reference: '2.4.27-10.sarge4.040815-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-r5k-ip22 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-r5k-ip22_2.4.27-10.sarge4.040815-1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-r5k-lasat', release: '3.1', reference: '2.4.27-10.sarge4.040815-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-r5k-lasat is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-r5k-lasat_2.4.27-10.sarge4.040815-1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-riscpc', release: '3.1', reference: '2.4.27-2sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-riscpc is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-riscpc_2.4.27-2sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-riscstation', release: '3.1', reference: '2.4.27-2sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-riscstation is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-riscstation_2.4.27-2sarge4\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-sb1-swarm-bn', release: '3.1', reference: '2.4.27-10.sarge4.040815-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-sb1-swarm-bn is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-sb1-swarm-bn_2.4.27-10.sarge4.040815-1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-speakup', release: '3.1', reference: '2.4.27-1.1sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-speakup is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-speakup_2.4.27-1.1sarge3\n');
+}
+if (deb_check(prefix: 'kernel-image-2.4.27-xxs1500', release: '3.1', reference: '2.4.27-10.sarge4.040815-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.4.27-xxs1500 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.4.27-xxs1500_2.4.27-10.sarge4.040815-1\n');
+}
+if (deb_check(prefix: 'kernel-patch-2.4.27-apus', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-patch-2.4.27-apus is vulnerable in Debian 3.1.\nUpgrade to kernel-patch-2.4.27-apus_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-patch-2.4.27-nubus', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-patch-2.4.27-nubus is vulnerable in Debian 3.1.\nUpgrade to kernel-patch-2.4.27-nubus_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-patch-2.4.27-powerpc', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-patch-2.4.27-powerpc is vulnerable in Debian 3.1.\nUpgrade to kernel-patch-2.4.27-powerpc_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-patch-2.4.27-s390', release: '3.1', reference: '2.4.27-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-patch-2.4.27-s390 is vulnerable in Debian 3.1.\nUpgrade to kernel-patch-2.4.27-s390_2.4.27-2sarge1\n');
+}
+if (deb_check(prefix: 'kernel-patch-debian-2.4.27', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-patch-debian-2.4.27 is vulnerable in Debian 3.1.\nUpgrade to kernel-patch-debian-2.4.27_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-pcmcia-modules-2.4.27-2-386', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-pcmcia-modules-2.4.27-2-386 is vulnerable in Debian 3.1.\nUpgrade to kernel-pcmcia-modules-2.4.27-2-386_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-pcmcia-modules-2.4.27-2-586tsc', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-pcmcia-modules-2.4.27-2-586tsc is vulnerable in Debian 3.1.\nUpgrade to kernel-pcmcia-modules-2.4.27-2-586tsc_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-pcmcia-modules-2.4.27-2-686', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-pcmcia-modules-2.4.27-2-686 is vulnerable in Debian 3.1.\nUpgrade to kernel-pcmcia-modules-2.4.27-2-686_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-pcmcia-modules-2.4.27-2-686-smp', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-pcmcia-modules-2.4.27-2-686-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-pcmcia-modules-2.4.27-2-686-smp_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-pcmcia-modules-2.4.27-2-k6', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-pcmcia-modules-2.4.27-2-k6 is vulnerable in Debian 3.1.\nUpgrade to kernel-pcmcia-modules-2.4.27-2-k6_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-pcmcia-modules-2.4.27-2-k7', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-pcmcia-modules-2.4.27-2-k7 is vulnerable in Debian 3.1.\nUpgrade to kernel-pcmcia-modules-2.4.27-2-k7_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-pcmcia-modules-2.4.27-2-k7-smp', release: '3.1', reference: '2.4.27-10sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-pcmcia-modules-2.4.27-2-k7-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-pcmcia-modules-2.4.27-2-k7-smp_2.4.27-10sarge1\n');
+}
+if (deb_check(prefix: 'kernel-pcmcia-modules-2.4.27-3-386', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-pcmcia-modules-2.4.27-3-386 is vulnerable in Debian 3.1.\nUpgrade to kernel-pcmcia-modules-2.4.27-3-386_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-pcmcia-modules-2.4.27-3-586tsc', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-pcmcia-modules-2.4.27-3-586tsc is vulnerable in Debian 3.1.\nUpgrade to kernel-pcmcia-modules-2.4.27-3-586tsc_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-pcmcia-modules-2.4.27-3-686', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-pcmcia-modules-2.4.27-3-686 is vulnerable in Debian 3.1.\nUpgrade to kernel-pcmcia-modules-2.4.27-3-686_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-pcmcia-modules-2.4.27-3-686-smp', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-pcmcia-modules-2.4.27-3-686-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-pcmcia-modules-2.4.27-3-686-smp_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-pcmcia-modules-2.4.27-3-k6', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-pcmcia-modules-2.4.27-3-k6 is vulnerable in Debian 3.1.\nUpgrade to kernel-pcmcia-modules-2.4.27-3-k6_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-pcmcia-modules-2.4.27-3-k7', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-pcmcia-modules-2.4.27-3-k7 is vulnerable in Debian 3.1.\nUpgrade to kernel-pcmcia-modules-2.4.27-3-k7_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-pcmcia-modules-2.4.27-3-k7-smp', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-pcmcia-modules-2.4.27-3-k7-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-pcmcia-modules-2.4.27-3-k7-smp_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-source-2.4.27', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-source-2.4.27 is vulnerable in Debian 3.1.\nUpgrade to kernel-source-2.4.27_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'kernel-tree-2.4.27', release: '3.1', reference: '2.4.27-10sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-tree-2.4.27 is vulnerable in Debian 3.1.\nUpgrade to kernel-tree-2.4.27_2.4.27-10sarge4\n');
+}
+if (deb_check(prefix: 'mindi-kernel', release: '3.1', reference: '2.4.27-2sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mindi-kernel is vulnerable in Debian 3.1.\nUpgrade to mindi-kernel_2.4.27-2sarge3\n');
+}
+if (deb_check(prefix: 'mips-tools', release: '3.1', reference: '2.4.27-10.sarge4.040815-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mips-tools is vulnerable in Debian 3.1.\nUpgrade to mips-tools_2.4.27-10.sarge4.040815-1\n');
+}
+if (deb_check(prefix: 'systemimager-boot-i386-standard', release: '3.1', reference: '3.2.3-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package systemimager-boot-i386-standard is vulnerable in Debian 3.1.\nUpgrade to systemimager-boot-i386-standard_3.2.3-6sarge3\n');
+}
+if (deb_check(prefix: 'systemimager-boot-ia64-standard', release: '3.1', reference: '3.2.3-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package systemimager-boot-ia64-standard is vulnerable in Debian 3.1.\nUpgrade to systemimager-boot-ia64-standard_3.2.3-6sarge3\n');
+}
+if (deb_check(prefix: 'systemimager-client', release: '3.1', reference: '3.2.3-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package systemimager-client is vulnerable in Debian 3.1.\nUpgrade to systemimager-client_3.2.3-6sarge3\n');
+}
+if (deb_check(prefix: 'systemimager-common', release: '3.1', reference: '3.2.3-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package systemimager-common is vulnerable in Debian 3.1.\nUpgrade to systemimager-common_3.2.3-6sarge3\n');
+}
+if (deb_check(prefix: 'systemimager-doc', release: '3.1', reference: '3.2.3-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package systemimager-doc is vulnerable in Debian 3.1.\nUpgrade to systemimager-doc_3.2.3-6sarge3\n');
+}
+if (deb_check(prefix: 'systemimager-server', release: '3.1', reference: '3.2.3-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package systemimager-server is vulnerable in Debian 3.1.\nUpgrade to systemimager-server_3.2.3-6sarge3\n');
+}
+if (deb_check(prefix: 'systemimager-server-flamethrowerd', release: '3.1', reference: '3.2.3-6sarge3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package systemimager-server-flamethrowerd is vulnerable in Debian 3.1.\nUpgrade to systemimager-server-flamethrowerd_3.2.3-6sarge3\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1184.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1184.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1184.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,691 @@
+# This script was automatically generated from the dsa-1184
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+This advisory covers the S/390 components of the recent security
+update for the Linux 2.6.8 kernel that were missing due to technical
+problems. For reference, please see the text of the original advisory.
+Several security related problems have been discovered in the Linux
+kernel which may lead to a denial of service or even the execution of
+arbitrary code. The Common Vulnerabilities and Exposures project
+identifies the following problems:
+ Toshihiro Iwamoto discovered a memory leak in the handling of
+ direct I/O writes that allows local users to cause a denial of
+ service.
+ A buffer overflow in NFS readlink handling allows a malicious
+ remote server to cause a denial of service.
+ Stephen Smalley discovered a bug in the SELinux ptrace handling
+ that allows local users with ptrace permissions to change the
+ tracer SID to the SID of another process.
+ Pavel Kankovsky discovered an information leak in the getsockopt
+ system call which can be exploited by a local program to leak
+ potentially sensitive memory to userspace.
+ Douglas Gilbert reported a bug in the sg driver that allows local
+ users to cause a denial of service by performing direct I/O
+ transfers from the sg driver to memory mapped I/O space.
+ Mattia Belletti noticed that certain debugging code left in the
+ process management code could be exploited by a local attacker to
+ cause a denial of service.
+ Kostik Belousov discovered a missing LSM file_permission check in
+ the readv and writev functions which might allow attackers to
+ bypass intended access restrictions.
+ Patrick McHardy discovered a bug in the SNMP NAT helper that
+ allows remote attackers to cause a denial of service.
+ A race condition in the socket buffer handling allows remote
+ attackers to cause a denial of service.
+ Diego Calleja Garcia discovered a buffer overflow in the DVD
+ handling code that could be exploited by a specially crafted DVD
+ USB storage device to execute arbitrary code.
+ A bug in the serial USB driver has been discovered that could be
+ exploited by a custom made USB serial adapter to consume arbitrary
+ amounts of memory.
+ James McKenzie discovered a denial of service vulnerability in the
+ NFS driver. When exporting an ext3 file system over NFS, a remote
+ attacker could exploit this to trigger a file system panic by
+ sending a specially crafted UDP packet.
+ Wei Wang discovered a bug in the SCTP implementation that allows
+ local users to cause a denial of service and possibly gain root
+ privileges.
+ Olof Johansson discovered that the kernel does not disable the HID0
+ bit on PowerPC 970 processors which could be exploited by a local
+ attacker to cause a denial of service.
+ A bug in the Universal Disk Format (UDF) filesystem driver could
+ be exploited by a local user to cause a denial of service.
+ David Miller reported a problem with the fix for CVE-2006-3745
+ that allows local users to crash the system via an SCTP
+ socket with a certain SO_LINGER value.
+The following matrix
+[...]
+
+Solution : http://www.debian.org/security/2006/dsa-1184
+Risk factor : High';
+
+if (description) {
+ script_id(22726);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1184");
+ script_cve_id("CVE-2004-2660", "CVE-2005-4798", "CVE-2006-1052", "CVE-2006-1343", "CVE-2006-1528", "CVE-2006-1855", "CVE-2006-1856");
+ script_bugtraq_id(17203, 17830, 18081, 18099, 18101, 18105, 18847);
+ script_xref(name: "CERT", value: "681569");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1184] DSA-1184-2 kernel-source-2.6.8");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1184-2 kernel-source-2.6.8");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'fai-kernels', release: '3.1', reference: '1.9.1sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package fai-kernels is vulnerable in Debian 3.1.\nUpgrade to fai-kernels_1.9.1sarge4\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-2', release: '3.1', reference: '2.6.8-15sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-2 is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-2_2.6.8-15sarge1\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-3', release: '3.1', reference: '2.6.8-15sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-3 is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-3_2.6.8-15sarge5\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-3-power3', release: '3.1', reference: '2.6.8-12sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-3-power3 is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-3-power3_2.6.8-12sarge5\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-3-power3-smp', release: '3.1', reference: '2.6.8-12sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-3-power3-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-3-power3-smp_2.6.8-12sarge5\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-3-power4', release: '3.1', reference: '2.6.8-12sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-3-power4 is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-3-power4_2.6.8-12sarge5\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-3-power4-smp', release: '3.1', reference: '2.6.8-12sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-3-power4-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-3-power4-smp_2.6.8-12sarge5\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-3-powerpc', release: '3.1', reference: '2.6.8-12sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-3-powerpc is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-3-powerpc_2.6.8-12sarge5\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-3-powerpc-smp', release: '3.1', reference: '2.6.8-12sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-3-powerpc-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-3-powerpc-smp_2.6.8-12sarge5\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-power3', release: '3.1', reference: '2.6.8-12sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-power3 is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-power3_2.6.8-12sarge1\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-power3-smp', release: '3.1', reference: '2.6.8-12sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-power3-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-power3-smp_2.6.8-12sarge1\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-power4', release: '3.1', reference: '2.6.8-12sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-power4 is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-power4_2.6.8-12sarge1\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-power4-smp', release: '3.1', reference: '2.6.8-12sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-power4-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-power4-smp_2.6.8-12sarge1\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-powerpc', release: '3.1', reference: '2.6.8-12sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-powerpc is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-powerpc_2.6.8-12sarge1\n');
+}
+if (deb_check(prefix: 'kernel-build-2.6.8-powerpc-smp', release: '3.1', reference: '2.6.8-12sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-build-2.6.8-powerpc-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-build-2.6.8-powerpc-smp_2.6.8-12sarge1\n');
+}
+if (deb_check(prefix: 'kernel-doc-2.6.8', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-doc-2.6.8 is vulnerable in Debian 3.1.\nUpgrade to kernel-doc-2.6.8_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6-itanium', release: '3.1', reference: '2.6.8-14sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6-itanium is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6-itanium_2.6.8-14sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6-itanium-smp', release: '3.1', reference: '2.6.8-14sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6-itanium-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6-itanium-smp_2.6.8-14sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6-mckinley', release: '3.1', reference: '2.6.8-14sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6-mckinley is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6-mckinley_2.6.8-14sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6-mckinley-smp', release: '3.1', reference: '2.6.8-14sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6-mckinley-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6-mckinley-smp_2.6.8-14sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8', release: '3.1', reference: '2.6.8-12sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8_2.6.8-12sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-11', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-11 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-11_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-11-amd64-generic', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-11-amd64-generic is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-11-amd64-generic_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-11-amd64-k8', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-11-amd64-k8 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-11-amd64-k8_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-11-amd64-k8-smp', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-11-amd64-k8-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-11-amd64-k8-smp_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-11-em64t-p4', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-11-em64t-p4 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-11-em64t-p4_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-11-em64t-p4-smp', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-11-em64t-p4-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-11-em64t-p4-smp_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-12', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-12 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-12_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-12-amd64-generic', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-12-amd64-generic is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-12-amd64-generic_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-12-amd64-k8', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-12-amd64-k8 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-12-amd64-k8_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-12-amd64-k8-smp', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-12-amd64-k8-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-12-amd64-k8-smp_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-12-em64t-p4', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-12-em64t-p4 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-12-em64t-p4_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-12-em64t-p4-smp', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-12-em64t-p4-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-12-em64t-p4-smp_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-2', release: '3.1', reference: '2.6.8-15sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-2 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-2_2.6.8-15sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-2-32', release: '3.1', reference: '2.6.8-6sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-2-32 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-2-32_2.6.8-6sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-2-32-smp', release: '3.1', reference: '2.6.8-6sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-2-32-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-2-32-smp_2.6.8-6sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-2-386', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-2-386 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-2-386_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-2-64', release: '3.1', reference: '2.6.8-6sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-2-64 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-2-64_2.6.8-6sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-2-64-smp', release: '3.1', reference: '2.6.8-6sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-2-64-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-2-64-smp_2.6.8-6sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-2-686', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-2-686 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-2-686_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-2-686-smp', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-2-686-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-2-686-smp_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-2-generic', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-2-generic is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-2-generic_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-2-itanium', release: '3.1', reference: '2.6.8-14sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-2-itanium is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-2-itanium_2.6.8-14sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-2-itanium-smp', release: '3.1', reference: '2.6.8-14sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-2-itanium-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-2-itanium-smp_2.6.8-14sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-2-k7', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-2-k7 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-2-k7_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-2-k7-smp', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-2-k7-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-2-k7-smp_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-2-mckinley', release: '3.1', reference: '2.6.8-14sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-2-mckinley is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-2-mckinley_2.6.8-14sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-2-mckinley-smp', release: '3.1', reference: '2.6.8-14sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-2-mckinley-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-2-mckinley-smp_2.6.8-14sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-2-smp', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-2-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-2-smp_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-2-sparc32', release: '3.1', reference: '2.6.8-15sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-2-sparc32 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-2-sparc32_2.6.8-15sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-2-sparc64', release: '3.1', reference: '2.6.8-15sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-2-sparc64 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-2-sparc64_2.6.8-15sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-2-sparc64-smp', release: '3.1', reference: '2.6.8-15sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-2-sparc64-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-2-sparc64-smp_2.6.8-15sarge1\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3', release: '3.1', reference: '2.6.8-15sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3_2.6.8-15sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-32', release: '3.1', reference: '2.6.8-6sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-32 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-32_2.6.8-6sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-32-smp', release: '3.1', reference: '2.6.8-6sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-32-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-32-smp_2.6.8-6sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-386', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-386 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-386_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-64', release: '3.1', reference: '2.6.8-6sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-64 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-64_2.6.8-6sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-64-smp', release: '3.1', reference: '2.6.8-6sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-64-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-64-smp_2.6.8-6sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-686', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-686 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-686_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-686-smp', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-686-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-686-smp_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-generic', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-generic is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-generic_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-itanium', release: '3.1', reference: '2.6.8-14sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-itanium is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-itanium_2.6.8-14sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-itanium-smp', release: '3.1', reference: '2.6.8-14sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-itanium-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-itanium-smp_2.6.8-14sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-k7', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-k7 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-k7_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-k7-smp', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-k7-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-k7-smp_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-mckinley', release: '3.1', reference: '2.6.8-14sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-mckinley is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-mckinley_2.6.8-14sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-mckinley-smp', release: '3.1', reference: '2.6.8-14sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-mckinley-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-mckinley-smp_2.6.8-14sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-smp', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-smp_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-sparc32', release: '3.1', reference: '2.6.8-15sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-sparc32 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-sparc32_2.6.8-15sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-sparc64', release: '3.1', reference: '2.6.8-15sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-sparc64 is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-sparc64_2.6.8-15sarge5\n');
+}
+if (deb_check(prefix: 'kernel-headers-2.6.8-3-sparc64-smp', release: '3.1', reference: '2.6.8-15sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-headers-2.6.8-3-sparc64-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-headers-2.6.8-3-sparc64-smp_2.6.8-15sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6-itanium', release: '3.1', reference: '2.6.8-14sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6-itanium is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6-itanium_2.6.8-14sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6-itanium-smp', release: '3.1', reference: '2.6.8-14sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6-itanium-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6-itanium-smp_2.6.8-14sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6-mckinley', release: '3.1', reference: '2.6.8-14sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6-mckinley is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6-mckinley_2.6.8-14sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6-mckinley-smp', release: '3.1', reference: '2.6.8-14sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6-mckinley-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6-mckinley-smp_2.6.8-14sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-11-amd64-generic', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-11-amd64-generic is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-11-amd64-generic_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-11-amd64-k8', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-11-amd64-k8 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-11-amd64-k8_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-11-amd64-k8-smp', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-11-amd64-k8-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-11-amd64-k8-smp_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-11-em64t-p4', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-11-em64t-p4 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-11-em64t-p4_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-11-em64t-p4-smp', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-11-em64t-p4-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-11-em64t-p4-smp_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-12-amd64-generic', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-12-amd64-generic is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-12-amd64-generic_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-12-amd64-k8', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-12-amd64-k8 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-12-amd64-k8_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-12-amd64-k8-smp', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-12-amd64-k8-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-12-amd64-k8-smp_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-12-em64t-p4', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-12-em64t-p4 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-12-em64t-p4_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-12-em64t-p4-smp', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-12-em64t-p4-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-12-em64t-p4-smp_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-2-32', release: '3.1', reference: '2.6.8-6sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-2-32 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-2-32_2.6.8-6sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-2-32-smp', release: '3.1', reference: '2.6.8-6sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-2-32-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-2-32-smp_2.6.8-6sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-2-386', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-2-386 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-2-386_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-2-64', release: '3.1', reference: '2.6.8-6sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-2-64 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-2-64_2.6.8-6sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-2-64-smp', release: '3.1', reference: '2.6.8-6sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-2-64-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-2-64-smp_2.6.8-6sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-2-686', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-2-686 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-2-686_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-2-686-smp', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-2-686-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-2-686-smp_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-2-generic', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-2-generic is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-2-generic_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-2-itanium', release: '3.1', reference: '2.6.8-14sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-2-itanium is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-2-itanium_2.6.8-14sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-2-itanium-smp', release: '3.1', reference: '2.6.8-14sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-2-itanium-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-2-itanium-smp_2.6.8-14sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-2-k7', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-2-k7 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-2-k7_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-2-k7-smp', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-2-k7-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-2-k7-smp_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-2-mckinley', release: '3.1', reference: '2.6.8-14sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-2-mckinley is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-2-mckinley_2.6.8-14sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-2-mckinley-smp', release: '3.1', reference: '2.6.8-14sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-2-mckinley-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-2-mckinley-smp_2.6.8-14sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-2-smp', release: '3.1', reference: '2.6.8-16sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-2-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-2-smp_2.6.8-16sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-2-sparc32', release: '3.1', reference: '2.6.8-15sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-2-sparc32 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-2-sparc32_2.6.8-15sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-2-sparc64', release: '3.1', reference: '2.6.8-15sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-2-sparc64 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-2-sparc64_2.6.8-15sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-2-sparc64-smp', release: '3.1', reference: '2.6.8-15sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-2-sparc64-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-2-sparc64-smp_2.6.8-15sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-32', release: '3.1', reference: '2.6.8-6sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-32 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-32_2.6.8-6sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-32-smp', release: '3.1', reference: '2.6.8-6sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-32-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-32-smp_2.6.8-6sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-386', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-386 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-386_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-64', release: '3.1', reference: '2.6.8-6sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-64 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-64_2.6.8-6sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-64-smp', release: '3.1', reference: '2.6.8-6sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-64-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-64-smp_2.6.8-6sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-686', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-686 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-686_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-686-smp', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-686-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-686-smp_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-generic', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-generic is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-generic_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-itanium', release: '3.1', reference: '2.6.8-14sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-itanium is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-itanium_2.6.8-14sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-itanium-smp', release: '3.1', reference: '2.6.8-14sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-itanium-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-itanium-smp_2.6.8-14sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-k7', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-k7 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-k7_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-k7-smp', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-k7-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-k7-smp_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-mckinley', release: '3.1', reference: '2.6.8-14sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-mckinley is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-mckinley_2.6.8-14sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-mckinley-smp', release: '3.1', reference: '2.6.8-14sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-mckinley-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-mckinley-smp_2.6.8-14sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-power3', release: '3.1', reference: '2.6.8-12sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-power3 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-power3_2.6.8-12sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-power3-smp', release: '3.1', reference: '2.6.8-12sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-power3-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-power3-smp_2.6.8-12sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-power4', release: '3.1', reference: '2.6.8-12sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-power4 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-power4_2.6.8-12sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-power4-smp', release: '3.1', reference: '2.6.8-12sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-power4-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-power4-smp_2.6.8-12sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-powerpc', release: '3.1', reference: '2.6.8-12sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-powerpc is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-powerpc_2.6.8-12sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-powerpc-smp', release: '3.1', reference: '2.6.8-12sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-powerpc-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-powerpc-smp_2.6.8-12sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-s390', release: '3.1', reference: '2.6.8-5sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-s390 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-s390_2.6.8-5sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-s390-tape', release: '3.1', reference: '2.6.8-5sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-s390-tape is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-s390-tape_2.6.8-5sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-s390x', release: '3.1', reference: '2.6.8-5sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-s390x is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-s390x_2.6.8-5sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-smp', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-smp_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-sparc32', release: '3.1', reference: '2.6.8-15sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-sparc32 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-sparc32_2.6.8-15sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-sparc64', release: '3.1', reference: '2.6.8-15sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-sparc64 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-sparc64_2.6.8-15sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-3-sparc64-smp', release: '3.1', reference: '2.6.8-15sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-3-sparc64-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-3-sparc64-smp_2.6.8-15sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-amiga', release: '3.1', reference: '2.6.8-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-amiga is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-amiga_2.6.8-4sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-atari', release: '3.1', reference: '2.6.8-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-atari is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-atari_2.6.8-4sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-bvme6000', release: '3.1', reference: '2.6.8-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-bvme6000 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-bvme6000_2.6.8-4sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-hp', release: '3.1', reference: '2.6.8-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-hp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-hp_2.6.8-4sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-mac', release: '3.1', reference: '2.6.8-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-mac is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-mac_2.6.8-4sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-mvme147', release: '3.1', reference: '2.6.8-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-mvme147 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-mvme147_2.6.8-4sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-mvme16x', release: '3.1', reference: '2.6.8-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-mvme16x is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-mvme16x_2.6.8-4sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-power3', release: '3.1', reference: '2.6.8-12sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-power3 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-power3_2.6.8-12sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-power3-smp', release: '3.1', reference: '2.6.8-12sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-power3-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-power3-smp_2.6.8-12sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-power4', release: '3.1', reference: '2.6.8-12sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-power4 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-power4_2.6.8-12sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-power4-smp', release: '3.1', reference: '2.6.8-12sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-power4-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-power4-smp_2.6.8-12sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-powerpc', release: '3.1', reference: '2.6.8-12sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-powerpc is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-powerpc_2.6.8-12sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-powerpc-smp', release: '3.1', reference: '2.6.8-12sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-powerpc-smp is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-powerpc-smp_2.6.8-12sarge1\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-q40', release: '3.1', reference: '2.6.8-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-q40 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-q40_2.6.8-4sarge5\n');
+}
+if (deb_check(prefix: 'kernel-image-2.6.8-sun3', release: '3.1', reference: '2.6.8-4sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-image-2.6.8-sun3 is vulnerable in Debian 3.1.\nUpgrade to kernel-image-2.6.8-sun3_2.6.8-4sarge5\n');
+}
+if (deb_check(prefix: 'kernel-patch-2.6.8-s390', release: '3.1', reference: '2.6.8-5sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-patch-2.6.8-s390 is vulnerable in Debian 3.1.\nUpgrade to kernel-patch-2.6.8-s390_2.6.8-5sarge5\n');
+}
+if (deb_check(prefix: 'kernel-patch-debian-2.6.8', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-patch-debian-2.6.8 is vulnerable in Debian 3.1.\nUpgrade to kernel-patch-debian-2.6.8_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-source-2.6.8', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-source-2.6.8 is vulnerable in Debian 3.1.\nUpgrade to kernel-source-2.6.8_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-tree-2.6.8', release: '3.1', reference: '2.6.8-16sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-tree-2.6.8 is vulnerable in Debian 3.1.\nUpgrade to kernel-tree-2.6.8_2.6.8-16sarge5\n');
+}
+if (deb_check(prefix: 'kernel-source-2.6.8', release: '4.0', reference: '2.6.18-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package kernel-source-2.6.8 is vulnerable in Debian 4.0.\nUpgrade to kernel-source-2.6.8_2.6.18-1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1185.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1185.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1185.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,98 @@
+# This script was automatically generated from the dsa-1185
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+The fix used to correct CVE-2006-2940 introduced code that could lead to
+the use of uninitialized memory. Such use is likely to cause the
+application using the openssl library to crash, and has the potential to
+allow an attacker to cause the execution of arbitrary code.
+For reference please find below the original advisory text:
+Multiple vulnerabilities have been discovered in the OpenSSL
+cryptographic software package that could allow an attacker to launch
+a denial of service attack by exhausting system resources or crashing
+processes on a victim\'s computer.
+ Dr S N Henson of the OpenSSL core team and Open Network
+ Security recently developed an ASN1 test suite for NISCC
+ (www.niscc.gov.uk). When the test suite was run against
+ OpenSSL two denial of service vulnerabilities were discovered.
+ During the parsing of certain invalid ASN1 structures an error
+ condition is mishandled. This can result in an infinite loop
+ which consumes system memory.
+ Any code which uses OpenSSL to parse ASN1 data from untrusted
+ sources is affected. This includes SSL servers which enable
+ client authentication and S/MIME applications.
+ Tavis Ormandy and Will Drewry of the Google Security Team
+ discovered a buffer overflow in SSL_get_shared_ciphers utility
+ function, used by some applications such as exim and mysql. An
+ attacker could send a list of ciphers that would overrun a
+ buffer.
+ Tavis Ormandy and Will Drewry of the Google Security Team
+ discovered a possible DoS in the sslv2 client code. Where a
+ client application uses OpenSSL to make a SSLv2 connection to
+ a malicious server that server could cause the client to
+ crash.
+ Dr S N Henson of the OpenSSL core team and Open Network
+ Security recently developed an ASN1 test suite for NISCC
+ (www.niscc.gov.uk). When the test suite was run against
+ OpenSSL a DoS was discovered.
+ Certain types of public key can take disproportionate amounts
+ of time to process. This could be used by an attacker in a
+ denial of service attack.
+For the stable distribution (sarge) these problems have been fixed in
+version 0.9.7e-3sarge4.
+For the unstable and testing distributions (sid and etch,
+respectively), these problems will be fixed in version 0.9.7k-3 of the
+openssl097 compatibility libraries, and version 0.9.8c-3 of the
+openssl package.
+We recommend that you upgrade your openssl package. Note that
+services linking against the openssl shared libraries will need to be
+restarted. Common examples of such services include most Mail
+Transport Agents, SSH servers, and web servers.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1185
+Risk factor : High';
+
+if (description) {
+ script_id(22727);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1185");
+ script_cve_id("CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1185] DSA-1185-2 openssl");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1185-2 openssl");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'libssl-dev', release: '3.1', reference: '0.9.7e-3sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libssl-dev is vulnerable in Debian 3.1.\nUpgrade to libssl-dev_0.9.7e-3sarge4\n');
+}
+if (deb_check(prefix: 'libssl0.9.7', release: '3.1', reference: '0.9.7e-3sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libssl0.9.7 is vulnerable in Debian 3.1.\nUpgrade to libssl0.9.7_0.9.7e-3sarge4\n');
+}
+if (deb_check(prefix: 'openssl', release: '3.1', reference: '0.9')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openssl is vulnerable in Debian 3.1.\nUpgrade to openssl_0.9\n');
+}
+if (deb_check(prefix: 'openssl', release: '3.1', reference: '0.9.7e-3sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openssl is vulnerable in Debian sarge.\nUpgrade to openssl_0.9.7e-3sarge4\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1186.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1186.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1186.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,56 @@
+# This script was automatically generated from the dsa-1186
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Will Drewry of the Google Security Team discovered several buffer overflows
+in cscope, a source browsing tool, which might lead to the execution of
+arbitrary code.
+For the stable distribution (sarge) this problem has been fixed in
+version 15.5-1.1sarge2.
+For the unstable distribution (sid) this problem has been fixed in
+version 15.5+cvs20060902-1.
+We recommend that you upgrade your cscope package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1186
+Risk factor : High';
+
+if (description) {
+ script_id(22728);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1186");
+ script_cve_id("CVE-2006-4262");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1186] DSA-1186-1 cscope");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1186-1 cscope");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'cscope', release: '3.1', reference: '15.5-1.1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package cscope is vulnerable in Debian 3.1.\nUpgrade to cscope_15.5-1.1sarge2\n');
+}
+if (deb_check(prefix: 'cscope', release: '4.0', reference: '15.5+cvs20060902-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package cscope is vulnerable in Debian 4.0.\nUpgrade to cscope_15.5+cvs20060902-1\n');
+}
+if (deb_check(prefix: 'cscope', release: '3.1', reference: '15.5-1.1sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package cscope is vulnerable in Debian sarge.\nUpgrade to cscope_15.5-1.1sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1187.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1187.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1187.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,56 @@
+# This script was automatically generated from the dsa-1187
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Jason Hoover discovered that migrationtools, a collection of scripts
+to migrate user data to LDAP creates several temporary files insecurely,
+which might lead to denial of service through a symlink attack.
+For the stable distribution (sarge) this problem has been fixed in
+version 46-1sarge1.
+For the unstable distribution (sid) this problem has been fixed in
+version 46-2.1.
+We recommend that you upgrade your migrationtools package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1187
+Risk factor : High';
+
+if (description) {
+ script_id(22729);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1187");
+ script_cve_id("CVE-2006-0512");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1187] DSA-1187-1 migrationtools");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1187-1 migrationtools");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'migrationtools', release: '3.1', reference: '46-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package migrationtools is vulnerable in Debian 3.1.\nUpgrade to migrationtools_46-1sarge1\n');
+}
+if (deb_check(prefix: 'migrationtools', release: '4.0', reference: '46-2.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package migrationtools is vulnerable in Debian 4.0.\nUpgrade to migrationtools_46-2.1\n');
+}
+if (deb_check(prefix: 'migrationtools', release: '3.1', reference: '46-1sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package migrationtools is vulnerable in Debian sarge.\nUpgrade to migrationtools_46-1sarge1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1188.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1188.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1188.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,62 @@
+# This script was automatically generated from the dsa-1188
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Several security related problems have been discovered in mailman, the
+web-based GNU mailing list manager. The Common Vulnerabilities and
+Exposures project identifies the following problems:
+ Moritz Naumann discovered several cross-site scripting problems
+ that could allow remote attackers to inject arbitrary web script code
+ or HTML.
+ Moritz Naumann discovered that a remote attacker can inject
+ arbitrary strings into the logfile.
+For the stable distribution (sarge) these problems have been fixed in
+version 2.1.5-8sarge5.
+For the unstable distribution (sid) these problems have been fixed in
+version 2.1.8-3.
+We recommend that you upgrade your mailman package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1188
+Risk factor : High';
+
+if (description) {
+ script_id(22730);
+ script_version("$Revision: 1.3 $");
+ script_xref(name: "DSA", value: "1188");
+ script_cve_id("CVE-2006-3636", "CVE-2006-4624");
+ script_bugtraq_id(19831);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1188] DSA-1188-1 mailman");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1188-1 mailman");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'mailman', release: '3.1', reference: '2.1.5-8sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mailman is vulnerable in Debian 3.1.\nUpgrade to mailman_2.1.5-8sarge5\n');
+}
+if (deb_check(prefix: 'mailman', release: '4.0', reference: '2.1.8-3')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mailman is vulnerable in Debian 4.0.\nUpgrade to mailman_2.1.8-3\n');
+}
+if (deb_check(prefix: 'mailman', release: '3.1', reference: '2.1.5-8sarge5')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mailman is vulnerable in Debian sarge.\nUpgrade to mailman_2.1.5-8sarge5\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1189.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1189.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1189.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,69 @@
+# This script was automatically generated from the dsa-1189
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Several remote vulnerabilities have been discovered in OpenSSH, a free
+implementation of the Secure Shell protocol, which may lead to denial of
+service and potentially the execution of arbitrary code. The Common
+Vulnerabilities and Exposures project identifies the following problems:
+ Tavis Ormandy of the Google Security Team discovered a denial of
+ service vulnerability in the mitigation code against complexity
+ attacks, which might lead to increased CPU consumption until a
+ timeout is triggered. This is only exploitable if support for
+ SSH protocol version 1 is enabled.
+ Mark Dowd discovered that insecure signal handler usage could
+ potentially lead to execution of arbitrary code through a double
+ free. The Debian Security Team doesn\'t believe the general openssh
+ package without Kerberos support to be exploitable by this issue.
+ However, due to the complexity of the underlying code we will
+ issue an update to rule out all eventualities.
+For the stable distribution (sarge) these problems have been fixed in
+version 3.8.1p1-7sarge1.
+For the unstable distribution (sid) these problems have been fixed in
+version 4.3p2-4 of openssh. openssh-krb5 will soon be converted towards
+a transitional package against openssh.
+We recommend that you upgrade your openssh-krb5 packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1189
+Risk factor : High';
+
+if (description) {
+ script_id(22731);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1189");
+ script_cve_id("CVE-2006-4924", "CVE-2006-5051");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1189] DSA-1189-1 openssh-krb5");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1189-1 openssh-krb5");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'ssh-krb5', release: '3.1', reference: '3.8.1p1-7sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package ssh-krb5 is vulnerable in Debian 3.1.\nUpgrade to ssh-krb5_3.8.1p1-7sarge1\n');
+}
+if (deb_check(prefix: 'openssh-krb5', release: '4.0', reference: '4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openssh-krb5 is vulnerable in Debian 4.0.\nUpgrade to openssh-krb5_4\n');
+}
+if (deb_check(prefix: 'openssh-krb5', release: '3.1', reference: '3.8.1p1-7sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openssh-krb5 is vulnerable in Debian sarge.\nUpgrade to openssh-krb5_3.8.1p1-7sarge1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1190.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1190.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1190.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,123 @@
+# This script was automatically generated from the dsa-1190
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Oliver Karow discovered that the WebDBM frontend of the MaxDB database
+performs insufficient sanitising of requests passed to it, which might
+lead to the execution of arbitrary code.
+For the stable distribution (sarge) this problem has been fixed in
+version 7.5.00.24-4.
+For the unstable distribution (sid) this problem will be fixed soon.
+We recommend that you upgrade your maxdb-7.5.00 package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1190
+Risk factor : High';
+
+if (description) {
+ script_id(22904);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1190");
+ script_cve_id("CVE-2006-4305");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1190] DSA-1190-1 maxdb-7.5.00");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1190-1 maxdb-7.5.00");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'libsqldbc7.5.00', release: '3.1', reference: '7.5.00.24-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libsqldbc7.5.00 is vulnerable in Debian 3.1.\nUpgrade to libsqldbc7.5.00_7.5.00.24-4\n');
+}
+if (deb_check(prefix: 'libsqldbc7.5.00-dev', release: '3.1', reference: '7.5.00.24-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libsqldbc7.5.00-dev is vulnerable in Debian 3.1.\nUpgrade to libsqldbc7.5.00-dev_7.5.00.24-4\n');
+}
+if (deb_check(prefix: 'libsqlod7.5.00', release: '3.1', reference: '7.5.00.24-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libsqlod7.5.00 is vulnerable in Debian 3.1.\nUpgrade to libsqlod7.5.00_7.5.00.24-4\n');
+}
+if (deb_check(prefix: 'libsqlod7.5.00-dev', release: '3.1', reference: '7.5.00.24-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libsqlod7.5.00-dev is vulnerable in Debian 3.1.\nUpgrade to libsqlod7.5.00-dev_7.5.00.24-4\n');
+}
+if (deb_check(prefix: 'maxdb-dbanalyzer', release: '3.1', reference: '7.5.00.24-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package maxdb-dbanalyzer is vulnerable in Debian 3.1.\nUpgrade to maxdb-dbanalyzer_7.5.00.24-4\n');
+}
+if (deb_check(prefix: 'maxdb-dbmcli', release: '3.1', reference: '7.5.00.24-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package maxdb-dbmcli is vulnerable in Debian 3.1.\nUpgrade to maxdb-dbmcli_7.5.00.24-4\n');
+}
+if (deb_check(prefix: 'maxdb-loadercli', release: '3.1', reference: '7.5.00.24-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package maxdb-loadercli is vulnerable in Debian 3.1.\nUpgrade to maxdb-loadercli_7.5.00.24-4\n');
+}
+if (deb_check(prefix: 'maxdb-lserver', release: '3.1', reference: '7.5.00.24-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package maxdb-lserver is vulnerable in Debian 3.1.\nUpgrade to maxdb-lserver_7.5.00.24-4\n');
+}
+if (deb_check(prefix: 'maxdb-server', release: '3.1', reference: '7.5.00.24-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package maxdb-server is vulnerable in Debian 3.1.\nUpgrade to maxdb-server_7.5.00.24-4\n');
+}
+if (deb_check(prefix: 'maxdb-server-7.5.00', release: '3.1', reference: '7.5.00.24-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package maxdb-server-7.5.00 is vulnerable in Debian 3.1.\nUpgrade to maxdb-server-7.5.00_7.5.00.24-4\n');
+}
+if (deb_check(prefix: 'maxdb-server-dbg-7.5.00', release: '3.1', reference: '7.5.00.24-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package maxdb-server-dbg-7.5.00 is vulnerable in Debian 3.1.\nUpgrade to maxdb-server-dbg-7.5.00_7.5.00.24-4\n');
+}
+if (deb_check(prefix: 'maxdb-sqlcli', release: '3.1', reference: '7.5.00.24-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package maxdb-sqlcli is vulnerable in Debian 3.1.\nUpgrade to maxdb-sqlcli_7.5.00.24-4\n');
+}
+if (deb_check(prefix: 'maxdb-webtools', release: '3.1', reference: '7.5.00.24-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package maxdb-webtools is vulnerable in Debian 3.1.\nUpgrade to maxdb-webtools_7.5.00.24-4\n');
+}
+if (deb_check(prefix: 'python-maxdb', release: '3.1', reference: '7.5.00.24-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python-maxdb is vulnerable in Debian 3.1.\nUpgrade to python-maxdb_7.5.00.24-4\n');
+}
+if (deb_check(prefix: 'python-maxdb-loader', release: '3.1', reference: '7.5.00.24-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python-maxdb-loader is vulnerable in Debian 3.1.\nUpgrade to python-maxdb-loader_7.5.00.24-4\n');
+}
+if (deb_check(prefix: 'python2.3-maxdb', release: '3.1', reference: '7.5.00.24-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.3-maxdb is vulnerable in Debian 3.1.\nUpgrade to python2.3-maxdb_7.5.00.24-4\n');
+}
+if (deb_check(prefix: 'python2.3-maxdb-loader', release: '3.1', reference: '7.5.00.24-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.3-maxdb-loader is vulnerable in Debian 3.1.\nUpgrade to python2.3-maxdb-loader_7.5.00.24-4\n');
+}
+if (deb_check(prefix: 'python2.4-maxdb', release: '3.1', reference: '7.5.00.24-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.4-maxdb is vulnerable in Debian 3.1.\nUpgrade to python2.4-maxdb_7.5.00.24-4\n');
+}
+if (deb_check(prefix: 'python2.4-maxdb-loader', release: '3.1', reference: '7.5.00.24-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.4-maxdb-loader is vulnerable in Debian 3.1.\nUpgrade to python2.4-maxdb-loader_7.5.00.24-4\n');
+}
+if (deb_check(prefix: 'maxdb-7.5.00', release: '3.1', reference: '7.5.00.24-4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package maxdb-7.5.00 is vulnerable in Debian sarge.\nUpgrade to maxdb-7.5.00_7.5.00.24-4\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1191.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1191.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1191.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,92 @@
+# This script was automatically generated from the dsa-1191
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Several security related problems have been discovered in Mozilla and
+derived products such as Mozilla Thunderbird. The Common
+Vulnerabilities and Exposures project identifies the following
+vulnerabilities:
+ Fernando Ribeiro discovered that a vulnerability in the getRawDER
+ function allows remote attackers to cause a denial of service
+ (hang) and possibly execute arbitrary code.
+ Daniel Bleichenbacher recently described an implementation error
+ in RSA signature verification that cause the application to
+ incorrectly trust SSL certificates.
+ Priit Laes reported that a JavaScript regular expression can
+ trigger a heap-based buffer overflow which allows remote attackers
+ to cause a denial of service and possibly execute arbitrary code.
+ A vulnerability has been discovered that allows remote attackers
+ to bypass the security model and inject content into the sub-frame
+ of another site.
+ Georgi Guninski demonstrated that even with JavaScript disabled in
+ mail (the default) an attacker can still execute JavaScript when a
+ mail message is viewed, replied to, or forwarded.
+ Multiple unspecified vulnerabilities in Firefox, Thunderbird and
+ SeaMonkey allow remote attackers to cause a denial of service,
+ corrupt memory, and possibly execute arbitrary code.
+For the stable distribution (sarge) these problems have been fixed in
+version 1.0.2-2.sarge1.0.8c.1.
+For the unstable distribution (sid) these problems have been fixed in
+version 1.5.0.7-1.
+We recommend that you upgrade your Mozilla Thunderbird packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1191
+Risk factor : High';
+
+if (description) {
+ script_id(22732);
+ script_version("$Revision: 1.3 $");
+ script_xref(name: "DSA", value: "1191");
+ script_cve_id("CVE-2006-2788", "CVE-2006-4340", "CVE-2006-4565", "CVE-2006-4566", "CVE-2006-4568", "CVE-2006-4570", "CVE-2006-4571");
+ script_bugtraq_id(20042);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1191] DSA-1191-1 mozilla-thunderbird");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1191-1 mozilla-thunderbird");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'mozilla-thunderbird', release: '3.1', reference: '1.0.2-2.sarge1.0.8c.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-thunderbird is vulnerable in Debian 3.1.\nUpgrade to mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1\n');
+}
+if (deb_check(prefix: 'mozilla-thunderbird-dev', release: '3.1', reference: '1.0.2-2.sarge1.0.8c.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-thunderbird-dev is vulnerable in Debian 3.1.\nUpgrade to mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1\n');
+}
+if (deb_check(prefix: 'mozilla-thunderbird-inspector', release: '3.1', reference: '1.0.2-2.sarge1.0.8c.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-thunderbird-inspector is vulnerable in Debian 3.1.\nUpgrade to mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1\n');
+}
+if (deb_check(prefix: 'mozilla-thunderbird-offline', release: '3.1', reference: '1.0.2-2.sarge1.0.8c.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-thunderbird-offline is vulnerable in Debian 3.1.\nUpgrade to mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1\n');
+}
+if (deb_check(prefix: 'mozilla-thunderbird-typeaheadfind', release: '3.1', reference: '1.0.2-2.sarge1.0.8c.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-thunderbird-typeaheadfind is vulnerable in Debian 3.1.\nUpgrade to mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1\n');
+}
+if (deb_check(prefix: 'mozilla-thunderbird', release: '4.0', reference: '1.5.0.7-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-thunderbird is vulnerable in Debian 4.0.\nUpgrade to mozilla-thunderbird_1.5.0.7-1\n');
+}
+if (deb_check(prefix: 'mozilla-thunderbird', release: '3.1', reference: '1.0.2-2.sarge1.0.8c.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-thunderbird is vulnerable in Debian sarge.\nUpgrade to mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1192.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1192.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1192.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,118 @@
+# This script was automatically generated from the dsa-1192
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Several security related problems have been discovered in Mozilla and
+derived products such as Mozilla Thunderbird. The Common
+Vulnerabilities and Exposures project identifies the following
+vulnerabilities:
+ Fernando Ribeiro discovered that a vulnerability in the getRawDER
+ function allows remote attackers to cause a denial of service
+ (hang) and possibly execute arbitrary code.
+ Daniel Bleichenbacher recently described an implementation error
+ in RSA signature verification that cause the application to
+ incorrectly trust SSL certificates.
+ Priit Laes reported that a JavaScript regular expression can
+ trigger a heap-based buffer overflow which allows remote attackers
+ to cause a denial of service and possibly execute arbitrary code.
+ A vulnerability has been discovered that allows remote attackers
+ to bypass the security model and inject content into the sub-frame
+ of another site.
+ Georgi Guninski demonstrated that even with JavaScript disabled in
+ mail (the default) an attacker can still execute JavaScript when a
+ mail message is viewed, replied to, or forwarded.
+ Multiple unspecified vulnerabilities in Firefox, Thunderbird and
+ SeaMonkey allow remote attackers to cause a denial of service,
+ corrupt memory, and possibly execute arbitrary code.
+For the stable distribution (sarge) these problems have been fixed in
+version 1.7.8-1sarge7.3.1.
+We recommend that you upgrade your Mozilla packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1192
+Risk factor : High';
+
+if (description) {
+ script_id(22733);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1192");
+ script_cve_id("CVE-2006-2788", "CVE-2006-4340", "CVE-2006-4565", "CVE-2006-4566", "CVE-2006-4568", "CVE-2006-4570", "CVE-2006-4571");
+ script_bugtraq_id(20042);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1192] DSA-1192-1 mozilla");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1192-1 mozilla");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'libnspr-dev', release: '3.1', reference: '1.7.8-1sarge7.3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libnspr-dev is vulnerable in Debian 3.1.\nUpgrade to libnspr-dev_1.7.8-1sarge7.3.1\n');
+}
+if (deb_check(prefix: 'libnspr4', release: '3.1', reference: '1.7.8-1sarge7.3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libnspr4 is vulnerable in Debian 3.1.\nUpgrade to libnspr4_1.7.8-1sarge7.3.1\n');
+}
+if (deb_check(prefix: 'libnss-dev', release: '3.1', reference: '1.7.8-1sarge7.3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libnss-dev is vulnerable in Debian 3.1.\nUpgrade to libnss-dev_1.7.8-1sarge7.3.1\n');
+}
+if (deb_check(prefix: 'libnss3', release: '3.1', reference: '1.7.8-1sarge7.3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libnss3 is vulnerable in Debian 3.1.\nUpgrade to libnss3_1.7.8-1sarge7.3.1\n');
+}
+if (deb_check(prefix: 'mozilla', release: '3.1', reference: '1.7.8-1sarge7.3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla is vulnerable in Debian 3.1.\nUpgrade to mozilla_1.7.8-1sarge7.3.1\n');
+}
+if (deb_check(prefix: 'mozilla-browser', release: '3.1', reference: '1.7.8-1sarge7.3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-browser is vulnerable in Debian 3.1.\nUpgrade to mozilla-browser_1.7.8-1sarge7.3.1\n');
+}
+if (deb_check(prefix: 'mozilla-calendar', release: '3.1', reference: '1.7.8-1sarge7.3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-calendar is vulnerable in Debian 3.1.\nUpgrade to mozilla-calendar_1.7.8-1sarge7.3.1\n');
+}
+if (deb_check(prefix: 'mozilla-chatzilla', release: '3.1', reference: '1.7.8-1sarge7.3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-chatzilla is vulnerable in Debian 3.1.\nUpgrade to mozilla-chatzilla_1.7.8-1sarge7.3.1\n');
+}
+if (deb_check(prefix: 'mozilla-dev', release: '3.1', reference: '1.7.8-1sarge7.3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-dev is vulnerable in Debian 3.1.\nUpgrade to mozilla-dev_1.7.8-1sarge7.3.1\n');
+}
+if (deb_check(prefix: 'mozilla-dom-inspector', release: '3.1', reference: '1.7.8-1sarge7.3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-dom-inspector is vulnerable in Debian 3.1.\nUpgrade to mozilla-dom-inspector_1.7.8-1sarge7.3.1\n');
+}
+if (deb_check(prefix: 'mozilla-js-debugger', release: '3.1', reference: '1.7.8-1sarge7.3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-js-debugger is vulnerable in Debian 3.1.\nUpgrade to mozilla-js-debugger_1.7.8-1sarge7.3.1\n');
+}
+if (deb_check(prefix: 'mozilla-mailnews', release: '3.1', reference: '1.7.8-1sarge7.3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-mailnews is vulnerable in Debian 3.1.\nUpgrade to mozilla-mailnews_1.7.8-1sarge7.3.1\n');
+}
+if (deb_check(prefix: 'mozilla-psm', release: '3.1', reference: '1.7.8-1sarge7.3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla-psm is vulnerable in Debian 3.1.\nUpgrade to mozilla-psm_1.7.8-1sarge7.3.1\n');
+}
+if (deb_check(prefix: 'mozilla', release: '3.1', reference: '1.7.8-1sarge7.3.1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package mozilla is vulnerable in Debian sarge.\nUpgrade to mozilla_1.7.8-1sarge7.3.1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1193.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1193.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1193.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,483 @@
+# This script was automatically generated from the dsa-1193
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Several vulnerabilities have been discovered in the X Window System,
+which may lead to the execution of arbitrary code or denial of service.
+The Common Vulnerabilities and Exposures project identifies the
+following problems:
+ Chris Evan discovered an integer overflow in the code to handle
+ PCF fonts, which might lead to denial of service if a malformed
+ font is opened.
+ It was discovered that an integer overflow in the code to handle
+ Adobe Font Metrics might lead to the execution of arbitrary code.
+ It was discovered that an integer overflow in the code to handle
+ CMap and CIDFont font data might lead to the execution of arbitrary
+ code.
+ The XFree86 initialization code performs insufficient checking of
+ the return value of setuid() when dropping privileges, which might
+ lead to local privilege escalation.
+For the stable distribution (sarge) these problems have been fixed in
+version 4.3.0.dfsg.1-14sarge2. This release lacks builds for the
+Motorola 680x0 architecture, which failed due to diskspace constraints
+on the build host. They will be released once this problem has been
+resolved.
+For the unstable distribution (sid) these problems have been fixed
+in version 1:1.2.2-1 of libxfont and version 1:1.0.2-9 of xorg-server.
+We recommend that you upgrade your XFree86 packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1193
+Risk factor : High';
+
+if (description) {
+ script_id(22734);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1193");
+ script_cve_id("CVE-2006-3467", "CVE-2006-3739", "CVE-2006-3740", "CVE-2006-4447");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1193] DSA-1193-1 xfree86");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1193-1 xfree86");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'lbxproxy', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package lbxproxy is vulnerable in Debian 3.1.\nUpgrade to lbxproxy_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libdps-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libdps-dev is vulnerable in Debian 3.1.\nUpgrade to libdps-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libdps1', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libdps1 is vulnerable in Debian 3.1.\nUpgrade to libdps1_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libdps1-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libdps1-dbg is vulnerable in Debian 3.1.\nUpgrade to libdps1-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libice-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libice-dev is vulnerable in Debian 3.1.\nUpgrade to libice-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libice6', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libice6 is vulnerable in Debian 3.1.\nUpgrade to libice6_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libice6-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libice6-dbg is vulnerable in Debian 3.1.\nUpgrade to libice6-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libsm-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libsm-dev is vulnerable in Debian 3.1.\nUpgrade to libsm-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libsm6', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libsm6 is vulnerable in Debian 3.1.\nUpgrade to libsm6_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libsm6-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libsm6-dbg is vulnerable in Debian 3.1.\nUpgrade to libsm6-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libx11-6', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libx11-6 is vulnerable in Debian 3.1.\nUpgrade to libx11-6_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libx11-6-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libx11-6-dbg is vulnerable in Debian 3.1.\nUpgrade to libx11-6-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libx11-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libx11-dev is vulnerable in Debian 3.1.\nUpgrade to libx11-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxaw6', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxaw6 is vulnerable in Debian 3.1.\nUpgrade to libxaw6_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxaw6-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxaw6-dbg is vulnerable in Debian 3.1.\nUpgrade to libxaw6-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxaw6-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxaw6-dev is vulnerable in Debian 3.1.\nUpgrade to libxaw6-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxaw7', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxaw7 is vulnerable in Debian 3.1.\nUpgrade to libxaw7_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxaw7-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxaw7-dbg is vulnerable in Debian 3.1.\nUpgrade to libxaw7-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxaw7-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxaw7-dev is vulnerable in Debian 3.1.\nUpgrade to libxaw7-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxext-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxext-dev is vulnerable in Debian 3.1.\nUpgrade to libxext-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxext6', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxext6 is vulnerable in Debian 3.1.\nUpgrade to libxext6_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxext6-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxext6-dbg is vulnerable in Debian 3.1.\nUpgrade to libxext6-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxft1', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxft1 is vulnerable in Debian 3.1.\nUpgrade to libxft1_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxft1-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxft1-dbg is vulnerable in Debian 3.1.\nUpgrade to libxft1-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxi-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxi-dev is vulnerable in Debian 3.1.\nUpgrade to libxi-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxi6', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxi6 is vulnerable in Debian 3.1.\nUpgrade to libxi6_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxi6-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxi6-dbg is vulnerable in Debian 3.1.\nUpgrade to libxi6-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxmu-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxmu-dev is vulnerable in Debian 3.1.\nUpgrade to libxmu-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxmu6', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxmu6 is vulnerable in Debian 3.1.\nUpgrade to libxmu6_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxmu6-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxmu6-dbg is vulnerable in Debian 3.1.\nUpgrade to libxmu6-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxmuu-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxmuu-dev is vulnerable in Debian 3.1.\nUpgrade to libxmuu-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxmuu1', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxmuu1 is vulnerable in Debian 3.1.\nUpgrade to libxmuu1_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxmuu1-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxmuu1-dbg is vulnerable in Debian 3.1.\nUpgrade to libxmuu1-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxp-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxp-dev is vulnerable in Debian 3.1.\nUpgrade to libxp-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxp6', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxp6 is vulnerable in Debian 3.1.\nUpgrade to libxp6_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxp6-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxp6-dbg is vulnerable in Debian 3.1.\nUpgrade to libxp6-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxpm-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxpm-dev is vulnerable in Debian 3.1.\nUpgrade to libxpm-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxpm4', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxpm4 is vulnerable in Debian 3.1.\nUpgrade to libxpm4_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxpm4-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxpm4-dbg is vulnerable in Debian 3.1.\nUpgrade to libxpm4-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxrandr-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxrandr-dev is vulnerable in Debian 3.1.\nUpgrade to libxrandr-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxrandr2', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxrandr2 is vulnerable in Debian 3.1.\nUpgrade to libxrandr2_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxrandr2-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxrandr2-dbg is vulnerable in Debian 3.1.\nUpgrade to libxrandr2-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxt-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxt-dev is vulnerable in Debian 3.1.\nUpgrade to libxt-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxt6', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxt6 is vulnerable in Debian 3.1.\nUpgrade to libxt6_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxt6-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxt6-dbg is vulnerable in Debian 3.1.\nUpgrade to libxt6-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxtrap-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxtrap-dev is vulnerable in Debian 3.1.\nUpgrade to libxtrap-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxtrap6', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxtrap6 is vulnerable in Debian 3.1.\nUpgrade to libxtrap6_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxtrap6-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxtrap6-dbg is vulnerable in Debian 3.1.\nUpgrade to libxtrap6-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxtst-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxtst-dev is vulnerable in Debian 3.1.\nUpgrade to libxtst-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxtst6', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxtst6 is vulnerable in Debian 3.1.\nUpgrade to libxtst6_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxtst6-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxtst6-dbg is vulnerable in Debian 3.1.\nUpgrade to libxtst6-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxv-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxv-dev is vulnerable in Debian 3.1.\nUpgrade to libxv-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxv1', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxv1 is vulnerable in Debian 3.1.\nUpgrade to libxv1_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'libxv1-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libxv1-dbg is vulnerable in Debian 3.1.\nUpgrade to libxv1-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'pm-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package pm-dev is vulnerable in Debian 3.1.\nUpgrade to pm-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'proxymngr', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package proxymngr is vulnerable in Debian 3.1.\nUpgrade to proxymngr_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'twm', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package twm is vulnerable in Debian 3.1.\nUpgrade to twm_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'x-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package x-dev is vulnerable in Debian 3.1.\nUpgrade to x-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'x-window-system', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package x-window-system is vulnerable in Debian 3.1.\nUpgrade to x-window-system_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'x-window-system-core', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package x-window-system-core is vulnerable in Debian 3.1.\nUpgrade to x-window-system-core_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'x-window-system-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package x-window-system-dev is vulnerable in Debian 3.1.\nUpgrade to x-window-system-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xbase-clients', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xbase-clients is vulnerable in Debian 3.1.\nUpgrade to xbase-clients_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xdm', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xdm is vulnerable in Debian 3.1.\nUpgrade to xdm_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xfonts-100dpi', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xfonts-100dpi is vulnerable in Debian 3.1.\nUpgrade to xfonts-100dpi_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xfonts-100dpi-transcoded', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xfonts-100dpi-transcoded is vulnerable in Debian 3.1.\nUpgrade to xfonts-100dpi-transcoded_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xfonts-75dpi', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xfonts-75dpi is vulnerable in Debian 3.1.\nUpgrade to xfonts-75dpi_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xfonts-75dpi-transcoded', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xfonts-75dpi-transcoded is vulnerable in Debian 3.1.\nUpgrade to xfonts-75dpi-transcoded_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xfonts-base', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xfonts-base is vulnerable in Debian 3.1.\nUpgrade to xfonts-base_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xfonts-base-transcoded', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xfonts-base-transcoded is vulnerable in Debian 3.1.\nUpgrade to xfonts-base-transcoded_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xfonts-cyrillic', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xfonts-cyrillic is vulnerable in Debian 3.1.\nUpgrade to xfonts-cyrillic_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xfonts-scalable', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xfonts-scalable is vulnerable in Debian 3.1.\nUpgrade to xfonts-scalable_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xfree86-common', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xfree86-common is vulnerable in Debian 3.1.\nUpgrade to xfree86-common_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xfs', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xfs is vulnerable in Debian 3.1.\nUpgrade to xfs_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xfwp', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xfwp is vulnerable in Debian 3.1.\nUpgrade to xfwp_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xlibmesa-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xlibmesa-dev is vulnerable in Debian 3.1.\nUpgrade to xlibmesa-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xlibmesa-dri', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xlibmesa-dri is vulnerable in Debian 3.1.\nUpgrade to xlibmesa-dri_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xlibmesa-dri-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xlibmesa-dri-dbg is vulnerable in Debian 3.1.\nUpgrade to xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xlibmesa-gl', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xlibmesa-gl is vulnerable in Debian 3.1.\nUpgrade to xlibmesa-gl_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xlibmesa-gl-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xlibmesa-gl-dbg is vulnerable in Debian 3.1.\nUpgrade to xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xlibmesa-gl-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xlibmesa-gl-dev is vulnerable in Debian 3.1.\nUpgrade to xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xlibmesa-glu', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xlibmesa-glu is vulnerable in Debian 3.1.\nUpgrade to xlibmesa-glu_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xlibmesa-glu-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xlibmesa-glu-dbg is vulnerable in Debian 3.1.\nUpgrade to xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xlibmesa-glu-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xlibmesa-glu-dev is vulnerable in Debian 3.1.\nUpgrade to xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xlibmesa3', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xlibmesa3 is vulnerable in Debian 3.1.\nUpgrade to xlibmesa3_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xlibmesa3-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xlibmesa3-dbg is vulnerable in Debian 3.1.\nUpgrade to xlibmesa3-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xlibosmesa-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xlibosmesa-dev is vulnerable in Debian 3.1.\nUpgrade to xlibosmesa-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xlibosmesa4', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xlibosmesa4 is vulnerable in Debian 3.1.\nUpgrade to xlibosmesa4_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xlibosmesa4-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xlibosmesa4-dbg is vulnerable in Debian 3.1.\nUpgrade to xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xlibs', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xlibs is vulnerable in Debian 3.1.\nUpgrade to xlibs_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xlibs-data', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xlibs-data is vulnerable in Debian 3.1.\nUpgrade to xlibs-data_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xlibs-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xlibs-dbg is vulnerable in Debian 3.1.\nUpgrade to xlibs-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xlibs-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xlibs-dev is vulnerable in Debian 3.1.\nUpgrade to xlibs-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xlibs-pic', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xlibs-pic is vulnerable in Debian 3.1.\nUpgrade to xlibs-pic_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xlibs-static-dev', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xlibs-static-dev is vulnerable in Debian 3.1.\nUpgrade to xlibs-static-dev_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xlibs-static-pic', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xlibs-static-pic is vulnerable in Debian 3.1.\nUpgrade to xlibs-static-pic_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xmh', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xmh is vulnerable in Debian 3.1.\nUpgrade to xmh_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xnest', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xnest is vulnerable in Debian 3.1.\nUpgrade to xnest_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xserver-common', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xserver-common is vulnerable in Debian 3.1.\nUpgrade to xserver-common_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xserver-xfree86', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xserver-xfree86 is vulnerable in Debian 3.1.\nUpgrade to xserver-xfree86_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xserver-xfree86-dbg', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xserver-xfree86-dbg is vulnerable in Debian 3.1.\nUpgrade to xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xspecs', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xspecs is vulnerable in Debian 3.1.\nUpgrade to xspecs_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xterm', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xterm is vulnerable in Debian 3.1.\nUpgrade to xterm_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xutils', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xutils is vulnerable in Debian 3.1.\nUpgrade to xutils_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xvfb', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xvfb is vulnerable in Debian 3.1.\nUpgrade to xvfb_4.3.0.dfsg.1-14sarge2\n');
+}
+if (deb_check(prefix: 'xfree86', release: '4.0', reference: '1.2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xfree86 is vulnerable in Debian 4.0.\nUpgrade to xfree86_1.2\n');
+}
+if (deb_check(prefix: 'xfree86', release: '3.1', reference: '4.3.0.dfsg.1-14sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package xfree86 is vulnerable in Debian sarge.\nUpgrade to xfree86_4.3.0.dfsg.1-14sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1194.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1194.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1194.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,68 @@
+# This script was automatically generated from the dsa-1194
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+It was discovered that an integer overflow in libwmf, the library to read
+Windows Metafile Format files, can be exploited to execute arbitrary code
+if a crafted WMF file is parsed.
+For the stable distribution (sarge) this problem has been fixed in
+version 0.2.8.3-2sarge1.
+For the unstable distribution (sid) this problem has been fixed in
+version 0.2.8.4-2.
+We recommend that you upgrade your libwmf package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1194
+Risk factor : High';
+
+if (description) {
+ script_id(22735);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1194");
+ script_cve_id("CVE-2006-3376");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1194] DSA-1194-1 libwmf");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1194-1 libwmf");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'libwmf-bin', release: '3.1', reference: '0.2.8.3-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libwmf-bin is vulnerable in Debian 3.1.\nUpgrade to libwmf-bin_0.2.8.3-2sarge1\n');
+}
+if (deb_check(prefix: 'libwmf-dev', release: '3.1', reference: '0.2.8.3-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libwmf-dev is vulnerable in Debian 3.1.\nUpgrade to libwmf-dev_0.2.8.3-2sarge1\n');
+}
+if (deb_check(prefix: 'libwmf-doc', release: '3.1', reference: '0.2.8.3-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libwmf-doc is vulnerable in Debian 3.1.\nUpgrade to libwmf-doc_0.2.8.3-2sarge1\n');
+}
+if (deb_check(prefix: 'libwmf0.2-7', release: '3.1', reference: '0.2.8.3-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libwmf0.2-7 is vulnerable in Debian 3.1.\nUpgrade to libwmf0.2-7_0.2.8.3-2sarge1\n');
+}
+if (deb_check(prefix: 'libwmf', release: '4.0', reference: '0.2.8.4-2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libwmf is vulnerable in Debian 4.0.\nUpgrade to libwmf_0.2.8.4-2\n');
+}
+if (deb_check(prefix: 'libwmf', release: '3.1', reference: '0.2.8.3-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libwmf is vulnerable in Debian sarge.\nUpgrade to libwmf_0.2.8.3-2sarge1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1195.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1195.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1195.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,73 @@
+# This script was automatically generated from the dsa-1195
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Multiple vulnerabilities have been discovered in the OpenSSL
+cryptographic software package that could allow an attacker to launch
+a denial of service attack by exhausting system resources or crashing
+processes on a victim\'s computer.
+ Tavis Ormandy and Will Drewry of the Google Security Team
+ discovered a buffer overflow in SSL_get_shared_ciphers utility
+ function, used by some applications such as exim and mysql. An
+ attacker could send a list of ciphers that would overrun a
+ buffer.
+ Tavis Ormandy and Will Drewry of the Google Security Team
+ discovered a possible DoS in the sslv2 client code. Where a
+ client application uses OpenSSL to make a SSLv2 connection to
+ a malicious server that server could cause the client to
+ crash.
+ Dr S N Henson of the OpenSSL core team and Open Network
+ Security recently developed an ASN1 test suite for NISCC
+ (www.niscc.gov.uk). When the test suite was run against
+ OpenSSL a DoS was discovered.
+ Certain types of public key can take disproportionate amounts
+ of time to process. This could be used by an attacker in a
+ denial of service attack.
+For the stable distribution (sarge) these problems have been fixed in
+version 0.9.6m-1sarge4.
+This package exists only for compatibility with older software, and is
+not present in the unstable or testing branches of Debian.
+We recommend that you upgrade your openssl096 package. Note that
+services linking against the openssl shared libraries will need to be
+restarted. Common examples of such services include most Mail
+Transport Agents, SSH servers, and web servers.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1195
+Risk factor : High';
+
+if (description) {
+ script_id(22881);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1195");
+ script_cve_id("CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1195] DSA-1195-1 openssl096");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1195-1 openssl096");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'libssl0.9.6', release: '3.1', reference: '0.9.6m-1sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libssl0.9.6 is vulnerable in Debian 3.1.\nUpgrade to libssl0.9.6_0.9.6m-1sarge4\n');
+}
+if (deb_check(prefix: 'openssl096', release: '3.1', reference: '0.9.6m-1sarge4')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package openssl096 is vulnerable in Debian sarge.\nUpgrade to openssl096_0.9.6m-1sarge4\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1196.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1196.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1196.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,95 @@
+# This script was automatically generated from the dsa-1196
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Several remote vulnerabilities have been discovered in the ClamAV malware
+scan engine, which may lead to the execution of arbitrary code. The
+Common Vulnerabilities and Exposures project identifies the following
+problems:
+ Damian Put discovered a heap overflow error in the script to rebuild
+ PE files, which could lead to the execution of arbitrary code.
+ Damian Put discovered that missing input sanitising in the CHM
+ handling code might lead to denial of service.
+For the stable distribution (sarge) these problems have been fixed in
+version 0.84-2.sarge.11. Due to technical problems with the build host
+this update lacks a build for the Sparc architecture. It will be
+provided soon.
+For the unstable distribution (sid) these problems have been fixed in
+version 0.88.5-1.
+We recommend that you upgrade your clamav packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1196
+Risk factor : High';
+
+if (description) {
+ script_id(22905);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1196");
+ script_cve_id("CVE-2006-4182", "CVE-2006-5295");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1196] DSA-1196-1 clamav");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1196-1 clamav");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'clamav', release: '3.1', reference: '0.84-2.sarge.11')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package clamav is vulnerable in Debian 3.1.\nUpgrade to clamav_0.84-2.sarge.11\n');
+}
+if (deb_check(prefix: 'clamav-base', release: '3.1', reference: '0.84-2.sarge.11')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package clamav-base is vulnerable in Debian 3.1.\nUpgrade to clamav-base_0.84-2.sarge.11\n');
+}
+if (deb_check(prefix: 'clamav-daemon', release: '3.1', reference: '0.84-2.sarge.11')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package clamav-daemon is vulnerable in Debian 3.1.\nUpgrade to clamav-daemon_0.84-2.sarge.11\n');
+}
+if (deb_check(prefix: 'clamav-docs', release: '3.1', reference: '0.84-2.sarge.11')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package clamav-docs is vulnerable in Debian 3.1.\nUpgrade to clamav-docs_0.84-2.sarge.11\n');
+}
+if (deb_check(prefix: 'clamav-freshclam', release: '3.1', reference: '0.84-2.sarge.11')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package clamav-freshclam is vulnerable in Debian 3.1.\nUpgrade to clamav-freshclam_0.84-2.sarge.11\n');
+}
+if (deb_check(prefix: 'clamav-milter', release: '3.1', reference: '0.84-2.sarge.11')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package clamav-milter is vulnerable in Debian 3.1.\nUpgrade to clamav-milter_0.84-2.sarge.11\n');
+}
+if (deb_check(prefix: 'clamav-testfiles', release: '3.1', reference: '0.84-2.sarge.11')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package clamav-testfiles is vulnerable in Debian 3.1.\nUpgrade to clamav-testfiles_0.84-2.sarge.11\n');
+}
+if (deb_check(prefix: 'libclamav-dev', release: '3.1', reference: '0.84-2.sarge.11')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libclamav-dev is vulnerable in Debian 3.1.\nUpgrade to libclamav-dev_0.84-2.sarge.11\n');
+}
+if (deb_check(prefix: 'libclamav1', release: '3.1', reference: '0.84-2.sarge.11')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package libclamav1 is vulnerable in Debian 3.1.\nUpgrade to libclamav1_0.84-2.sarge.11\n');
+}
+if (deb_check(prefix: 'clamav', release: '4.0', reference: '0.88.5-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package clamav is vulnerable in Debian 4.0.\nUpgrade to clamav_0.88.5-1\n');
+}
+if (deb_check(prefix: 'clamav', release: '3.1', reference: '0.84-2.sarge.11')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package clamav is vulnerable in Debian sarge.\nUpgrade to clamav_0.84-2.sarge.11\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1197.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1197.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1197.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,87 @@
+# This script was automatically generated from the dsa-1197
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Benjamin C. Wiley Sittler discovered that the repr() of the Python
+interpreter allocates insufficient memory when parsing UCS-4 Unicode
+strings, which might lead to execution of arbitrary code through
+a buffer overflow.
+For the stable distribution (sarge) this problem has been fixed in
+version 2.4.1-2sarge1. Due to build problems this update lacks fixed
+packages for the m68k architecture. Once they are sorted out, binaries
+for m68k will be released.
+For the unstable distribution (sid) this problem has been fixed in
+version 2.4.4-1.
+We recommend that you upgrade your Python 2.4 packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1197
+Risk factor : High';
+
+if (description) {
+ script_id(22906);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1197");
+ script_cve_id("CVE-2006-4980");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1197] DSA-1197-1 python2.4");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1197-1 python2.4");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'idle-python2.4', release: '3.1', reference: '2.4.1-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package idle-python2.4 is vulnerable in Debian 3.1.\nUpgrade to idle-python2.4_2.4.1-2sarge1\n');
+}
+if (deb_check(prefix: 'python2.4', release: '3.1', reference: '2.4.1-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.4 is vulnerable in Debian 3.1.\nUpgrade to python2.4_2.4.1-2sarge1\n');
+}
+if (deb_check(prefix: 'python2.4-dbg', release: '3.1', reference: '2.4.1-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.4-dbg is vulnerable in Debian 3.1.\nUpgrade to python2.4-dbg_2.4.1-2sarge1\n');
+}
+if (deb_check(prefix: 'python2.4-dev', release: '3.1', reference: '2.4.1-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.4-dev is vulnerable in Debian 3.1.\nUpgrade to python2.4-dev_2.4.1-2sarge1\n');
+}
+if (deb_check(prefix: 'python2.4-doc', release: '3.1', reference: '2.4.1-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.4-doc is vulnerable in Debian 3.1.\nUpgrade to python2.4-doc_2.4.1-2sarge1\n');
+}
+if (deb_check(prefix: 'python2.4-examples', release: '3.1', reference: '2.4.1-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.4-examples is vulnerable in Debian 3.1.\nUpgrade to python2.4-examples_2.4.1-2sarge1\n');
+}
+if (deb_check(prefix: 'python2.4-gdbm', release: '3.1', reference: '2.4.1-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.4-gdbm is vulnerable in Debian 3.1.\nUpgrade to python2.4-gdbm_2.4.1-2sarge1\n');
+}
+if (deb_check(prefix: 'python2.4-tk', release: '3.1', reference: '2.4.1-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.4-tk is vulnerable in Debian 3.1.\nUpgrade to python2.4-tk_2.4.1-2sarge1\n');
+}
+if (deb_check(prefix: 'python2.4', release: '4.0', reference: '2.4.4-1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.4 is vulnerable in Debian 4.0.\nUpgrade to python2.4_2.4.4-1\n');
+}
+if (deb_check(prefix: 'python2.4', release: '3.1', reference: '2.4.1-2sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.4 is vulnerable in Debian sarge.\nUpgrade to python2.4_2.4.1-2sarge1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1198.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1198.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1198.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,87 @@
+# This script was automatically generated from the dsa-1198
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Benjamin C. Wiley Sittler discovered that the repr() of the Python
+interpreter allocates insufficient memory when parsing UCS-4 Unicode
+strings, which might lead to execution of arbitrary code through
+a buffer overflow.
+For the stable distribution (sarge) this problem has been fixed in
+version 2.3.5-3sarge2. Due to build problems this update lacks fixed
+packages for the Alpha and Sparc architectures. Once they are sorted
+out, fixed binaries will be released.
+For the unstable distribution (sid) this problem has been fixed in
+version 2.3.5-16.
+We recommend that you upgrade your Python 2.3 packages.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1198
+Risk factor : High';
+
+if (description) {
+ script_id(22907);
+ script_version("$Revision: 1.2 $");
+ script_xref(name: "DSA", value: "1198");
+ script_cve_id("CVE-2006-4980");
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2007 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1198] DSA-1198-1 python2.3");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1198-1 python2.3");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'idle-python2.3', release: '3.1', reference: '2.3.5-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package idle-python2.3 is vulnerable in Debian 3.1.\nUpgrade to idle-python2.3_2.3.5-3sarge2\n');
+}
+if (deb_check(prefix: 'python2.3', release: '3.1', reference: '2.3.5-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.3 is vulnerable in Debian 3.1.\nUpgrade to python2.3_2.3.5-3sarge2\n');
+}
+if (deb_check(prefix: 'python2.3-dev', release: '3.1', reference: '2.3.5-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.3-dev is vulnerable in Debian 3.1.\nUpgrade to python2.3-dev_2.3.5-3sarge2\n');
+}
+if (deb_check(prefix: 'python2.3-doc', release: '3.1', reference: '2.3.5-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.3-doc is vulnerable in Debian 3.1.\nUpgrade to python2.3-doc_2.3.5-3sarge2\n');
+}
+if (deb_check(prefix: 'python2.3-examples', release: '3.1', reference: '2.3.5-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.3-examples is vulnerable in Debian 3.1.\nUpgrade to python2.3-examples_2.3.5-3sarge2\n');
+}
+if (deb_check(prefix: 'python2.3-gdbm', release: '3.1', reference: '2.3.5-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.3-gdbm is vulnerable in Debian 3.1.\nUpgrade to python2.3-gdbm_2.3.5-3sarge2\n');
+}
+if (deb_check(prefix: 'python2.3-mpz', release: '3.1', reference: '2.3.5-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.3-mpz is vulnerable in Debian 3.1.\nUpgrade to python2.3-mpz_2.3.5-3sarge2\n');
+}
+if (deb_check(prefix: 'python2.3-tk', release: '3.1', reference: '2.3.5-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.3-tk is vulnerable in Debian 3.1.\nUpgrade to python2.3-tk_2.3.5-3sarge2\n');
+}
+if (deb_check(prefix: 'python2.3', release: '4.0', reference: '2.3.5-16')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.3 is vulnerable in Debian 4.0.\nUpgrade to python2.3_2.3.5-16\n');
+}
+if (deb_check(prefix: 'python2.3', release: '3.1', reference: '2.3.5-3sarge2')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package python2.3 is vulnerable in Debian sarge.\nUpgrade to python2.3_2.3.5-3sarge2\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
Added: trunk/openvas-plugins/scripts/debian_DSA-1199.nasl
===================================================================
--- trunk/openvas-plugins/scripts/debian_DSA-1199.nasl 2007-11-06 11:55:24 UTC (rev 531)
+++ trunk/openvas-plugins/scripts/debian_DSA-1199.nasl 2007-11-06 12:03:57 UTC (rev 532)
@@ -0,0 +1,70 @@
+# This script was automatically generated from the dsa-1199
+# Debian Security Advisory
+# It is released under the Nessus Script Licence.
+# Advisory is copyright 1997-2004 Software in the Public Interest, Inc.
+# See http://www.debian.org/license
+# DSA2nasl Convertor is copyright 2004 Michel Arboi
+
+if (! defined_func('bn_random')) exit(0);
+
+desc = '
+Several vulnerabilities have been identified in webmin, a web-based
+administration toolkit. The Common Vulnerabilities and Exposures project
+identifies the following vulnerabilities:
+ A format string vulnerability in miniserv.pl could allow an
+ attacker to cause a denial of service by crashing the
+ application or exhausting system resources, and could
+ potentially allow arbitrary code execution.
+ Improper input sanitization in miniserv.pl could allow an
+ attacker to read arbitrary files on the webmin host by providing
+ a specially crafted URL path to the miniserv http server.
+ Improper handling of null characters in URLs in miniserv.pl
+ could allow an attacker to conduct cross-site scripting attacks,
+ read CGI program source code, list local directories, and
+ potentially execute arbitrary code.
+Stable updates are available for alpha, amd64, arm, hppa, i386, ia64,
+m68k, mips, mipsel, powerpc, s390 and sparc.
+For the stable distribution (sarge), these problems have been fixed in
+version 1.180-3sarge1.
+Webmin is not included in unstable (sid) or testing (etch), so these
+problems are not present.
+We recommend that you upgrade your webmin (1.180-3sarge1) package.
+
+
+Solution : http://www.debian.org/security/2006/dsa-1199
+Risk factor : High';
+
+if (description) {
+ script_id(22908);
+ script_version("$Revision: 1.1 $");
+ script_xref(name: "DSA", value: "1199");
+ script_cve_id("CVE-2005-3912", "CVE-2006-3392", "CVE-2006-4542");
+ script_bugtraq_id(15629, 18744, 19820);
+
+ script_description(english: desc);
+ script_copyright(english: "This script is (C) 2006 Michel Arboi <mikhail at nessus.org>");
+ script_name(english: "[DSA1199] DSA-1199-1 webmin");
+ script_category(ACT_GATHER_INFO);
+ script_family(english: "Debian Local Security Checks");
+ script_dependencies("ssh_get_info.nasl");
+ script_require_keys("Host/Debian/dpkg-l");
+ script_summary(english: "DSA-1199-1 webmin");
+ exit(0);
+}
+
+include("debian_package.inc");
+
+w = 0;
+if (deb_check(prefix: 'webmin', release: '3.1', reference: '1.180-3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package webmin is vulnerable in Debian 3.1.\nUpgrade to webmin_1.180-3sarge1\n');
+}
+if (deb_check(prefix: 'webmin-core', release: '3.1', reference: '1.180-3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package webmin-core is vulnerable in Debian 3.1.\nUpgrade to webmin-core_1.180-3sarge1\n');
+}
+if (deb_check(prefix: 'webmin', release: '3.1', reference: '1.180-3sarge1')) {
+ w ++;
+ if (report_verbosity > 0) desc = strcat(desc, '\nThe package webmin is vulnerable in Debian sarge.\nUpgrade to webmin_1.180-3sarge1\n');
+}
+if (w) { security_hole(port: 0, data: desc); }
More information about the Openvas-commits
mailing list