[Openvas-commits] r1499 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Thu Oct 9 00:42:38 CEST 2008 

Author: reinke
Date: 2008-10-09 00:42:36 +0200 (Thu, 09 Oct 2008)
New Revision: 1499

Added:
   trunk/openvas-plugins/scripts/deb_1643_1.nasl
   trunk/openvas-plugins/scripts/deb_1647_1.nasl
   trunk/openvas-plugins/scripts/deb_1648_1.nasl
   trunk/openvas-plugins/scripts/glsa_200810_01.nasl
Modified:
   trunk/openvas-plugins/ChangeLog
Log:
New scripts added

Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2008-10-08 19:18:44 UTC (rev 1498)
+++ trunk/openvas-plugins/ChangeLog	2008-10-08 22:42:36 UTC (rev 1499)
@@ -1,4 +1,8 @@
 2008-10-08  Thomas Reinke <reinke at securityspace.com>
+	* deb_1643_1.nasl deb_1647_1.nasl deb_1648_1.nasl
+	  glsa_200810_01.nasl   New scripts
+
+2008-10-08  Thomas Reinke <reinke at securityspace.com>
 	* scripts/gentoo_unmaintained_packages.nasl added.
 	  Updated gather-package-list.nasl to added necessary
 	  prerequisites for above mentioned script.

Added: trunk/openvas-plugins/scripts/deb_1643_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1643_1.nasl	2008-10-08 19:18:44 UTC (rev 1498)
+++ trunk/openvas-plugins/scripts/deb_1643_1.nasl	2008-10-08 22:42:36 UTC (rev 1499)
@@ -0,0 +1,85 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1643-1 (feta)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(61711);
+ script_cve_id("CVE-2008-4440");
+ script_version ("$");
+ name["english"] = "Debian Security Advisory DSA 1643-1 (feta)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to feta
+announced via advisory DSA 1643-1.
+
+Dmitry E. Oboukhov discovered that the to-upgrade plugin of Feta,
+a simpler interface to APT, dpkg, and other Debian package tools
+creates temporary files insecurely, which may lead to local denial
+of service through symlink attacks.
+
+For the stable distribution (etch), this problem has been fixed in
+version 1.4.15+etch1.
+
+For the unstable distribution (sid), this problem has been fixed in
+version 1.4.16+nmu1.
+
+We recommend that you upgrade your feta package.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201643-1
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Debian Security Advisory DSA 1643-1 (feta)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Debian Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"feta", ver:"1.4.15+etch1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_1647_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1647_1.nasl	2008-10-08 19:18:44 UTC (rev 1498)
+++ trunk/openvas-plugins/scripts/deb_1647_1.nasl	2008-10-08 22:42:36 UTC (rev 1499)
@@ -0,0 +1,176 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1647-1 (php5)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(61712);
+ script_cve_id("CVE-2008-3658", "CVE-2008-3659", "CVE-2008-3660");
+ script_version ("$");
+ name["english"] = "Debian Security Advisory DSA 1647-1 (php5)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to php5
+announced via advisory DSA 1647-1.
+
+Several vulnerabilities have been discovered in PHP, a server-side,
+HTML-embedded scripting language. The Common Vulnerabilities and
+Exposures project identifies the following problems:
+
+CVE-2008-3658
+
+Buffer overflow in the imageloadfont function allows a denial
+of service or code execution through a crafted font file.
+
+CVE-2008-3659
+
+Buffer overflow in the memnstr function allows a denial of
+service  or code execution via a crafted delimiter parameter
+to the explode function.
+
+CVE-2008-3660
+
+Denial of service is possible in the FastCGI module by a
+remote attacker by making a request with multiple dots
+before the extension.
+
+For the stable distribution (etch), these problems have been fixed in
+version 5.2.0-8+etch13.
+
+For the testing (lenny) and unstable distribution (sid), these problems
+have been fixed in version 5.2.6-4.
+
+We recommend that you upgrade your php5 package.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201647-1
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Debian Security Advisory DSA 1647-1 (php5)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Debian Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"php-pear", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-dev", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-tidy", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-mysql", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-xmlrpc", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-cgi", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-xsl", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-gd", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-snmp", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-sybase", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-mcrypt", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-common", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-mhash", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-pspell", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libapache-mod-php5", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-ldap", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-imap", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-recode", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-pgsql", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-sqlite", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-curl", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-odbc", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-cli", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-interbase", ver:"5.2.0-8+etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_1648_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1648_1.nasl	2008-10-08 19:18:44 UTC (rev 1498)
+++ trunk/openvas-plugins/scripts/deb_1648_1.nasl	2008-10-08 22:42:36 UTC (rev 1499)
@@ -0,0 +1,85 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1648-1 (mon)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(61713);
+ script_cve_id("CVE-2008-4477");
+ script_version ("$");
+ name["english"] = "Debian Security Advisory DSA 1648-1 (mon)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to mon
+announced via advisory DSA 1648-1.
+
+Dmitry E. Oboukhov discovered that the test.alert script used in one of the
+alert functions in mon, a system to monitor hosts or services and alert
+about problems, creates temporary files insecurely, which may lead to a local
+denial of service through symlink attacks.
+
+For the stable distribution (etch), this problem has been fixed in
+version 0.99.2-9+etch2.
+
+For the testing (lenny) and unstable distribution (sid), this problem has
+been fixed in version 0.99.2-13.
+
+We recommend that you upgrade your mon package.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201648-1
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Debian Security Advisory DSA 1648-1 (mon)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Debian Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"mon", ver:"0.99.2-9+etch2", rls:"DEB4.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/glsa_200810_01.nasl
===================================================================
--- trunk/openvas-plugins/scripts/glsa_200810_01.nasl	2008-10-08 19:18:44 UTC (rev 1498)
+++ trunk/openvas-plugins/scripts/glsa_200810_01.nasl	2008-10-08 22:42:36 UTC (rev 1499)
@@ -0,0 +1,83 @@
+#
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from Gentoo's XML based advisory
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+                                                                                
+if(description)
+{
+ script_id(61714);
+ script_cve_id("CVE-2008-2149", "CVE-2008-3908");
+ script_version ("$");
+ name["english"] = "Gentoo Security Advisory GLSA 200810-01 (wordnet)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing updates announced in
+advisory GLSA 200810-01.
+
+Multiple vulnerabilities were found in WordNet, possibly allowing for the
+execution of arbitrary code.
+
+Solution:
+All WordNet users should upgrade to the latest version:
+
+    # emerge --sync
+    # emerge --ask --oneshot --verbose '>=app-dicts/wordnet-3.0-r2'
+
+http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200810-01
+http://bugs.gentoo.org/show_bug.cgi?id=211491
+
+Risk factor : Medium";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Gentoo Security Advisory GLSA 200810-01 (wordnet)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Gentoo Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/gentoo");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-gentoo.inc");
+vuln = 0;
+if(ispkgvuln(pkg:"app-dicts/wordnet", unaffected: make_list("ge 3.0-r2"), vulnerable: make_list("lt 3.0-r2"))) {
+    vuln=1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

More information about the Openvas-commits mailing list