From scm-commit at wald.intevation.org Mon Sep 1 00:04:36 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 1 Sep 2008 00:04:36 +0200 (CEST) Subject: [Openvas-commits] r1254 - in trunk/openvas-server: . openvasd Message-ID: <20080831220436.22A0940761@pyrosoma.intevation.org> Author: jan Date: 2008-09-01 00:04:34 +0200 (Mon, 01 Sep 2008) New Revision: 1254 Modified: trunk/openvas-server/ChangeLog trunk/openvas-server/openvasd/ntp_11.c trunk/openvas-server/openvasd/otp_1_0.c trunk/openvas-server/openvasd/otp_1_0.h Log: Remove NEW_ATTACK command. * openvasd/ntp_11.c (ntp_11_new_attack): Removed. * openvasd/otp_1_0.c (otp_1_0_get_client_request): Removed NEW_ATTACK handling. * openvasd/otp_1_0.h: Removed CREQ_NEW_ATTACK. Modified: trunk/openvas-server/ChangeLog =================================================================== --- trunk/openvas-server/ChangeLog 2008-08-31 21:43:10 UTC (rev 1253) +++ trunk/openvas-server/ChangeLog 2008-08-31 22:04:34 UTC (rev 1254) @@ -1,5 +1,16 @@ 2008-08-31 Jan-Oliver Wagner + Remove NEW_ATTACK command. + + * openvasd/ntp_11.c (ntp_11_new_attack): Removed. + + * openvasd/otp_1_0.c (otp_1_0_get_client_request): Removed + NEW_ATTACK handling. + + * openvasd/otp_1_0.h: Removed CREQ_NEW_ATTACK. + +2008-08-31 Jan-Oliver Wagner + * openvasd/otp_1_0.c (otp_1_0_get_client_request): New method. * openvasd/otp_1_0.h: Added proto for Modified: trunk/openvas-server/openvasd/ntp_11.c =================================================================== --- trunk/openvas-server/openvasd/ntp_11.c 2008-08-31 21:43:10 UTC (rev 1253) +++ trunk/openvas-server/openvasd/ntp_11.c 2008-08-31 22:04:34 UTC (rev 1254) @@ -59,7 +59,6 @@ static int ntp_11_read_prefs(struct arglist *); static void ntp_11_send_prefs_errors(struct arglist *); static int ntp_11_rules(struct arglist *); -static int ntp_11_new_attack(struct arglist *, char *); static int ntp_11_long_attack(struct arglist *, char *); static int ntp_11_recv_file(struct arglist*); @@ -110,10 +109,6 @@ result = ntp_11_long_attack(globals, orig); break; - case CREQ_NEW_ATTACK: - result = ntp_11_new_attack(globals, orig); - break; - case CREQ_OPENVAS_VERSION: otp_1_0_server_openvas_version(globals); break; @@ -397,50 +392,6 @@ return(0); } - - -static int ntp_11_new_attack(globals, input) - struct arglist * globals; - char * input; - -{ - char * target = emalloc(strlen(input)+1); - char * clean_target; - char * plugin_set; - struct arglist * preferences = arg_get_value(globals, "preferences"); - int len; - - sscanf(input, "CLIENT <|> NEW_ATTACK <|> %s <|> CLIENT\n", target); - if(target[0] == '\0'){ - efree(&target); - return(1); - } - len = strlen(target); - clean_target = emalloc(len+1); - strncpy(clean_target, target, len); - plugin_set = arg_get_value(preferences, "plugin_set"); - if(!plugin_set || plugin_set[0] == '\0') - { - if(plugin_set != NULL) - efree(&plugin_set); - - plugin_set = emalloc(3); - sprintf(plugin_set, "-1"); - if( arg_get_value(preferences, "plugin_set") == NULL ) - arg_add_value(preferences, "plugin_set", ARG_STRING, strlen(plugin_set), plugin_set); - else - arg_set_value(preferences, "plugin_set", strlen(plugin_set), plugin_set); - } - comm_setup_plugins(globals, plugin_set); - if(arg_get_value(preferences, "TARGET")) - arg_set_value(preferences, "TARGET", strlen(clean_target), clean_target); - else - arg_add_value(preferences, "TARGET", ARG_STRING, strlen(clean_target), clean_target); - efree(&target); - return(0); -} - - void ntp_11_show_end(globals, name, internal) struct arglist* globals; Modified: trunk/openvas-server/openvasd/otp_1_0.c =================================================================== --- trunk/openvas-server/openvasd/otp_1_0.c 2008-08-31 21:43:10 UTC (rev 1253) +++ trunk/openvas-server/openvasd/otp_1_0.c 2008-08-31 22:04:34 UTC (rev 1254) @@ -38,7 +38,6 @@ { if (!strcmp(str, "ATTACHED_FILE")) return(CREQ_ATTACHED_FILE); if (!strcmp(str, "LONG_ATTACK")) return(CREQ_LONG_ATTACK); - if (!strcmp(str, "NEW_ATTACK")) return(CREQ_NEW_ATTACK); if (!strcmp(str, "OPENVAS_VERSION")) return(CREQ_OPENVAS_VERSION); if (!strcmp(str, "PLUGIN_INFO")) return(CREQ_PLUGIN_INFO); if (!strcmp(str, "PREFERENCES")) return(CREQ_PREFERENCES); Modified: trunk/openvas-server/openvasd/otp_1_0.h =================================================================== --- trunk/openvas-server/openvasd/otp_1_0.h 2008-08-31 21:43:10 UTC (rev 1253) +++ trunk/openvas-server/openvasd/otp_1_0.h 2008-08-31 22:04:34 UTC (rev 1254) @@ -30,7 +30,6 @@ CREQ_UNKNOWN, CREQ_ATTACHED_FILE, CREQ_LONG_ATTACK, - CREQ_NEW_ATTACK, CREQ_OPENVAS_VERSION, CREQ_PLUGIN_INFO, CREQ_PREFERENCES, From scm-commit at wald.intevation.org Mon Sep 1 00:11:48 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 1 Sep 2008 00:11:48 +0200 (CEST) Subject: [Openvas-commits] r1255 - in trunk/openvas-plugins: . scripts Message-ID: <20080831221148.6F53A40761@pyrosoma.intevation.org> Author: kost Date: 2008-09-01 00:11:47 +0200 (Mon, 01 Sep 2008) New Revision: 1255 Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/scripts/ike-scan.nasl trunk/openvas-plugins/scripts/pnscan.nasl trunk/openvas-plugins/scripts/portbunny.nasl Log: Removed unneeded dependicies in scripts Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2008-08-31 22:04:34 UTC (rev 1254) +++ trunk/openvas-plugins/ChangeLog 2008-08-31 22:11:47 UTC (rev 1255) @@ -1,11 +1,16 @@ 2008-08-31 Vlatko Kosturjak + * scripts/ike-scan.nasl, scripts/pnscan.nasl, scripts/portbunny.nasl: + remove unneeded dependencies + +2008-08-31 Vlatko Kosturjak + * scripts/url_func.inc: started implementation of standard (nessus compatible) URL library of functions 2008-08-31 Vlatko Kosturjak - * scripts/ike-scan.nasl, scripts/pnscan.nasl, scripts/portbunny: + * scripts/ike-scan.nasl, scripts/pnscan.nasl, scripts/portbunny.nasl: added support for two more TCP port scanners (as NASL wrappers) and one for IKE (VPN's). Modified: trunk/openvas-plugins/scripts/ike-scan.nasl =================================================================== --- trunk/openvas-plugins/scripts/ike-scan.nasl 2008-08-31 22:04:34 UTC (rev 1254) +++ trunk/openvas-plugins/scripts/ike-scan.nasl 2008-08-31 22:11:47 UTC (rev 1255) @@ -37,11 +37,8 @@ family["francais"] = "Scanners de ports"; script_family(english:family["english"], francais:family["francais"]); - script_dependencies("ping_host.nasl"); - if (NASL_LEVEL < 2181) exit(0); # Cannot run - script_add_preference(name:"Run ike-scan in main mode", type:"checkbox", value: "yes"); # aggressive mode is safe, so it's yes by default script_add_preference(name:"Run ike-scan in aggressive mode", type:"checkbox", value: "yes"); Modified: trunk/openvas-plugins/scripts/pnscan.nasl =================================================================== --- trunk/openvas-plugins/scripts/pnscan.nasl 2008-08-31 22:04:34 UTC (rev 1254) +++ trunk/openvas-plugins/scripts/pnscan.nasl 2008-08-31 22:11:47 UTC (rev 1255) @@ -38,11 +38,8 @@ family["francais"] = "Scanners de ports"; script_family(english:family["english"], francais:family["francais"]); - script_dependencies("ping_host.nasl"); - if (NASL_LEVEL < 2181) exit(0); # Cannot run - script_add_preference(name:"Pnscan Timeout", type:"entry", value: ""); script_add_preference(name:"Pnscan Concurrent worker threads", type:"entry", value: ""); Modified: trunk/openvas-plugins/scripts/portbunny.nasl =================================================================== --- trunk/openvas-plugins/scripts/portbunny.nasl 2008-08-31 22:04:34 UTC (rev 1254) +++ trunk/openvas-plugins/scripts/portbunny.nasl 2008-08-31 22:11:47 UTC (rev 1255) @@ -41,8 +41,6 @@ family["francais"] = "Scanners de ports"; script_family(english:family["english"], francais:family["francais"]); - script_dependencies("ping_host.nasl"); - if (NASL_LEVEL < 2181) exit(0); # Cannot run From scm-commit at wald.intevation.org Mon Sep 1 00:13:54 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 1 Sep 2008 00:13:54 +0200 (CEST) Subject: [Openvas-commits] r1256 - in trunk/openvas-client: . nessus Message-ID: <20080831221354.4869E40761@pyrosoma.intevation.org> Author: jan Date: 2008-09-01 00:13:53 +0200 (Mon, 01 Sep 2008) New Revision: 1256 Modified: trunk/openvas-client/ChangeLog trunk/openvas-client/nessus/attack.c Log: * nessus/attack.c (attack_host): Removed some old commented out code (which was about NEW_ATTACK). Modified: trunk/openvas-client/ChangeLog =================================================================== --- trunk/openvas-client/ChangeLog 2008-08-31 22:11:47 UTC (rev 1255) +++ trunk/openvas-client/ChangeLog 2008-08-31 22:13:53 UTC (rev 1256) @@ -1,5 +1,10 @@ -2008-08-12 Javier Fernandez-Sanguino +2008-08-10 Jan-Oliver Wagner + * nessus/attack.c (attack_host): Removed some old commented + out code (which was about NEW_ATTACK). + +2008-08-22 Javier Fernandez-Sanguino + * po/es.po: Updated spanish translation. 2008-08-12 Michael Wiegand Modified: trunk/openvas-client/nessus/attack.c =================================================================== --- trunk/openvas-client/nessus/attack.c 2008-08-31 22:11:47 UTC (rev 1255) +++ trunk/openvas-client/nessus/attack.c 2008-08-31 22:13:53 UTC (rev 1256) @@ -185,9 +185,6 @@ } n+=m; } - /* network_printf("<|> CLIENT\n"); */ - /* network_printf("CLIENT <|> NEW_ATTACK <|> %s <|> CLIENT\n", hostname); */ - /* efree(&plug_list); (stored in SERVER_PREFS arglist) */ return 1; } else From scm-commit at wald.intevation.org Mon Sep 1 09:03:03 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 1 Sep 2008 09:03:03 +0200 (CEST) Subject: [Openvas-commits] r1257 - in trunk/openvas-client: . nessus Message-ID: <20080901070303.77BD640760@pyrosoma.intevation.org> Author: mwiegand Date: 2008-09-01 09:03:03 +0200 (Mon, 01 Sep 2008) New Revision: 1257 Modified: trunk/openvas-client/ChangeLog trunk/openvas-client/nessus/plugin_infos.c Log: * nessus/plugin_infos.c (plugin_info_window_setup): Add description when displaying plugin version. Modified: trunk/openvas-client/ChangeLog =================================================================== --- trunk/openvas-client/ChangeLog 2008-08-31 22:13:53 UTC (rev 1256) +++ trunk/openvas-client/ChangeLog 2008-09-01 07:03:03 UTC (rev 1257) @@ -1,5 +1,10 @@ -2008-08-10 Jan-Oliver Wagner +2008-09-01 Michael Wiegand + * nessus/plugin_infos.c (plugin_info_window_setup): Add description when + displaying plugin version. + +2008-09-01 Jan-Oliver Wagner + * nessus/attack.c (attack_host): Removed some old commented out code (which was about NEW_ATTACK). Modified: trunk/openvas-client/nessus/plugin_infos.c =================================================================== --- trunk/openvas-client/nessus/plugin_infos.c 2008-08-31 22:13:53 UTC (rev 1256) +++ trunk/openvas-client/nessus/plugin_infos.c 2008-09-01 07:03:03 UTC (rev 1257) @@ -367,10 +367,15 @@ } /* The Version */ - label = gtk_label_new( plugin->version ); - gtk_box_pack_start(GTK_BOX(vbox), label, FALSE,FALSE,0); - gtk_misc_set_alignment((GtkMisc *)label, 0, 1); - gtk_widget_show(label); + txt = plugin->version; + if( txt != NULL && txt[0] != '\0' ) + { + snprintf(buf, sizeof(buf), _("Plugin Version: %s"), txt); + label = gtk_label_new(buf); + gtk_box_pack_start(GTK_BOX(vbox), label, FALSE,FALSE,0); + gtk_misc_set_alignment((GtkMisc *)label, 0, 1); + gtk_widget_show(label); + } /* A separator */ separator = gtk_hseparator_new(); From scm-commit at wald.intevation.org Mon Sep 1 09:36:09 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 1 Sep 2008 09:36:09 +0200 (CEST) Subject: [Openvas-commits] r1258 - trunk/openvas-plugins Message-ID: <20080901073609.3F9574076C@pyrosoma.intevation.org> Author: kost Date: 2008-09-01 09:36:08 +0200 (Mon, 01 Sep 2008) New Revision: 1258 Modified: trunk/openvas-plugins/ChangeLog Log: Corrected reporting of code taken from Nessus (more detailed where the code was taken from). Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2008-09-01 07:03:03 UTC (rev 1257) +++ trunk/openvas-plugins/ChangeLog 2008-09-01 07:36:08 UTC (rev 1258) @@ -18,7 +18,7 @@ * plugins/openvas_tcp_scanner/openvas_tcp_scanner.c: added support to run openvas_tcp_scanner as standalone scanner - for easier debugging (taken from nessus2 GPL) + for easier debugging (taken from nessus release 2.2.11 GPL) 2008-08-28 Chandrashekhar B From scm-commit at wald.intevation.org Mon Sep 1 09:56:15 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 1 Sep 2008 09:56:15 +0200 (CEST) Subject: [Openvas-commits] r1259 - trunk/openvas-plugins Message-ID: <20080901075615.BB54E4076C@pyrosoma.intevation.org> Author: kost Date: 2008-09-01 09:56:15 +0200 (Mon, 01 Sep 2008) New Revision: 1259 Modified: trunk/openvas-plugins/ChangeLog Log: Added detailed description of taken code for url_func.inc, it's amap.nasl from OpenVAS SVN openvas-plugins (Revision: 1257). Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2008-09-01 07:36:08 UTC (rev 1258) +++ trunk/openvas-plugins/ChangeLog 2008-09-01 07:56:15 UTC (rev 1259) @@ -7,6 +7,8 @@ * scripts/url_func.inc: started implementation of standard (nessus compatible) URL library of functions + code taken from amap.nasl from svn of openvas-plugins + (Revision: 1257) 2008-08-31 Vlatko Kosturjak From scm-commit at wald.intevation.org Mon Sep 1 10:14:38 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 1 Sep 2008 10:14:38 +0200 (CEST) Subject: [Openvas-commits] r1260 - trunk/openvas-plugins/scripts Message-ID: <20080901081438.C5DC04076D@pyrosoma.intevation.org> Author: chandra Date: 2008-09-01 10:14:37 +0200 (Mon, 01 Sep 2008) New Revision: 1260 Modified: trunk/openvas-plugins/scripts/url_func.inc Log: Added URL Encode and Decode functions Modified: trunk/openvas-plugins/scripts/url_func.inc =================================================================== --- trunk/openvas-plugins/scripts/url_func.inc 2008-09-01 07:56:15 UTC (rev 1259) +++ trunk/openvas-plugins/scripts/url_func.inc 2008-09-01 08:14:37 UTC (rev 1260) @@ -5,6 +5,12 @@ # TODO: # - implement free/GPL urldecode and urlencode functions # (in order to fully implement this include) +# +# Added: +# - URL Encode function +# - URL Decode function +# Chandan S(schandan at secpod.com) +# global_var HEX_LOWERCASE, HEX_UPPERCASE; HEX_LOWERCASE=1; @@ -35,3 +41,71 @@ return ret; } + ############################################################### + # Function Name 'urlencode' + ############################################################### + + function urlencode(str, unreserved) + { + local_var estr; + char_set = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; + num_set = "0123456789"; + specl_char_set = "_-.!~*'()"; + unreserv_chars = char_set + num_set + specl_char_set; + + if(unreserved != NULL){ + unreserv_chars = unreserv_chars + unreserved; + } + + for(i=0; i", replace:"", icase:1); + return(dstr); + } From scm-commit at wald.intevation.org Mon Sep 1 10:17:04 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 1 Sep 2008 10:17:04 +0200 (CEST) Subject: [Openvas-commits] r1261 - trunk/openvas-plugins Message-ID: <20080901081704.DB8964076D@pyrosoma.intevation.org> Author: chandra Date: 2008-09-01 10:17:04 +0200 (Mon, 01 Sep 2008) New Revision: 1261 Modified: trunk/openvas-plugins/ChangeLog Log: Added URL Encode and Decode functions Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2008-09-01 08:14:37 UTC (rev 1260) +++ trunk/openvas-plugins/ChangeLog 2008-09-01 08:17:04 UTC (rev 1261) @@ -1,3 +1,6 @@ +2008-09-01 Chandrashekhar B + * scripts/url_func.inc: Added URL Encode and Decode functions + 2008-08-31 Vlatko Kosturjak * scripts/ike-scan.nasl, scripts/pnscan.nasl, scripts/portbunny.nasl: From scm-commit at wald.intevation.org Mon Sep 1 10:29:27 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 1 Sep 2008 10:29:27 +0200 (CEST) Subject: [Openvas-commits] r1262 - in trunk/openvas-plugins: . scripts Message-ID: <20080901082927.28E934076D@pyrosoma.intevation.org> Author: kost Date: 2008-09-01 10:29:26 +0200 (Mon, 01 Sep 2008) New Revision: 1262 Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/scripts/url_func.inc Log: removed TODO items as they are implemented, thanks to Chandrashekhar Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2008-09-01 08:17:04 UTC (rev 1261) +++ trunk/openvas-plugins/ChangeLog 2008-09-01 08:29:26 UTC (rev 1262) @@ -1,3 +1,7 @@ +2008-09-01 Vlatko Kosturjak + * scripts/url_func.inc: removed TODO items as they are implemented, + thanks to Chandrashekhar + 2008-09-01 Chandrashekhar B * scripts/url_func.inc: Added URL Encode and Decode functions Modified: trunk/openvas-plugins/scripts/url_func.inc =================================================================== --- trunk/openvas-plugins/scripts/url_func.inc 2008-09-01 08:17:04 UTC (rev 1261) +++ trunk/openvas-plugins/scripts/url_func.inc 2008-09-01 08:29:26 UTC (rev 1262) @@ -1,16 +1,8 @@ # Implementation of nessus compatible includes # Vlatko Kosturjak # Distributed under GPL -# -# TODO: -# - implement free/GPL urldecode and urlencode functions -# (in order to fully implement this include) -# -# Added: -# - URL Encode function -# - URL Decode function +# URL encode & decode functions: # Chandan S(schandan at secpod.com) -# global_var HEX_LOWERCASE, HEX_UPPERCASE; HEX_LOWERCASE=1; From scm-commit at wald.intevation.org Mon Sep 1 10:33:32 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 1 Sep 2008 10:33:32 +0200 (CEST) Subject: [Openvas-commits] r1263 - in trunk/openvas-plugins: . scripts Message-ID: <20080901083332.C36134076D@pyrosoma.intevation.org> Author: kost Date: 2008-09-01 10:33:31 +0200 (Mon, 01 Sep 2008) New Revision: 1263 Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/scripts/amap.nasl trunk/openvas-plugins/scripts/nmap.nasl Log: commented out dependency on proprietary plugin (ping_host.nasl) which is not really neccessary, we can uncomment it - once when we implement it we can uncomment it Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2008-09-01 08:29:26 UTC (rev 1262) +++ trunk/openvas-plugins/ChangeLog 2008-09-01 08:33:31 UTC (rev 1263) @@ -1,8 +1,16 @@ +2008-08-31 Vlatko Kosturjak + + * scripts/amap.nasl, scripts/nmap.nasl: commented out dependency + on proprietary plugin (ping_host.nasl), once when we implement, + we can uncomment it + 2008-09-01 Vlatko Kosturjak + * scripts/url_func.inc: removed TODO items as they are implemented, thanks to Chandrashekhar 2008-09-01 Chandrashekhar B + * scripts/url_func.inc: Added URL Encode and Decode functions 2008-08-31 Vlatko Kosturjak Modified: trunk/openvas-plugins/scripts/amap.nasl =================================================================== --- trunk/openvas-plugins/scripts/amap.nasl 2008-09-01 08:29:26 UTC (rev 1262) +++ trunk/openvas-plugins/scripts/amap.nasl 2008-09-01 08:33:31 UTC (rev 1263) @@ -34,7 +34,9 @@ family["francais"] = "Scanners de ports"; script_family(english:family["english"], francais:family["francais"]); - script_dependencies("ping_host.nasl"); +# commented out dependency on proprietary plugin, once when we implement +# it, we can uncomment it +# script_dependencies("ping_host.nasl"); if (NASL_LEVEL < 2181) exit(0); # Cannot run Modified: trunk/openvas-plugins/scripts/nmap.nasl =================================================================== --- trunk/openvas-plugins/scripts/nmap.nasl 2008-09-01 08:29:26 UTC (rev 1262) +++ trunk/openvas-plugins/scripts/nmap.nasl 2008-09-01 08:33:31 UTC (rev 1263) @@ -39,7 +39,9 @@ family["francais"] = "Scanners de ports"; script_family(english:family["english"], francais:family["francais"]); - script_dependencies("ping_host.nasl"); +# commented out dependency on proprietary plugin, once when we implement +# it, we can uncomment it +# script_dependencies("ping_host.nasl"); if (NASL_LEVEL < 2181) exit(0); # Cannot run From scm-commit at wald.intevation.org Mon Sep 1 10:35:30 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 1 Sep 2008 10:35:30 +0200 (CEST) Subject: [Openvas-commits] r1264 - trunk/openvas-plugins Message-ID: <20080901083530.E9FF24076D@pyrosoma.intevation.org> Author: kost Date: 2008-09-01 10:35:30 +0200 (Mon, 01 Sep 2008) New Revision: 1264 Modified: trunk/openvas-plugins/ChangeLog Log: Fixed last item date in ChangeLog Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2008-09-01 08:33:31 UTC (rev 1263) +++ trunk/openvas-plugins/ChangeLog 2008-09-01 08:35:30 UTC (rev 1264) @@ -1,4 +1,4 @@ -2008-08-31 Vlatko Kosturjak +2008-09-01 Vlatko Kosturjak * scripts/amap.nasl, scripts/nmap.nasl: commented out dependency on proprietary plugin (ping_host.nasl), once when we implement, From scm-commit at wald.intevation.org Mon Sep 1 10:54:49 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 1 Sep 2008 10:54:49 +0200 (CEST) Subject: [Openvas-commits] r1265 - in trunk/openvas-plugins: . scripts Message-ID: <20080901085449.816024076D@pyrosoma.intevation.org> Author: kost Date: 2008-09-01 10:54:48 +0200 (Mon, 01 Sep 2008) New Revision: 1265 Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/scripts/netstat_portscan.nasl trunk/openvas-plugins/scripts/snmpwalk_portscan.nasl Log: commented out dependency on proprietary plugin (ping_host.nasl) in other port scanners, once when we implement, we can uncomment it. Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2008-09-01 08:35:30 UTC (rev 1264) +++ trunk/openvas-plugins/ChangeLog 2008-09-01 08:54:48 UTC (rev 1265) @@ -1,5 +1,11 @@ 2008-09-01 Vlatko Kosturjak + * scripts/snmpwalk_portscan.nasl, scripts/netstat_portscan.nasl: + commented out dependency on proprietary plugin (ping_host.nasl) + in other port scanners, once when we implement, we can uncomment it. + +2008-09-01 Vlatko Kosturjak + * scripts/amap.nasl, scripts/nmap.nasl: commented out dependency on proprietary plugin (ping_host.nasl), once when we implement, we can uncomment it Modified: trunk/openvas-plugins/scripts/netstat_portscan.nasl =================================================================== --- trunk/openvas-plugins/scripts/netstat_portscan.nasl 2008-09-01 08:35:30 UTC (rev 1264) +++ trunk/openvas-plugins/scripts/netstat_portscan.nasl 2008-09-01 08:54:48 UTC (rev 1265) @@ -34,7 +34,10 @@ family["francais"] = "Scanners de ports"; script_family(english:family["english"], francais:family["francais"]); - script_dependencies("ping_host.nasl", "ssh_authorization.nasl"); +# commented out dependency on proprietary plugin, once when we implement +# it, we can uncomment it +# script_dependencies("ping_host.nasl", "ssh_authorization.nasl"); + script_dependencies("ssh_authorization.nasl"); exit(0); } Modified: trunk/openvas-plugins/scripts/snmpwalk_portscan.nasl =================================================================== --- trunk/openvas-plugins/scripts/snmpwalk_portscan.nasl 2008-09-01 08:35:30 UTC (rev 1264) +++ trunk/openvas-plugins/scripts/snmpwalk_portscan.nasl 2008-09-01 08:54:48 UTC (rev 1265) @@ -34,7 +34,9 @@ family["francais"] = "Scanners de ports"; script_family(english:family["english"], francais:family["francais"]); - script_dependencies("ping_host.nasl"); +# commented out dependency on proprietary plugin, once when we implement +# it, we can uncomment it +# script_dependencies("ping_host.nasl"); if (NASL_LEVEL < 2181) exit(0); # Cannot run From scm-commit at wald.intevation.org Mon Sep 1 11:14:28 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 1 Sep 2008 11:14:28 +0200 (CEST) Subject: [Openvas-commits] r1266 - in trunk/openvas-plugins: . plugins/openvas_tcp_scanner plugins/synscan Message-ID: <20080901091428.36DB64077A@pyrosoma.intevation.org> Author: kost Date: 2008-09-01 11:14:28 +0200 (Mon, 01 Sep 2008) New Revision: 1266 Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/plugins/openvas_tcp_scanner/openvas_tcp_scanner.c trunk/openvas-plugins/plugins/synscan/synscan.c Log: commented out dependency on proprietary plugin (ping_host.nasl) in port scanners in C, once when we implement, we can uncomment it. Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2008-09-01 08:54:48 UTC (rev 1265) +++ trunk/openvas-plugins/ChangeLog 2008-09-01 09:14:28 UTC (rev 1266) @@ -1,5 +1,12 @@ 2008-09-01 Vlatko Kosturjak + * plugins/openvas_tcp_scanner/openvas_tcp_scanner.c, + plugins/synscan/synscan.c: + commented out dependency on proprietary plugin (ping_host.nasl) + in port scanners in C, once when we implement, we can uncomment it. + +2008-09-01 Vlatko Kosturjak + * scripts/snmpwalk_portscan.nasl, scripts/netstat_portscan.nasl: commented out dependency on proprietary plugin (ping_host.nasl) in other port scanners, once when we implement, we can uncomment it. Modified: trunk/openvas-plugins/plugins/openvas_tcp_scanner/openvas_tcp_scanner.c =================================================================== --- trunk/openvas-plugins/plugins/openvas_tcp_scanner/openvas_tcp_scanner.c 2008-09-01 08:54:48 UTC (rev 1265) +++ trunk/openvas-plugins/plugins/openvas_tcp_scanner/openvas_tcp_scanner.c 2008-09-01 09:14:28 UTC (rev 1266) @@ -78,7 +78,9 @@ plug_set_family(desc, "Scanners de ports", "francais"); plug_set_family(desc, "Port scanners", NULL); - plug_set_dep(desc, "ping_host.nasl"); + /* commented out dependency on proprietary plugin, once when + we implement it, we can uncomment it */ + /* plug_set_dep(desc, "ping_host.nasl"); */ return(0); } #endif Modified: trunk/openvas-plugins/plugins/synscan/synscan.c =================================================================== --- trunk/openvas-plugins/plugins/synscan/synscan.c 2008-09-01 08:54:48 UTC (rev 1265) +++ trunk/openvas-plugins/plugins/synscan/synscan.c 2008-09-01 09:14:28 UTC (rev 1266) @@ -691,7 +691,9 @@ plug_set_category(desc, ACT_SCANNER); plug_set_family(desc, EN_FAMILY, NULL); - plug_set_dep(desc, "ping_host.nasl"); + /* commented out dependency on proprietary plugin, once when + we implement it, we can uncomment it */ + /* plug_set_dep(desc, "ping_host.nasl"); */ return (0); } From scm-commit at wald.intevation.org Mon Sep 1 16:43:54 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 1 Sep 2008 16:43:54 +0200 (CEST) Subject: [Openvas-commits] r1267 - in trunk/openvas-server: . doc openvasd Message-ID: <20080901144354.C61E540784@pyrosoma.intevation.org> Author: jan Date: 2008-09-01 16:43:53 +0200 (Mon, 01 Sep 2008) New Revision: 1267 Modified: trunk/openvas-server/ChangeLog trunk/openvas-server/doc/otp_specification_10.txt trunk/openvas-server/openvasd/comm.c trunk/openvas-server/openvasd/openvasd.c Log: Making protocol extension "dependencies" standard. * openvasd/comm.c (extract_extensions): Removed handling of "dependencies" extension. * openvasd/openvasd.c (server_thread): Always send dependencies. * doc/otp_specification_10.txt: Updated to described that protocol extension dependencies has been made standard. Modified: trunk/openvas-server/ChangeLog =================================================================== --- trunk/openvas-server/ChangeLog 2008-09-01 09:14:28 UTC (rev 1266) +++ trunk/openvas-server/ChangeLog 2008-09-01 14:43:53 UTC (rev 1267) @@ -1,3 +1,15 @@ +2008-09-01 Jan-Oliver Wagner + + Making protocol extension "dependencies" standard. + + * openvasd/comm.c (extract_extensions): Removed handling + of "dependencies" extension. + + * openvasd/openvasd.c (server_thread): Always send dependencies. + + * doc/otp_specification_10.txt: Updated to described + that protocol extension dependencies has been made standard. + 2008-08-31 Jan-Oliver Wagner Remove NEW_ATTACK command. Modified: trunk/openvas-server/doc/otp_specification_10.txt =================================================================== --- trunk/openvas-server/doc/otp_specification_10.txt 2008-09-01 09:14:28 UTC (rev 1266) +++ trunk/openvas-server/doc/otp_specification_10.txt 2008-09-01 14:43:53 UTC (rev 1267) @@ -70,6 +70,10 @@ was limited to 4000 bytes. The OpenVAS-Client (and so did NessusClient) used only LONG_ATTACK anyway. + Protocol extensions: + These protocol extensions have been made standard of the OTP + protocol: "dependencies". + GENERAL ASPECTS OF PROTOCOL The OTP protocol is text-based, human readable and line-oriented. @@ -85,7 +89,6 @@ the protocol version followed by parameters switching on various features. Available protocol features are: - dependencies (server will use command PLUGINS_DEPENDENCIES) timestamps (server will use command TIME) plugins_version (server will add revision to plugin information) plugins_cve_id (server will add cve id to plugin information) @@ -292,9 +295,7 @@ Description: - The PLUGINS_DEPENDENCIES messages are send after the RULES messages - in case the protocol feature "dependencies" was set during protocol - initialization. + The PLUGINS_DEPENDENCIES messages are send after the RULES messages. Syntax: Modified: trunk/openvas-server/openvasd/comm.c =================================================================== --- trunk/openvas-server/openvasd/comm.c 2008-09-01 09:14:28 UTC (rev 1266) +++ trunk/openvas-server/openvasd/comm.c 2008-09-01 14:43:53 UTC (rev 1267) @@ -113,13 +113,6 @@ */ else if(!strcmp(t, "dns")) caps->dns = 1; - - /* - * We show the plugins dependencies through the use - * of the DEPENDENCIES message - */ - else if(!strcmp(t, "dependencies")) - caps->dependencies = 1; /* * Immediately jump to the wait order Modified: trunk/openvas-server/openvasd/openvasd.c =================================================================== --- trunk/openvas-server/openvasd/openvasd.c 2008-09-01 09:14:28 UTC (rev 1266) +++ trunk/openvas-server/openvasd/openvasd.c 2008-09-01 14:43:53 UTC (rev 1267) @@ -442,8 +442,7 @@ if(caps->ntp_11){ comm_send_preferences(globals); comm_send_rules(globals); - if(caps->dependencies) - ntp_1x_send_dependencies(globals); + ntp_1x_send_dependencies(globals); } } else if(caps->md5_caching) From scm-commit at wald.intevation.org Mon Sep 1 16:47:17 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 1 Sep 2008 16:47:17 +0200 (CEST) Subject: [Openvas-commits] r1268 - in trunk/openvas-client: . nessus Message-ID: <20080901144717.19D6C40784@pyrosoma.intevation.org> Author: jan Date: 2008-09-01 16:47:16 +0200 (Mon, 01 Sep 2008) New Revision: 1268 Modified: trunk/openvas-client/ChangeLog trunk/openvas-client/nessus/nessus.h Log: * nessus/nessus.h: Removed "dependecies" as protocol extension for OTP1.0 (it is default now). Modified: trunk/openvas-client/ChangeLog =================================================================== --- trunk/openvas-client/ChangeLog 2008-09-01 14:43:53 UTC (rev 1267) +++ trunk/openvas-client/ChangeLog 2008-09-01 14:47:16 UTC (rev 1268) @@ -1,3 +1,8 @@ +2008-09-01 Jan-Oliver Wagner + + * nessus/nessus.h: Removed "dependecies" as protocol extension + for OTP1.0 (it is default now). + 2008-09-01 Michael Wiegand * nessus/plugin_infos.c (plugin_info_window_setup): Add description when Modified: trunk/openvas-client/nessus/nessus.h =================================================================== --- trunk/openvas-client/nessus/nessus.h 2008-09-01 14:43:53 UTC (rev 1267) +++ trunk/openvas-client/nessus/nessus.h 2008-09-01 14:47:16 UTC (rev 1268) @@ -39,7 +39,7 @@ #define DEFAULT_SERVER "localhost" #define PROTO_NAME "< NTP/1.2 >< plugins_cve_id plugins_version plugins_bugtraq_id plugins_xrefs timestamps dependencies %s >\n" -#define PROTO_NAME_OTP "< OTP/1.0 >< plugins_cve_id plugins_version plugins_bugtraq_id plugins_xrefs timestamps dependencies %s >\n" +#define PROTO_NAME_OTP "< OTP/1.0 >< plugins_cve_id plugins_version plugins_bugtraq_id plugins_xrefs timestamps %s >\n" # define SSL_VER_DEF_NAME "TLSv1" # define SSL_VER_DEF_METH TLSv1_client_method From scm-commit at wald.intevation.org Mon Sep 1 21:58:44 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 1 Sep 2008 21:58:44 +0200 (CEST) Subject: [Openvas-commits] r1269 - in trunk/openvas-server: . doc openvasd Message-ID: <20080901195844.14AAA40784@pyrosoma.intevation.org> Author: jan Date: 2008-09-01 21:58:43 +0200 (Mon, 01 Sep 2008) New Revision: 1269 Modified: trunk/openvas-server/ChangeLog trunk/openvas-server/doc/otp_specification_10.txt trunk/openvas-server/openvasd/comm.c Log: Making protocol extension "plugins_version", "plugins_cve_id", "plugins_bugtraq_id" and "plugins_xrefs" standard. * openvasd/comm.c (extract_extensions): Removed handling of "plugins_version" "plugins_cve_id", "plugins_bugtraq_id" and "plugins_xrefs" extension. (send_plug_info): Always send NVT version, CVE ID, Bugtraq ID and cross references. * doc/otp_specification_10.txt: Updated to described that protocol extension "plugins_version", "plugins_cve_id", plugins_bugtraq_id" and "plugins_xrefs" have been made standard. Modified: trunk/openvas-server/ChangeLog =================================================================== --- trunk/openvas-server/ChangeLog 2008-09-01 14:47:16 UTC (rev 1268) +++ trunk/openvas-server/ChangeLog 2008-09-01 19:58:43 UTC (rev 1269) @@ -1,5 +1,20 @@ 2008-09-01 Jan-Oliver Wagner + Making protocol extension "plugins_version", "plugins_cve_id", + "plugins_bugtraq_id" and "plugins_xrefs" standard. + + * openvasd/comm.c (extract_extensions): Removed handling + of "plugins_version" "plugins_cve_id", "plugins_bugtraq_id" + and "plugins_xrefs" extension. + (send_plug_info): Always send NVT version, CVE ID, Bugtraq ID + and cross references. + + * doc/otp_specification_10.txt: Updated to described + that protocol extension "plugins_version", "plugins_cve_id", + plugins_bugtraq_id" and "plugins_xrefs" have been made standard. + +2008-09-01 Jan-Oliver Wagner + Making protocol extension "dependencies" standard. * openvasd/comm.c (extract_extensions): Removed handling Modified: trunk/openvas-server/doc/otp_specification_10.txt =================================================================== --- trunk/openvas-server/doc/otp_specification_10.txt 2008-09-01 14:47:16 UTC (rev 1268) +++ trunk/openvas-server/doc/otp_specification_10.txt 2008-09-01 19:58:43 UTC (rev 1269) @@ -72,7 +72,8 @@ Protocol extensions: These protocol extensions have been made standard of the OTP - protocol: "dependencies". + protocol: "dependencies", "plugins_version", "plugins_cve_id", + "plugins_bugtraq_id" and "plugins_xrefs". GENERAL ASPECTS OF PROTOCOL @@ -90,9 +91,6 @@ on various features. Available protocol features are: timestamps (server will use command TIME) - plugins_version (server will add revision to plugin information) - plugins_cve_id (server will add cve id to plugin information) - plugins_bugtraq_id (server will add bugtraq id to plugin information) md5_caching (server will use the MD5 caching feature) Syntax: @@ -344,25 +342,8 @@ The server answers with this line (analogous to PLUGIN_LIST command): - oid <|> name <|> category <|> copyright <|> description <|> summary <|> family + oid <|> name <|> category <|> copyright <|> description <|> summary <|> family <|> plugin_version <|> cve_id <|> bugtraq_id <|> xrefs - The following extensions are appended in the given order: - - In case protocol feature "plugins_version" is selected, the respective - plugin_version is appended to the line: - - oid <|> name <|> category <|> copyright <|> description <|> summary <|> family <|> plugin_version - - In case protocol feature "plugins_cve_id" is selected, the respective - cve_id is appended to the line, e.g.: - - oid <|> name <|> category <|> copyright <|> description <|> summary <|> family <|> plugin_version <|> cve_id - - In case protocol feature "plugins_bugtraq_id" is selected, the respective - bugtraq_id is appended to the line, e.g.: - - oid <|> name <|> category <|> copyright <|> description <|> summary <|> family <|> plugin_version <|> cve_id <|> bugtraq_id - In case no plugin with OID=oid is found, the server will not answer at all. PLUGIN_LIST @@ -374,17 +355,17 @@ The server will send PREFERENCES and RULES right after this command. + The client might request individual NVT information via PLUGIN_INFO + command. + Syntax: SERVER <|> PLUGIN_LIST <|> - oid <|> name <|> category <|> copyright <|> description <|> summary <|> family - oid <|> name <|> category <|> copyright <|> description <|> summary <|> family + oid <|> name <|> category <|> copyright <|> description <|> summary <|> family <|> plugin_version <|> cve_id <|> bugtraq_id <|> xrefs + oid <|> name <|> category <|> copyright <|> description <|> summary <|> family <|> plugin_version <|> cve_id <|> bugtraq_id <|> xrefs ... <|> SERVER - Additional information might be apended according to some procotol features. - Please refer to the description of the PLUGIN_INFO command for details. - PORT Description: Modified: trunk/openvas-server/openvasd/comm.c =================================================================== --- trunk/openvas-server/openvasd/comm.c 2008-09-01 14:47:16 UTC (rev 1268) +++ trunk/openvas-server/openvasd/comm.c 2008-09-01 19:58:43 UTC (rev 1269) @@ -80,32 +80,13 @@ else if(!strcmp(t, "md5_by_name")) caps->md5_by_name = 1; - + + caps->plugins_xrefs = 1; + /* - * We send the plugins versions to the client - */ - else if(!strcmp(t, "plugins_version")) - caps->plugins_version = 1; - - /* - * We send the CVE id - */ - else if(!strcmp(t, "plugins_cve_id")) - caps->plugins_cve_id = 1; - - /* - * We send the Bugtraq ID - */ - else if(!strcmp(t, "plugins_bugtraq_id")) - caps->plugins_bugtraq_id = 1; - - else if(!strcmp(t, "plugins_xrefs")) - caps->plugins_xrefs = 1; - - /* * We send timestamps to the client */ - else if(!strcmp(t, "timestamps")) + if(!strcmp(t, "timestamps")) caps->timestamps = 1; /* @@ -219,8 +200,7 @@ char * t; const char *a, *b, *d, *e = NULL; char * desc = NULL; - ntp_caps * caps = arg_get_value(globals, "ntp_caps"); - + args = plugins->value; if(plug_get_id(args) == 0) plug_set_id(args, i); @@ -234,12 +214,9 @@ j = plug_get_category(args); if(j >= CAT_MAX || j < ACT_FIRST) j = CAT_MAX - 1; - if(caps->plugins_version) - { - e = plug_get_version(args); - if(!e)e = "?"; - } - + e = plug_get_version(args); + if(!e)e = "?"; + if ((a = plug_get_name(args)) == NULL || (b = plug_get_copyright(args)) == NULL || desc == NULL || @@ -275,38 +252,31 @@ categories[j], b, desc, d, plug_get_family(args)); - - if(caps->plugins_version != 0) - { - strcat(str, " <|> "); - strcat(str, e); - } - - if(caps->plugins_cve_id) + + strcat(str, " <|> "); + strcat(str, e); + { - char * id = plug_get_cve_id(args); - if(id == NULL)id = "NOCVE"; - strcat(str, " <|> "); - strcat(str, id); + char * id = plug_get_cve_id(args); + if(id == NULL)id = "NOCVE"; + strcat(str, " <|> "); + strcat(str, id); } - - if(caps->plugins_bugtraq_id) + { char * bid = plug_get_bugtraq_id(args); if(bid == NULL)bid = "NOBID"; strcat(str, " <|> "); strcat(str, bid); } - - if(caps->plugins_xrefs) + { char * xref = plug_get_xref(args); if(xref == NULL)xref = "NOXREF"; strcat(str, " <|> "); strcat(str, xref); } - - + auth_printf(globals, "%s\n", str); efree(&str); } From scm-commit at wald.intevation.org Mon Sep 1 21:59:25 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 1 Sep 2008 21:59:25 +0200 (CEST) Subject: [Openvas-commits] r1270 - in trunk/openvas-client: . nessus Message-ID: <20080901195925.019CF40784@pyrosoma.intevation.org> Author: jan Date: 2008-09-01 21:59:25 +0200 (Mon, 01 Sep 2008) New Revision: 1270 Modified: trunk/openvas-client/ChangeLog trunk/openvas-client/nessus/nessus.h Log: * nessus/nessus.h: Removed "plugins_version", "plugins_cve_id", "plugins_bugtraq_id" and plugins_xrefs as protocol extension for OTP1.0 (it is default now). Modified: trunk/openvas-client/ChangeLog =================================================================== --- trunk/openvas-client/ChangeLog 2008-09-01 19:58:43 UTC (rev 1269) +++ trunk/openvas-client/ChangeLog 2008-09-01 19:59:25 UTC (rev 1270) @@ -1,5 +1,11 @@ 2008-09-01 Jan-Oliver Wagner + * nessus/nessus.h: Removed "plugins_version", "plugins_cve_id", + "plugins_bugtraq_id" and plugins_xrefs as protocol extension for + OTP1.0 (it is default now). + +2008-09-01 Jan-Oliver Wagner + * nessus/nessus.h: Removed "dependecies" as protocol extension for OTP1.0 (it is default now). Modified: trunk/openvas-client/nessus/nessus.h =================================================================== --- trunk/openvas-client/nessus/nessus.h 2008-09-01 19:58:43 UTC (rev 1269) +++ trunk/openvas-client/nessus/nessus.h 2008-09-01 19:59:25 UTC (rev 1270) @@ -39,7 +39,7 @@ #define DEFAULT_SERVER "localhost" #define PROTO_NAME "< NTP/1.2 >< plugins_cve_id plugins_version plugins_bugtraq_id plugins_xrefs timestamps dependencies %s >\n" -#define PROTO_NAME_OTP "< OTP/1.0 >< plugins_cve_id plugins_version plugins_bugtraq_id plugins_xrefs timestamps %s >\n" +#define PROTO_NAME_OTP "< OTP/1.0 >< timestamps %s >\n" # define SSL_VER_DEF_NAME "TLSv1" # define SSL_VER_DEF_METH TLSv1_client_method From scm-commit at wald.intevation.org Tue Sep 2 07:37:56 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 2 Sep 2008 07:37:56 +0200 (CEST) Subject: [Openvas-commits] r1271 - trunk/openvas-plugins/scripts Message-ID: <20080902053756.A34CD40784@pyrosoma.intevation.org> Author: chandra Date: 2008-09-02 07:37:55 +0200 (Tue, 02 Sep 2008) New Revision: 1271 Modified: trunk/openvas-plugins/scripts/secpod_openvpn_client_code_exec_vuln_900024.nasl trunk/openvas-plugins/scripts/secpod_opera_detection_linux_900037.nasl trunk/openvas-plugins/scripts/secpod_pidgin_intgr_overflow_lin_900009.nasl trunk/openvas-plugins/scripts/secpod_pidgin_ssl_sec_bypass_vuln_lin_900022.nasl trunk/openvas-plugins/scripts/secpod_python_mult_vuln_lin_900106.nasl trunk/openvas-plugins/scripts/secpod_ssh_sys_info.nasl trunk/openvas-plugins/scripts/secpod_wireshark_mult_vuln_july08_lin_900011.nasl trunk/openvas-plugins/scripts/secpod_xine-lib_mult_code_exe_dos_vuln_900111.nasl Log: Updated the dependent plugins for changes in secpod_ssh_sys_info.nasl Modified: trunk/openvas-plugins/scripts/secpod_openvpn_client_code_exec_vuln_900024.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_openvpn_client_code_exec_vuln_900024.nasl 2008-09-01 19:59:25 UTC (rev 1270) +++ trunk/openvas-plugins/scripts/secpod_openvpn_client_code_exec_vuln_900024.nasl 2008-09-02 05:37:55 UTC (rev 1271) @@ -6,7 +6,7 @@ # # Date Written: 2008/08/08 # -# Revision: 1.1 +# Revision: 1.2 # # Log: schandan # Issue #0095 @@ -28,7 +28,7 @@ script_bugtraq_id(30532); script_cve_id("CVE-2008-3459"); script_copyright(english:"Copyright (C) 2008 SecPod"); - script_version("$Revision: 1.1 $"); + script_version("$Revision: 1.2 $"); script_category(ACT_GATHER_INFO); script_family(english:"Misc."); script_name(english:"OpenVPN Client Remote Code Execution Vulnerability"); @@ -71,24 +71,24 @@ script_description(english:desc["english"]); script_dependencies("secpod_ssh_sys_info.nasl"); - script_require_keys("Host/uname"); + script_require_keys("ssh/login/uname"); exit(0); } include("ssh_func.inc"); - if("Linux" >!< get_kb_item("Host/uname")){ + if("Linux" >!< get_kb_item("ssh/login/uname")){ exit(0); } - foreach item (get_kb_list("Host/*/rpm-list")) + foreach item (get_kb_list("ssh/*/rpms")) { - if("openvpn-" >< item) + if("openvpn~" >< item) { # Grep for openvpn 2.1-beta14 to 2.1-rc8 - if(egrep(pattern:"^openvpn-2.1-.*(beta14|rc[0-8])($|[^0-9])", + if(egrep(pattern:"^openvpn~2.1~.*(beta14|rc[0-8])($|[^0-9])", string:item)){ security_hole(0); } Modified: trunk/openvas-plugins/scripts/secpod_opera_detection_linux_900037.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_opera_detection_linux_900037.nasl 2008-09-01 19:59:25 UTC (rev 1270) +++ trunk/openvas-plugins/scripts/secpod_opera_detection_linux_900037.nasl 2008-09-02 05:37:55 UTC (rev 1271) @@ -6,7 +6,7 @@ # # Date Written: 2008/08/21 # -# Revision: 1.1 +# Revision: 1.2 # # Log: schandan # Issue #0136 @@ -26,7 +26,7 @@ { script_id(900037); script_copyright(english:"Copyright (C) 2008 SecPod"); - script_version("$Revision: 1.1 $"); + script_version("Revision: 1.2 "); script_category(ACT_GATHER_INFO); script_family(english:"General"); script_name(english:"Opera Version Detection for Linux"); @@ -38,24 +38,24 @@ Risk factor : Informational"; script_description(english:desc["english"]); script_dependencies("secpod_ssh_sys_info.nasl"); - script_require_keys("Host/uname"); + script_require_keys("ssh/login/uname"); exit(0); } include("ssh_func.inc"); - if("Linux" >!< get_kb_item("Host/uname")){ + if("Linux" >!< get_kb_item("ssh/login/uname")){ exit(0); } - rpmLists = get_kb_list("Host/*/rpm-list"); + rpmLists = get_kb_list("ssh/*/rpms"); foreach rpmList (rpmLists) { - opera = egrep(pattern:"opera-", string:rpmList); + opera = egrep(pattern:"opera~", string:rpmList); if(opera) { - operaVer = split(opera, sep:"-", keep:0); + operaVer = split(opera, sep:"~", keep:0); set_kb_item(name:"Opera/Linux/Version", value:operaVer[1]); exit(0); } Modified: trunk/openvas-plugins/scripts/secpod_pidgin_intgr_overflow_lin_900009.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_pidgin_intgr_overflow_lin_900009.nasl 2008-09-01 19:59:25 UTC (rev 1270) +++ trunk/openvas-plugins/scripts/secpod_pidgin_intgr_overflow_lin_900009.nasl 2008-09-02 05:37:55 UTC (rev 1271) @@ -6,7 +6,7 @@ # # Date Written: 2008/07/11 # -# Revision: 1.2 +# Revision: 1.3 # # Log: schandan # Issue #0032 @@ -29,7 +29,7 @@ script_bugtraq_id(29956); script_cve_id("CVE-2008-2927"); script_copyright(english:"Copyright (C) 2008 SecPod"); - script_version("$Revision: 1.2 $"); + script_version("Revision: 1.3 "); script_category(ACT_GATHER_INFO); script_family(english:"Misc."); script_name(english:"Pidgin MSN SLP Message Integer Overflow Vulnerabilities (Linux)"); @@ -51,7 +51,7 @@ Impact Level : SYSTEM Affected Software/OS: - - Pidgin Version prior to 2.4.3 on Linux (All). + Pidgin Version prior to 2.4.3 on Linux (All). Fix : Upgrade to Pidgin Version 2.4.3, http://www.pidgin.im/download/ @@ -64,28 +64,29 @@ Risk factor : Medium"; script_description(english:desc["english"]); script_dependencies("secpod_ssh_sys_info.nasl"); - script_require_keys("Host/uname"); + script_require_keys("ssh/login/uname"); exit(0); } include("ssh_func.inc"); - if("Linux" >!< get_kb_item("Host/uname")){ + if("Linux" >!< get_kb_item("ssh/login/uname")){ exit(0); } - foreach item (get_kb_list("Host/*/rpm-list")) + foreach item (get_kb_list("ssh/*/rpms")) { - if("pidgin-" >< item) - { - if(egrep(pattern:"^pidgin-([01]\..*|2\.([0-3](\..*)?|" + - "4(\.[0-2])?))($|[^.0-9])", string:item)){ - security_warning(0); - } - exit(0); - } - } + if("pidgin~" >< item) + { + if(egrep(pattern:"^pidgin~([01]\..*|2\.([0-3](\..*)?|" + + "4(\.[0-2])?))($|[^.0-9])", string:item)) + { + security_warning(0); + exit(0); + } + } + } sock = ssh_login_or_reuse_connection(); if(!sock){ Modified: trunk/openvas-plugins/scripts/secpod_pidgin_ssl_sec_bypass_vuln_lin_900022.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_pidgin_ssl_sec_bypass_vuln_lin_900022.nasl 2008-09-01 19:59:25 UTC (rev 1270) +++ trunk/openvas-plugins/scripts/secpod_pidgin_ssl_sec_bypass_vuln_lin_900022.nasl 2008-09-02 05:37:55 UTC (rev 1271) @@ -6,7 +6,7 @@ # # Date Written: 2008/08/06 # -# Revision: 1.1 +# Revision: 1.2 # # Log: schandan # Issue #0089 @@ -28,7 +28,7 @@ script_id(900022); script_bugtraq_id(30553); script_copyright(english:"Copyright (C) 2008 SecPod"); - script_version("$Revision: 1.1 $"); + script_version("Revision: 1.2 "); script_category(ACT_GATHER_INFO); script_family(english:"Misc."); script_name(english:"Pidgin NSS plugin SSL Certificate Validation Security Bypass Vulnerability (Linux)"); @@ -61,26 +61,27 @@ script_description(english:desc["english"]); script_dependencies("secpod_ssh_sys_info.nasl"); - script_require_keys("Host/uname"); + script_require_keys("ssh/login/uname"); exit(0); } include("ssh_func.inc"); - if("Linux" >!< get_kb_item("Host/uname")){ + if("Linux" >!< get_kb_item("ssh/login/uname")){ exit(0); } - foreach item (get_kb_list("Host/*/rpm-list")) + foreach item (get_kb_list("ssh/*/rpms")) { - if("pidgin-" >< item) + if("pidgin~" >< item) { - if(egrep(pattern:"^pidgin-([01]\..*|2\.([0-3](\..*)?|" + - "4(\.[0-3])?))($|[^.0-9])", string:item)){ + if(egrep(pattern:"^pidgin~([01]\..*|2\.([0-3](\..*)?|" + + "4(\.[0-3])?))($|[^.0-9])", string:item)) + { security_warning(0); - } - exit(0); + exit(0); + } } } Modified: trunk/openvas-plugins/scripts/secpod_python_mult_vuln_lin_900106.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_python_mult_vuln_lin_900106.nasl 2008-09-01 19:59:25 UTC (rev 1270) +++ trunk/openvas-plugins/scripts/secpod_python_mult_vuln_lin_900106.nasl 2008-09-02 05:37:55 UTC (rev 1271) @@ -6,7 +6,7 @@ # # Date Written: 2008/08/05 # -# Revision: 1.2 +# Revision: 1.3 # # Log: ssharath # Issue #0091 @@ -30,7 +30,7 @@ script_cve_id("CVE-2008-2315", "CVE-2008-2316", "CVE-2008-3142", "CVE-2008-3143","CVE-2008-3144"); script_copyright(english:"Copyright (C) 2008 SecPod"); - script_version("$Revision: 1.2 $"); + script_version("Revision: 1.3 "); script_category(ACT_GATHER_INFO); script_family(english:"Misc."); script_name(english:"Python Multiple Vulnerabilities (Linux)"); @@ -71,22 +71,22 @@ Risk factor : Medium"; script_description(english:desc["english"]); script_dependencies("secpod_ssh_sys_info.nasl"); - script_require_keys("Host/uname"); + script_require_keys("ssh/login/uname"); exit(0); } include("ssh_func.inc"); - if("Linux" >!< get_kb_item("Host/uname")){ + if("Linux" >!< get_kb_item("ssh/login/uname")){ exit(0); } - foreach item (get_kb_list("Host/*/rpm-list")) + foreach item (get_kb_list("ssh/*/rpms")) { if("python" >< item) { - if(egrep(pattern:"python-.*-([01]\..*|2\.([0-4]\..*|5\.[0-2]))[^.0-9]", + if(egrep(pattern:"python-.*~([01]\..*|2\.([0-4]\..*|5\.[0-2]))[^.0-9]", string:item)){ security_warning(0); } Modified: trunk/openvas-plugins/scripts/secpod_ssh_sys_info.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_ssh_sys_info.nasl 2008-09-01 19:59:25 UTC (rev 1270) +++ trunk/openvas-plugins/scripts/secpod_ssh_sys_info.nasl 2008-09-02 05:37:55 UTC (rev 1271) @@ -6,10 +6,14 @@ # # Date Written: 2008/07/22 # -# Revision: 1.1 +# Revision: 1.2 # # Log: schandan # Issue # +# Added "\n" at the end to all rpm packages before KB set. +# (It is done to support Regex match in proper way). +# +# CHANGES: Jaime Blasco from AlienVault VRT # ------------------------------------------------------------------------ # This program was written by SecPod and is licensed under the GNU GPL # license. Please refer to the below link for details, @@ -20,13 +24,14 @@ # information found in this header with any distribution you make of this # Program. # ------------------------------------------------------------------------ -############################################################################## +########################################################################### + if(description) { script_id(900014); script_copyright(english:"Copyright (C) 2008 SecPod"); - script_version("$Revision: 1.1 $"); + script_version("Revision: 1.2 "); script_category(ACT_GATHER_INFO); script_name(english:"SSH System Security Information"); script_family(english:"General"); @@ -34,10 +39,10 @@ desc["english"] = " Overview : This script will retrieve system information on the target host with OS Name, Version and all installed packages. - + Risk factor : Informational"; - script_description(english:desc["english"]); + script_description(english:desc["english"]); script_dependencies("find_service.nes", "secpod_ssh_credentials.nasl"); script_require_ports(22, "Services/ssh"); exit(0); @@ -49,161 +54,682 @@ port = get_kb_item("Services/ssh"); if(!port){ - port = 22; + port = 22; } sock = ssh_login_or_reuse_connection(); if(!sock) { - report = "Unable to logon into the remote host"; - security_note(port:port, data:report); - exit(0); + report = "Unable to logon into the remote host"; + security_note(port:port, data:report); + exit(0); } else { - report = "Able to logon into the remote host with given credentials. SSH Local checks is enabled."; - security_note(port:port, data:report); + report = "Able to logon into the remote host with given credentials. SSH Local checks is enabled."; + security_note(port:port, data:report); } - buf = ssh_cmd(socket:sock,cmd:"uname -a"); - if(buf){ - set_kb_item(name:"Host/uname", value:buf); - } - else - { + + #From gather-package-list.nasl (OpenVAs) + # OpenVAS Vulnerability Test +# $Id$ +# Description: Gather installed packages/rpms/etc for local security checks +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License Version 2 +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +# + + + # First command: Grab uname -a of the remote system +uname = ssh_cmd(socket:sock, cmd:"uname -a"); +if(uname){ + set_kb_item(name: "ssh/login/uname", value:uname); +} else +{ + report = "Unable to execute uname cmd"; + security_note(port:port, data:report); ssh_close_connection(); exit(0); - } +} - if("Linux" >< buf) - { - ###################################################################### - # RedHat and Fedora (All) - ###################################################################### - buf = ssh_cmd(socket:sock, cmd:"cat /etc/redhat-release"); - if(("Red Hat" >< buf) || ("Fedora" >< buf)) - { - set_kb_item(name:"Host/RedHat/release", value:buf); - buf = ssh_cmd(socket:sock, timeout:120, cmd:"/bin/rpm -qa " + - "--qf '%{NAME}-%{VERSION}-%{RELEASE}\n'"); - if(buf){ - set_kb_item(name:"Host/RedHat/rpm-list", value:buf); - } - ssh_close_connection(); - exit(0); - } + security_note(port:port, data:uname); +# Ok...let's first check if this is a RedHat/Fedora Core/Mandrake release +rls = ssh_cmd(socket:sock, cmd:"cat /etc/redhat-release"); +if("Red Hat Linux release 7.3" >< rls) { + set_kb_item(name: "ssh/login/release", value: "RH7.3"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Red Hat Linux release 8.0 (Psyche)" >< rls) { + set_kb_item(name: "ssh/login/release", value: "RH8.0"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Red Hat Linux release 9 (Shrike)" >< rls) { + set_kb_item(name: "ssh/login/release", value: "RH9"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Fedora Core release 1 (Yarrow)" >< rls) { + set_kb_item(name: "ssh/login/release", value: "FC1"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Fedora Core release 2 (Tettnang)" >< rls) { + set_kb_item(name: "ssh/login/release", value: "FC2"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Fedora Core release 3 (Heidelberg)" >< rls) { + set_kb_item(name: "ssh/login/release", value: "FC3"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Fedora Core release 4 (Stentz)" >< rls) { + set_kb_item(name: "ssh/login/release", value: "FC4"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Fedora Core release 5 (Bordeaux)" >< rls) { + set_kb_item(name: "ssh/login/release", value: "FC5"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Fedora Core release 6 (Zod)" >< rls) { + set_kb_item(name: "ssh/login/release", value: "FC6"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Fedora release 7 (Moonshine)" >< rls) { + set_kb_item(name: "ssh/login/release", value: "FC7"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Fedora release 8 (Werewolf)" >< rls) { + set_kb_item(name: "ssh/login/release", value: "FC8"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Fedora release 9 (Sulphur)" >< rls) { + set_kb_item(name: "ssh/login/release", value: "FC9"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} - ###################################################################### - # SuSE - ###################################################################### - buf = ssh_cmd(socket:sock, cmd:"cat /etc/SuSE-release"); - if("SuSE Linux" >< buf) - { - version = ereg_replace(pattern:"SuSE Linux ([0-9]\.[0-9]) .*", - string:egrep(string:buf, pattern:"SuSE"), - replace:"\1"); - set_kb_item(name:"Host/SuSE/release", value:"SUSE" + version); - buf = ssh_cmd(socket:sock, timeout:60, cmd:"rpm -qa --qf " + - "'%{NAME}-%{VERSION}-%{RELEASE}\n'", timeout:60); - if(buf){ - set_kb_item(name:"Host/SuSE/rpm-list", value:buf); - } - ssh_close_connection(); - exit(0); - } - - ####################################################################### - # Gentoo - ####################################################################### - buf = ssh_cmd(socket:sock, cmd:"cat /etc/gentoo-release"); - if("Gentoo" >< buf) - { - version = ereg_replace(pattern:"Gentoo Base System version ([0-9]\.[0-9]) .*", - string:egrep(string:buf, pattern:"Gentoo"), - replace:"\1"); - set_kb_item(name:"Host/Gentoo/release", value: version); - buf = ssh_cmd(socket: sock, timeout:60, - cmd:'egrep "ARCH=" /etc/make.profile/make.defaults'); - buf = ereg_replace(string:buf, pattern:'ARCH="(.*)"', replace: "\1"); +# Red Hat Enterprise Linux ES release 2.1 (Panama) +# Red Hat Enterprise Linux AS release 3 (Taroon Update 1) +# Red Hat Enterprise Linux AS release 3 (Taroon Update 2) +# Red Hat Enterprise Linux AS release 3 (Taroon Update 3) +# Red Hat Enterprise Linux Desktop release 3.90 - if(buf){ - set_kb_item(name: "Host/Gentoo/arch", value: buf); - } +if(egrep(pattern:"Red Hat Enterprise.*release 2\.1", string:rls)) { + set_kb_item(name: "ssh/login/release", value: "RHENT_2.1"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if(egrep(pattern:"Red Hat Enterprise.*release 3 ", string:rls)) { + set_kb_item(name: "ssh/login/release", value: "RHENT_3"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if(egrep(pattern:"Red Hat Enterprise.*release 4 ", string:rls)) { + set_kb_item(name: "ssh/login/release", value: "RHENT_4"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if(egrep(pattern:"Red Hat Enterprise.*release 5 ", string:rls)) { + set_kb_item(name: "ssh/login/release", value: "RHENT_5"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} - buf = ssh_cmd(socket:sock, timeout:60, cmd:'find /var/db/pkg/ " + - "-mount -mindepth 2 -maxdepth 2 -printf "%P\\n"'); - if(buf){ - set_kb_item(name:"Host/Gentoo/qpkg-list", value:buf); - } - ssh_close_connection(); - exit(0); - } +if("Mandriva Linux release 2008.1" >< rls) { + set_kb_item(name: "ssh/login/release", value: "MNDK_2008.1"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Mandriva Linux release 2008.0" >< rls) { + set_kb_item(name: "ssh/login/release", value: "MNDK_2008.0"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Mandriva Linux release 2007.1" >< rls) { + set_kb_item(name: "ssh/login/release", value: "MNDK_2007.1"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Mandriva Linux release 2007.0" >< rls) { + set_kb_item(name: "ssh/login/release", value: "MNDK_2007.0"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Mandriva Linux release 2006.0" >< rls) { + set_kb_item(name: "ssh/login/release", value: "MNDK_2006.0"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Mandrakelinux release 10.2" >< rls) { + set_kb_item(name: "ssh/login/release", value: "MNDK_10.2"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Mandrakelinux release 10.1" >< rls) { + set_kb_item(name: "ssh/login/release", value: "MNDK_10.1"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Mandrake Linux release 10.0" >< rls) { + set_kb_item(name: "ssh/login/release", value: "MNDK_10.0"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Mandrake Linux release 9.2" >< rls) { + set_kb_item(name: "ssh/login/release", value: "MNDK_9.2"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Mandrake Linux release 9.1" >< rls) { + set_kb_item(name: "ssh/login/release", value: "MNDK_9.1"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Mandrake Linux release 8.1" >< rls) { + set_kb_item(name: "ssh/login/release", value: "MNDK_8.1"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Mandrake Linux release 8.0" >< rls) { + set_kb_item(name: "ssh/login/release", value: "MNDK_8.0"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Mandrake Linux release 7.2" >< rls) { + set_kb_item(name: "ssh/login/release", value: "MNDK_7.2"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} - ####################################################################### - # Debian - ####################################################################### - buf = ssh_cmd(socket:sock, cmd:"cat /etc/debian_version"); - if(buf) - { - if(buf !~ '^[0-9.]+[ \t\r\n]*$') - { - ssh_close_connection(); - exit(0); - } +# Ok...also using /etc/redhat-release is CentOS...let's try them now +# We'll stay with major release # checking unless we find out we need to do +# otherwise. +#CentOS release 4.0 (Final) +#CentOS release 4.1 (Final) +#CentOS release 3.4 (final) +if("CentOS release 4" >< rls) { + set_kb_item(name: "ssh/login/release", value: "CENTOS4"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running CentOS release 4")); + exit(0); +} +if("CentOS release 3" >< rls) { + set_kb_item(name: "ssh/login/release", value: "CENTOS3"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value: ";" + buf); + security_note(port:port, data:string("We are able to login and detect that you are running CentOS release 3")); + exit(0); +} - set_kb_item(name:"Host/Debian/release", value: chomp(buf)); - buf = ssh_cmd(socket:sock, timeout:60, cmd:'COLUMNS=160 dpkg -l'); - if(buf){ - set_kb_item(name:"Host/Debian/dpkg-l", value:buf); - } - ssh_close_connection(); - exit(0); - } - } +# Hmmm...is it Ubuntu? +rls = ssh_cmd(socket:sock, cmd:"cat /etc/lsb-release"); +if("DISTRIB_ID=Ubuntu">< buf ) - { - OS = ereg_replace(pattern:"^.*Darwin Kernel Version ([0-9]+\.[0-9]" + - "+\.[0-9]+):.*$", string:buf, replace:"\1"); - num = split(OS, sep:".", keep:FALSE); - version = "Mac OS X 10." + string(int(num[0]) - 4) + "." + int(num[1]); +if("DISTRIB_ID=Ubuntu">< rls) { + set_kb_item(name: "ssh/login/release", value: "CL9"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value:buf); + security_note(port:port, data:string("We are able to login and detect that you are running Conectiva Linux 9")); + exit(0); +} +if("Conectiva Linux 10" >< rls) { + set_kb_item(name: "ssh/login/release", value: "CL10"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value:buf); + security_note(port:port, data:string("We are able to login and detect that you are running Conectiva Linux 10")); + exit(0); +} - if(strlen(buf)){ - version = version + " Server"; +# How about Turbolinux? +# Turbolinux signatures: +# release 6.0 WorkStation (Shiga) -- Unsupported +# TurboLinux release 6.1 Server (Naha) -- Unsupported +# Turbolinux Server 6.5 (Jupiter) -- Unsupported +# Turbolinux Server 7.0 (Esprit) +# Turbolinux Workstation 7.0 (Monza) +# Turbolinux Server 8.0 (Viper) +# Turbolinux Workstation 8.0 (SilverStone) +# Turbolinux Server 10.0 (Celica) +# Turbolinux Desktop 10.0 (Suzuka) +# -- Need: +#- Turbolinux Appliance Server 1.0 Hosting Edition +#- Turbolinux Appliance Server 1.0 Workgroup Edition +#- Turbolinux Home +#- Turbolinux 10 F... + +rls = ssh_cmd(socket:sock, cmd:"cat /etc/turbolinux-release"); +if("Turbolinux Server 7.0" >< rls) { + set_kb_item(name: "ssh/login/release", value: "TLS7"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value:buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Turbolinux Workstation 7.0" >< rls) { + set_kb_item(name: "ssh/login/release", value: "TLWS7"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value:buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Turbolinux Server 8.0" >< rls) { + set_kb_item(name: "ssh/login/release", value: "TLS8"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value:buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Turbolinux Workstation 8.0" >< rls) { + set_kb_item(name: "ssh/login/release", value: "TLWS8"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value:buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Turbolinux Desktop 10.0" >< rls) { + set_kb_item(name: "ssh/login/release", value: "TLDT10"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value:buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Turbolinux Server 10.0" >< rls) { + set_kb_item(name: "ssh/login/release", value: "TLS10"); + buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'"); + set_kb_item(name: "ssh/login/rpms", value:buf); + security_note(port:port, data:string("We are able to login and detect that you are running ", rls)); + exit(0); +} +if("Turbolinux">< rls) { + security_note(port:port, data:string("We have detected you are running a version of Turbolinux currently not supported by SecuritySpace. Please report the following banner to SecuritySpace: ", rls)); + exit(0); +} + +#How about FreeBSD? If the uname line begins with "FreeBSD ", we have a match +if(substr(uname, 0, 7)=="FreeBSD ") { + version=eregmatch(pattern:"^[^ ]+ [^ ]+ ([^ ]+)+",string:uname); + splitup = eregmatch(pattern:"([^-]+)-([^-]+)-p([0-9]+)", string:version[1]); + found = 0; + if(!isnull(splitup)) { + release = splitup[1]; + patchlevel = splitup[3]; + found = 1; + } else { + splitup = eregmatch(pattern:"([^-]+)-RELEASE", string:version[1]); + if(!isnull(splitup)) { + release = splitup[1]; + patchlevel = "0"; + found = 1; + } else { + splitup=eregmatch(pattern:"([^-]+)-SECURITY",string:version[1]); + if(!isnull(splitup)) { + release = splitup[1]; + security_note(port:port, data:string("We have detected you are running FreeBSD ", splitup[0], ". It also appears that you are using freebsd-update, a binary update tool for keeping your distribution up to date. We will not be able to check your core distribution for vulnerabilities, but we will check your installed ports packages.")); + found = 2; + } else { + security_note(port:port, data:string("You appear to be running FreeBSD, but we do not recognize the output format of uname: ", uname, ". Local security checks will NOT be run.")); + } } - set_kb_item(name:"Host/MacOSX/Version", value:version); + } + if(found==1) { + set_kb_item(name: "ssh/login/freebsdrel", value: release); + set_kb_item(name: "ssh/login/freebsdpatchlevel", value: patchlevel); + security_note(port:port, data:string("We are able to login and detect that you are running FreeBSD ", release, " Patch level: ", patchlevel)); + } + if(found==2) { + set_kb_item(name: "ssh/login/freebsdrel", value: release); + security_note(port:port, data:string("We are able to login and detect that you are running FreeBSD ", release, " Patch level: Unknown")); + } + if(found!=0) { + buf = ssh_cmd(socket:sock, cmd:"pkg_info"); + set_kb_item(name: "ssh/login/freebsdpkg", value:buf); + } +} - buf = ssh_cmd(socket:sock, cmd:"test -d /Library/Receipts && ls /Library/Receipts"); +# Hmmm...is it Debian? +rls = ssh_cmd(socket:sock, cmd:"cat /etc/debian_version"); +if("2.2">!< get_kb_item("Host/uname")){ + if("Linux" >!< get_kb_item("ssh/login/uname")){ exit(0); } - foreach item (get_kb_list("Host/*/rpm-list")) + foreach item (get_kb_list("ssh/*/rpms")) { if("ethereal" >< item) { @@ -85,7 +85,7 @@ else if("wireshark" >< item) { - if(egrep(pattern:"wireshark-(0\.99\.[1-9]|1\.0\.0)($|[^.0-9])", + if(egrep(pattern:"wireshark~(0\.99\.[1-9]|1\.0\.0)($|[^.0-9])", string:item)) { security_hole(0); Modified: trunk/openvas-plugins/scripts/secpod_xine-lib_mult_code_exe_dos_vuln_900111.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_xine-lib_mult_code_exe_dos_vuln_900111.nasl 2008-09-01 19:59:25 UTC (rev 1270) +++ trunk/openvas-plugins/scripts/secpod_xine-lib_mult_code_exe_dos_vuln_900111.nasl 2008-09-02 05:37:55 UTC (rev 1271) @@ -6,7 +6,7 @@ # # Date Written: 2008/08/18 # -# Revision: 1.1 +# Revision: 1.2 # # Log: ssharath # Issue #0125 @@ -28,7 +28,7 @@ script_id(900111); script_bugtraq_id(30698); script_copyright(english:"Copyright (C) 2008 SecPod"); - script_version("$Revision: 1.1 $"); + script_version("Revision: 1.2 "); script_category(ACT_GATHER_INFO); script_family(english:"Misc."); script_name(english:"xine-lib Multiple Vulnerabilities"); @@ -71,22 +71,22 @@ Risk factor : High"; script_description(english:desc["english"]); script_dependencies("secpod_ssh_sys_info.nasl"); - script_require_keys("Host/uname"); + script_require_keys("ssh/login/uname"); exit(0); } include("ssh_func.inc"); - if("Linux" >!< get_kb_item("Host/uname")){ + if("Linux" >!< get_kb_item("ssh/login/uname")){ exit(0); } - foreach item (get_kb_list("Host/*/rpm-list")) + foreach item (get_kb_list("ssh/*/rpms")) { if("xine" >< item) { - if(egrep(pattern:"(libxine(1)?|xine-lib)-(0\..*|1\.(0\..*|" + + if(egrep(pattern:"(libxine(1)?|xine-lib)~(0\..*|1\.(0\..*|" + "1(\.0?[0-9]|\.1[0-4])?))[^.0-9]", string:item)) { security_hole(0); From scm-commit at wald.intevation.org Tue Sep 2 07:39:01 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 2 Sep 2008 07:39:01 +0200 (CEST) Subject: [Openvas-commits] r1272 - trunk/openvas-plugins/scripts Message-ID: <20080902053901.A6F4A40784@pyrosoma.intevation.org> Author: chandra Date: 2008-09-02 07:39:00 +0200 (Tue, 02 Sep 2008) New Revision: 1272 Added: trunk/openvas-plugins/scripts/secpod_anzio_web_print_obj_bof_vuln_900115.nasl trunk/openvas-plugins/scripts/secpod_eset_smart_sec_local_prv_esc_vuln_900114.nasl trunk/openvas-plugins/scripts/secpod_justsystems_ichitaro_code_exec_vuln_900207.nasl trunk/openvas-plugins/scripts/secpod_openoffice_code_exec_vuln_lin_900043.nasl trunk/openvas-plugins/scripts/secpod_openoffice_code_exec_vuln_win_900042.nasl trunk/openvas-plugins/scripts/secpod_ultra_office_activex_control_mult_vuln_900208.nasl Log: Added new plugins Added: trunk/openvas-plugins/scripts/secpod_anzio_web_print_obj_bof_vuln_900115.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_anzio_web_print_obj_bof_vuln_900115.nasl 2008-09-02 05:37:55 UTC (rev 1271) +++ trunk/openvas-plugins/scripts/secpod_anzio_web_print_obj_bof_vuln_900115.nasl 2008-09-02 05:39:00 UTC (rev 1272) @@ -0,0 +1,144 @@ +############################################################################## +# +# Anzio Web Print Object ActiveX Control Remote BOF Vulnerability +# +# Copyright: SecPod +# +# Date Written: 2008/09/01 +# +# Revision: 1.1 +# +# Log : ssharath +# Issue #0152 +# ------------------------------------------------------------------------ +# This program was written by SecPod and is licensed under the GNU GPL +# license. Please refer to the below link for details, +# http://www.gnu.org/licenses/gpl.html +# This header contains information regarding licensing terms under the GPL, +# and information regarding obtaining source code from the Author. +# Consequently, pursuant to section 3(c) of the GPL, you must accompany the +# information found in this header with any distribution you make of this +# Program. +# ------------------------------------------------------------------------ +############################################################################## + + +if(description) +{ + script_id(900115); + script_bugtraq_id(30545); + script_cve_id("CVE-2008-3480"); + script_copyright(english:"Copyright (C) 2008 SecPod"); + script_version("Revision: 1.1 "); + script_category(ACT_GATHER_INFO); + script_family(english:"Misc."); + script_name(english:"Anzio Web Print Object ActiveX Control Remote BOF Vulnerability"); + script_summary(english:"Check for vulnerable version and prior of Anzio"); + desc["english"] = " + Overview : The host is running Anzio, which is prone to a heap-based buffer + overflow vulnerability. + + Vulnerability Insight : + + The flaw is due to an error while handling an overly long value in + mainurl parameter. + + Impact: An attacker can execute arbitrary code causing a stack based + buffer overflow by tricking a user to visit malicious web page. + + Impact Level : Application + + Affected Software/OS : + Anzio Web Print Object versions prior to 3.2.30 on Windows (All) + + Fix : Upgrade to Anzio Web Print Object version 3.2.30 + http://www.anzio.com/download-wepo.htm + + References : + http://secunia.com/advisories/31554/ + http://en.securitylab.ru/poc/extra/358295.php + http://www.coresecurity.com/content/anzio-web-print-object-buffer-overflow + + CVSS Score : + CVSS Base Score : 6.8 (AV:N/AC:M/Au:NR/C:P/I:P/A:P) + CVSS Temporal Score : 5.3 + Risk factor : High"; + + script_description(english:desc["english"]); + script_dependencies("secpod_reg_enum.nasl"); + script_require_keys("SMB/WindowsVersion"); + exit(0); +} + + + include("smb_nt.inc"); + include("secpod_smb_func.inc"); + + if (!get_kb_item("SMB/WindowsVersion")){ + exit(0); + } + + anzioPath = registry_get_sz(key:"SOFTWARE\Microsoft\Windows\CurrentVersion" + + "\App Paths\pwui.exe", item:"Path"); + if(!anzioPath){ + exit(0); + } + + share = ereg_replace(pattern:"([A-Z]):.*",replace:"\1$",string:anzioPath); + file = ereg_replace(pattern:"[A-Z]:(.*)",replace:"\1",string:anzioPath + "\pwui.exe"); + + name = kb_smb_name(); + domain = kb_smb_domain(); + login = kb_smb_login(); + pass = kb_smb_password(); + port = kb_smb_transport(); + + soc = open_sock_tcp(port); + if(!soc){ + exit(0); + } + r = smb_session_request(soc:soc, remote:name); + if(!r){ + close(soc); + exit(0); + } + + prot = smb_neg_prot(soc:soc); + if(!prot){ + close(soc); + exit(0); + } + + r = smb_session_setup(soc:soc, login:login, password:pass, + domain:domain, prot:prot); + if(!r){ + close(soc); + exit(0); + } + + uid = session_extract_uid(reply:r); + r = smb_tconx(soc:soc, name:name, uid:uid, share:share); + + tid = tconx_extract_tid(reply:r); + if(!tid){ + close(soc); + exit(0); + } + + fid = OpenAndX(socket:soc, uid:uid, tid:tid, file:file); + if(!fid){ + close(soc); + exit(0); + } + + anzioVer = GetVersion(socket:soc, uid:uid, tid:tid, fid:fid, verstr:"File Version"); + close(soc); + + if(!anzioVer){ + exit(0); + } + + if(egrep(pattern:"^([0-2]\..*|3\.([01](\..*)?|2(\.[0-2]?[0-9])?\.0))$", + string:anzioVer)){ + security_hole(0); + } Added: trunk/openvas-plugins/scripts/secpod_eset_smart_sec_local_prv_esc_vuln_900114.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_eset_smart_sec_local_prv_esc_vuln_900114.nasl 2008-09-02 05:37:55 UTC (rev 1271) +++ trunk/openvas-plugins/scripts/secpod_eset_smart_sec_local_prv_esc_vuln_900114.nasl 2008-09-02 05:39:00 UTC (rev 1272) @@ -0,0 +1,86 @@ +############################################################################## +# +# ESET Smart Security easdrv.sys Local Privilege Escalation Vulnerability +# +# Copyright: SecPod +# +# Date Written: 2008/09/01 +# +# Revision: 1.1 +# +# Log : ssharath +# Issue #0150 +# ------------------------------------------------------------------------ +# This program was written by SecPod and is licensed under the GNU GPL +# license. Please refer to the below link for details, +# http://www.gnu.org/licenses/gpl.html +# This header contains information regarding licensing terms under the GPL, +# and information regarding obtaining source code from the Author. +# Consequently, pursuant to section 3(c) of the GPL, you must accompany the +# information found in this header with any distribution you make of this +# Program. +# ------------------------------------------------------------------------ +############################################################################## + + +if(description) +{ + script_id(900114); + script_bugtraq_id(30719); + script_copyright(english:"Copyright (C) 2008 SecPod"); + script_version("Revision: 1.1 "); + script_category(ACT_GATHER_INFO); + script_family(english:"Misc."); + script_name(english:"ESET Smart Security easdrv.sys Local Privilege Escalation Vulnerability"); + script_summary(english:"Check for vulnerable version and prior of ESET"); + desc["english"] = " + Overview : The host is running ESET Smart Security, which is prone to a local + privilege escalation vulnerability. + + Vulnerability Insight : + + The flaw exists due to an error in easdrv.sys driver file. + + Impact: Local exploitation will allow attackers to execute arbitrary + code with kernel level privileges to result in complete compromise of + the system. + + Impact Level : Application + + Affected Software/OS: + - Eset Software Smart Security 3.0.667.0 and prior on Windows (All) + + Fix : No solution/patch is available as on 01st September, 2008. Information + regarding this issue will be update once the solution details are available. + For update refer, http://www.eset.com/ + + References : http://www.securityfocus.com/bid/30719/discuss + + CVSS Score : + CVSS Base Score : 6.6 (AV:L/AC:M/Au:SI/C:C/I:C/A:C) + CVSS Temporal Score : 5.9 + Risk factor : High"; + + script_description(english:desc["english"]); + script_dependencies("secpod_reg_enum.nasl"); + script_require_keys("SMB/WindowsVersion"); + exit(0); +} + + include("smb_nt.inc"); + + if (!get_kb_item("SMB/WindowsVersion")){ + exit(0); + } + + esetVer = registry_get_sz(key:"SOFTWARE\ESET\ESET Security\CurrentVersion\Info", + item:"ProductVersion"); + if(!esetVer){ + exit(0); + } + + # Grep Eset Software Smart Security version <= 3.0.667.0 + if(egrep(pattern:"^([0-2]\..*|3\.0\.([0-5]?[0-9]?[0-9]|6[0-5][0-9]|66[0-7])\.0)$", + string:esetVer)){ + security_warning(0); + } Added: trunk/openvas-plugins/scripts/secpod_justsystems_ichitaro_code_exec_vuln_900207.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_justsystems_ichitaro_code_exec_vuln_900207.nasl 2008-09-02 05:37:55 UTC (rev 1271) +++ trunk/openvas-plugins/scripts/secpod_justsystems_ichitaro_code_exec_vuln_900207.nasl 2008-09-02 05:39:00 UTC (rev 1272) @@ -0,0 +1,184 @@ +############################################################################## +# +# Ichitaro Document Handling Unspecified Code Execution Vulnerability +# +# Copyright: SecPod +# +# Date Written: 2008/08/27 +# +# Revision: 1.1 +# +# Log: veerendragg +# Issue #0147 +# ------------------------------------------------------------------------ +# This program was written by SecPod and is licensed under the GNU GPL +# license. Please refer to the below link for details, +# http://www.gnu.org/licenses/gpl.html +# This header contains information regarding licensing terms under the GPL, +# and information regarding obtaining source code from the Author. +# Consequently, pursuant to section 3(c) of the GPL, you must accompany the +# information found in this header with any distribution you make of this +# Program. +# ------------------------------------------------------------------------ +############################################################################## + + +if(description) +{ + script_id(900207); + script_bugtraq_id(30828); + script_copyright(english:"Copyright (C) 2008 SecPod"); + script_version("Revision: 1.1"); + script_category(ACT_GATHER_INFO); + script_family(english:"Misc."); + script_name(english:"Ichitaro Document Handling Unspecified Code Execution Vulnerability"); + script_summary(english:"Check for the version of Ichitaro"); + desc["english"] = " + Overview : This host is running Ichitaro, which is prone to Unspecified Remote + Code Execution Vulnerability. + + Vulnerability Insight : + + The issue is due to error that exists while processing specially + crafted docuement form. + + Impact : Successful exploitation will allow execution arbitrary code + within the context of the vulnerable application. + + Impact Level : Application + + Affected Software/OS : + Justsystem Ichitaro 2008 and prior versions on Windows (All). + + Fix : No solution/patch is available as on 28th August, 2008. Information + regarding this issue will updated once the solution details are available. + For updates refer, http://www.ichitaro.com + + References : + http://secunia.com/advisories/31603/ + http://www.justsystems.com/jp/info/pd8002.html + + CVSS Score : + CVSS Base Score : 7.5 (AV:N/AC:L/Au:NR/C:P/I:P/A:P) + CVSS Temporal Score : 6.4 + Risk factor : Medium"; + + script_description(english:desc["english"]); + script_dependencies("secpod_reg_enum.nasl"); + script_require_keys("SMB/WindowsVersion"); + exit(0); +} + + + include("smb_nt.inc"); + + if(!get_kb_item("SMB/WindowsVersion")){ + exit(0); + } + + if(!registry_key_exists(key:"SOFTWARE\Justsystem\ATOK")){ + exit(0); + } + + name = kb_smb_name(); + login = kb_smb_login(); + pass = kb_smb_password(); + domain = kb_smb_domain(); + port = kb_smb_transport(); + + if(!port){ + port = 139; + } + + if(!get_port_state(port)){ + exit(0); + } + + soc = open_sock_tcp(port); + if(!soc){ + exit(0); + } + + r = smb_session_request(soc:soc, remote:name); + if(!r) + { + close(soc); + exit(0); + } + + prot = smb_neg_prot(soc:soc); + if(!prot) + { + close(soc); + exit(0); + } + + r = smb_session_setup(soc:soc, login:login, password:pass, + domain:domain, prot:prot); + if(!r) + { + close(soc); + exit(0); + } + + uid = session_extract_uid(reply:r); + r = smb_tconx(soc:soc, name:name, uid:uid, share:"IPC$"); + + tid = tconx_extract_tid(reply:r); + if(!tid) + { + close(soc); + exit(0); + } + + r = smbntcreatex(soc:soc, uid:uid, tid:tid, name:"\winreg"); + if(!r) + { + close(soc); + exit(0); + } + + pipe = smbntcreatex_extract_pipe(reply:r); + if(!pipe) + { + close(soc); + exit(0); + } + + r = pipe_accessible_registry(soc:soc, uid:uid, tid:tid, pipe:pipe); + if(!r) + { + close(soc); + exit(0); + } + + handle = registry_open_hklm(soc:soc, uid:uid, tid:tid, pipe:pipe); + if(!handle) + { + close(soc); + exit(0); + } + + key = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\"; + key_h = registry_get_key(soc:soc, uid:uid, tid:tid, pipe:pipe, + key:key, reply:handle); + if(!key_h) + { + close(soc); + exit(0); + } + + enumKeys = registry_enum_key(soc:soc, uid:uid, tid:tid, + pipe:pipe, reply:key_h); + foreach entry (enumKeys) + { + appName = registry_get_sz(item:"DisplayName", key:key + entry); + if(appName && "ATOK" >< appName) + { + if(egrep(pattern:"ATOK ([01][0-9][0-9][0-9]|200[0-8]|" + + "(9\.|1[0-3]\.)).*", string:appName)){ + security_warning(0); + } + exit(0); + } + } Property changes on: trunk/openvas-plugins/scripts/secpod_justsystems_ichitaro_code_exec_vuln_900207.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/secpod_openoffice_code_exec_vuln_lin_900043.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_openoffice_code_exec_vuln_lin_900043.nasl 2008-09-02 05:37:55 UTC (rev 1271) +++ trunk/openvas-plugins/scripts/secpod_openoffice_code_exec_vuln_lin_900043.nasl 2008-09-02 05:39:00 UTC (rev 1272) @@ -0,0 +1,85 @@ +############################################################################# +# +# OpenOffice rtl_allocateMemory() Remote Code Execution Vulnerability (Lin) +# +# Copyright: SecPod +# +# Date Written: 2008/08/29 +# +# Revision: 1.1 +# +# Log: schandan +# Issue #0154 +# ------------------------------------------------------------------------ +# This program was written by SecPod and is licensed under the GNU GPL +# license. Please refer to the below link for details, +# http://www.gnu.org/licenses/gpl.html +# This header contains information regarding licensing terms under the GPL, +# and information regarding obtaining source code from the Author. +# Consequently, pursuant to section 3(c) of the GPL, you must accompany the +# information found in this header with any distribution you make of this +# Program. +# ------------------------------------------------------------------------ +########################################################################### + +if(description) +{ + script_id(900043); + script_bugtraq_id(30866); + script_cve_id("CVE-2008-3282"); + script_copyright(english:"Copyright (C) 2008 SecPod"); + script_version("Revision: 1.1 "); + script_category(ACT_GATHER_INFO); + script_family(english:"Misc."); + script_name(english:"OpenOffice rtl_allocateMemory() Remote Code Execution Vulnerability (Lin)"); + script_summary(english:"Check for the vulnerable version of OpenOffice.org"); + desc["english"] = " + Overview : This host has OpenOffice.Org installed, which is prone to remote + code execution vulnerability. + + Vulnerability Insight : + + The issue is due to a numeric truncation error within the rtl_allocateMemory() + method in alloc_global.c file. + + Impact : Attackers can cause an out of bounds array access by tricking a + user into opening a malicious document, also allow execution of arbitrary + code. + + Impact Level : System + + Affected Software/OS : + OpenOffice.org 2.4.1 and prior on Linux. + + Fix : No solution/patch is available as on 29th August, 2008. Information + regarding this issue will updated once the solution details are available. + For updates refer, http://download.openoffice.org/index.html + + References : http://secunia.com/advisories/31640/ + http://www.frsirt.com/english/advisories/2008/2449 + + CVSS Score : + CVSS Base Score : 6.8 (AV:N/AC:M/Au:NR/C:P/I:P/A:P) + CVSS Temporal Score : 5.8 + Risk factor : High"; + + script_description(english:desc["english"]); + script_dependencies("secpod_ssh_sys_info.nasl"); + script_require_keys("Host/uname"); + exit(0); +} + + + if("Linux" >!< get_kb_item("ssh/login/uname")){ + exit(0); + } + + foreach item (get_kb_list("ssh/*/rpms")) + { + if(egrep(pattern:"^(O|o)pen(O|o)ffice.*?~([01]\..*|2\.([0-3][^0-9]" + + "|4(\.[01])?[^.0-9]))", string:item)) + { + security_warning(0); + exit(0); + } + } Property changes on: trunk/openvas-plugins/scripts/secpod_openoffice_code_exec_vuln_lin_900043.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/secpod_openoffice_code_exec_vuln_win_900042.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_openoffice_code_exec_vuln_win_900042.nasl 2008-09-02 05:37:55 UTC (rev 1271) +++ trunk/openvas-plugins/scripts/secpod_openoffice_code_exec_vuln_win_900042.nasl 2008-09-02 05:39:00 UTC (rev 1272) @@ -0,0 +1,177 @@ +############################################################################# +# +# OpenOffice rtl_allocateMemory() Remote Code Execution Vulnerability (Win) +# +# Copyright: SecPod +# +# Date Written: 2008/08/29 +# +# Revision: 1.1 +# +# Log: schandan +# Issue #0154 +# ------------------------------------------------------------------------ +# This program was written by SecPod and is licensed under the GNU GPL +# license. Please refer to the below link for details, +# http://www.gnu.org/licenses/gpl.html +# This header contains information regarding licensing terms under the GPL, +# and information regarding obtaining source code from the Author. +# Consequently, pursuant to section 3(c) of the GPL, you must accompany the +# information found in this header with any distribution you make of this +# Program. +# ------------------------------------------------------------------------ +########################################################################### + +if(description) +{ + script_id(900042); + script_bugtraq_id(30866); + script_cve_id("CVE-2008-3282"); + script_copyright(english:"Copyright (C) 2008 SecPod"); + script_version("Revision: 1.1 "); + script_category(ACT_GATHER_INFO); + script_family(english:"Misc."); + script_name(english:"OpenOffice rtl_allocateMemory() Remote Code Execution Vulnerability (Win)"); + script_summary(english:"Check for the vulnerable version of OpenOffice.org"); + desc["english"] = " + Overview : This host has OpenOffice.Org installed, which is prone to remote + code execution vulnerability. + + Vulnerability Insight : + + The issue is due to a numeric truncation error within the rtl_allocateMemory() + method in alloc_global.c file. + + Impact : Attackers can cause an out of bounds array access by tricking a + user into opening a malicious document, also allow execution of arbitrary + code. + + Impact Level : System + + Affected Software/OS : + OpenOffice.org 2.4.1 and prior on Windows. + + Fix : No solution/patch is available as on 29th August, 2008. Information + regarding this issue will updated once the solution details are available. + For updates refer, http://download.openoffice.org/index.html + + References : http://secunia.com/advisories/31640/ + http://www.frsirt.com/english/advisories/2008/2449 + + CVSS Score : + CVSS Base Score : 6.8 (AV:N/AC:M/Au:NR/C:P/I:P/A:P) + CVSS Temporal Score : 5.8 + Risk factor : High"; + + script_description(english:desc["english"]); + script_dependencies("secpod_reg_enum.nasl"); + script_require_keys("SMB/WindowsVersion"); + exit(0); +} + + + include("smb_nt.inc"); + + if(!get_kb_item("SMB/WindowsVersion")){ + exit(0); + } + + name = kb_smb_name(); + login = kb_smb_login(); + pass = kb_smb_password(); + domain = kb_smb_domain(); + port = kb_smb_transport(); + + if(!port) port = 139; + + if(!get_port_state(port))exit(0); + + soc = open_sock_tcp(port); + if(!soc){ + exit(0); + } + + r = smb_session_request(soc:soc, remote:name); + if(!r) + { + close(soc); + exit(0); + } + + prot = smb_neg_prot(soc:soc); + if(!prot) + { + close(soc); + exit(0); + } + + r = smb_session_setup(soc:soc, login:login, password:pass, + domain:domain, prot:prot); + if(!r) + { + close(soc); + exit(0); + } + uid = session_extract_uid(reply:r); + r = smb_tconx(soc:soc, name:name, uid:uid, share:"IPC$"); + tid = tconx_extract_tid(reply:r); + if(!tid) + { + close(soc); + exit(0); + } + + r = smbntcreatex(soc:soc, uid:uid, tid:tid, name:"\winreg"); + if(!r) + { + close(soc); + exit(0); + } + + pipe = smbntcreatex_extract_pipe(reply:r); + if(!pipe) + { + close(soc); + exit(0); + } + + r = pipe_accessible_registry(soc:soc, uid:uid, tid:tid, pipe:pipe); + if(!r) + { + close(soc); + exit(0); + } + + handle = registry_open_hklm(soc:soc, uid:uid, tid:tid, pipe:pipe); + if(!handle) + { + close(soc); + exit(0); + } + + key = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\"; + key_h = registry_get_key(soc:soc, uid:uid, tid:tid, pipe:pipe, + key:key, reply:handle); + if(!key_h) + { + close(soc); + exit(0); + } + + entries = registry_enum_key(soc:soc, uid:uid, tid:tid, pipe:pipe, reply:key_h); + close(soc); + + foreach item (entries) + { + if("OpenOffice.org" >< registry_get_sz(key:key + item, item:"DisplayName")) + { + # Grep <= 2.4.9310 (ie., 2.4.1) + if((egrep(pattern:"^([01]\..*|2\.([0-3](\..*)?|4(\.([0-8]?[0-9]?" + + "[0-9]?[0-9]|9[0-2][0-9][0-9]|930[0-9]|9310))?))$", + string:registry_get_sz(key:key + item, + item:"DisplayVersion")))){ + security_warning(0); + } + exit(0); + } + } Property changes on: trunk/openvas-plugins/scripts/secpod_openoffice_code_exec_vuln_win_900042.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/secpod_ultra_office_activex_control_mult_vuln_900208.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_ultra_office_activex_control_mult_vuln_900208.nasl 2008-09-02 05:37:55 UTC (rev 1271) +++ trunk/openvas-plugins/scripts/secpod_ultra_office_activex_control_mult_vuln_900208.nasl 2008-09-02 05:39:00 UTC (rev 1272) @@ -0,0 +1,261 @@ +############################################################################## +# +# Ultra Office ActiveX Control Multiple Vulnerabilities +# +# Copyright: SecPod +# +# Date Written: 2008/09/01 +# +# Revision: 1.1 +# +# Log: veerendragg +# Issue #0153 +# ------------------------------------------------------------------------ +# This program was written by SecPod and is licensed under the GNU GPL +# license. Please refer to the below link for details, +# http://www.gnu.org/licenses/gpl.html +# This header contains information regarding licensing terms under the GPL, +# and information regarding obtaining source code from the Author. +# Consequently, pursuant to section 3(c) of the GPL, you must accompany the +# information found in this header with any distribution you make of this +# Program. +# ------------------------------------------------------------------------ +############################################################################## + + +if(description) +{ + script_id(900208); + script_bugtraq_id(30861); + script_copyright(english:"Copyright (C) 2008 SecPod"); + script_version("Revision: 1.1 "); + script_category(ACT_GATHER_INFO); + script_family(english:"Denial of Service"); + script_name(english:"Ultra Office ActiveX Control Multiple Vulnerabilities"); + script_summary(english:"Check for Vulnerable Version of Ultra Office"); + desc["english"] = " + Overview : This host is running Ultra Office Control, which is prone to + multiple vulnerabilities. + + Vulnerability Insight : + + Error exists when handling parameters received by the HttpUpload() + and Save() methods in OfficeCtrl.ocx file. + + Impact : Successful exploitation will allow execution of arbitrary + code, stack-based buffer overflow, can overwrite arbitrary files + on the vulnerable system by tricking a user into visiting a + malicious website. + + Impact Level : Application + + Affected Software/OS : + Ultra Office Control 2.x and prior versions on Windows (All). + + Fix : No solution/patch is available as on 01st September, 2008. Information + regarding this issue will be update once the solution details are available. + For updates refer, http://www.ultrashareware.com/Ultra-Office-Control.htm + + Quick Fix: Set a kill bit for the CLSID's + {00989888-BB72-4E31-A7C6-5F819C24D2F7} + + Refer to following link to set kill-bit, + http://support.microsoft.com/kb/240797 + + References : http://secunia.com/advisories/31632/ + http://www.juniper.net/security/auto/vulnerabilities/vuln30861.html + + CVSS Score : + CVSS Base Score : 6.8 (AV:N/AC:M/Au:NR/C:P/I:P/A:P) + CVSS Temporal Score : 5.8 + Risk factor : High"; + + script_description(english:desc["english"]); + script_dependencies("secpod_reg_enum.nasl"); + script_require_keys("SMB/WindowsVersion"); + exit(0); +} + + + include("smb_nt.inc"); + include("secpod_smb_func.inc"); + + if(!get_kb_item("SMB/WindowsVersion")){ + exit(0); + } + + name = kb_smb_name(); + login = kb_smb_login(); + pass = kb_smb_password(); + domain = kb_smb_domain(); + port = kb_smb_transport(); + + if(!port) port = 139; + + if(!get_port_state(port))exit(0); + + soc = open_sock_tcp(port); + if(!soc){ + exit(0); + } + + r = smb_session_request(soc:soc, remote:name); + if(!r) + { + close(soc); + exit(0); + } + + prot = smb_neg_prot(soc:soc); + if(!prot) + { + close(soc); + exit(0); + } + + r = smb_session_setup(soc:soc, login:login, password:pass, + domain:domain, prot:prot); + if(!r) + { + close(soc); + exit(0); + } + + + uid = session_extract_uid(reply:r); + r = smb_tconx(soc:soc, name:name, uid:uid, share:"IPC$"); + + tid = tconx_extract_tid(reply:r); + if(!tid) + { + close(soc); + exit(0); + } + + r = smbntcreatex(soc:soc, uid:uid, tid:tid, name:"\winreg"); + if(!r) + { + close(soc); + exit(0); + } + + pipe = smbntcreatex_extract_pipe(reply:r); + if(!pipe) + { + close(soc); + exit(0); + } + + r = pipe_accessible_registry(soc:soc, uid:uid, tid:tid, pipe:pipe); + if(!r) + { + close(soc); + exit(0); + } + + handle = registry_open_hklm(soc:soc, uid:uid, tid:tid, pipe:pipe); + if(!handle) + { + close(soc); + exit(0); + } + + key = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\"; + key_h = registry_get_key(soc:soc, uid:uid, tid:tid, pipe:pipe, + key:key, reply:handle); + if(!key_h) + { + close(soc); + exit(0); + } + + # To get application installed Path. + enumKeys = registry_enum_key(soc:soc, uid:uid, tid:tid, pipe:pipe, reply:key_h); + close(soc); + + foreach entry (enumKeys) + { + if("Ultra Office Control" >< entry) + { + appInsLoc = registry_get_sz(item:"InstallLocation", key:key + entry); + if(!appInsLoc){ + exit(0); + } + break; + } + } + + # To Get File Version. + share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:appInsLoc); + file = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1", + string:appInsLoc + "OfficeCtrl.ocx"); + + soc = open_sock_tcp(port); + if(!soc){ + exit(0); + } + + r = smb_session_request(soc:soc, remote:name); + if(!r) + { + close(soc); + exit(0); + } + + prot = smb_neg_prot(soc:soc); + if(!prot) + { + close(soc); + exit(0); + } + + r = smb_session_setup(soc:soc, login:login, password:pass, domain:domain, prot:prot); + if(!r) + { + close(soc); + exit(0); + } + + uid = session_extract_uid(reply:r); + r = smb_tconx(soc:soc, name:name, uid:uid, share:share); + + tid = tconx_extract_tid(reply:r); + if(!tid) + { + close(soc); + exit(0); + } + + fid = OpenAndX(socket:soc, uid:uid, tid:tid, file:file); + if(!fid) + { + close(soc); + exit(0); + } + + fileVer = GetVersion(socket:soc, uid:uid, tid:tid, fid:fid); + close(soc); + + if(!fileVer){ + exit(0); + } + + # Grep for Version <= 2.0.2008.801 + if(egrep(pattern:"^([01]\..*|2\.0\.[01]?[0-9]?[0-9]?[0-9]\..*|2\.0\.200[0-7]" + + "\..*|2\.0\.2008(\.[0-7]?[0-9]?[0-9]|\.80[01]))$", string:fileVer)) + { + clsid = "{00989888-BB72-4E31-A7C6-5F819C24D2F7}"; + regKey = "SOFTWARE\Classes\CLSID\"+ clsid; + if(registry_key_exists(key:regKey)) + { + # Check for Kill-Bit set for ActiveX control + activeKey = "SOFTWARE\Microsoft\Internet Explorer\"+ + "ActiveX Compatibility\" + clsid; + killBit = registry_get_dword(key:activeKey, + item:"Compatibility Flags"); + if(killBit && (int(killBit) == 1024)){ + exit(0); + } + security_warning(0); + } + } Property changes on: trunk/openvas-plugins/scripts/secpod_ultra_office_activex_control_mult_vuln_900208.nasl ___________________________________________________________________ Name: svn:executable + * From scm-commit at wald.intevation.org Tue Sep 2 07:46:01 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 2 Sep 2008 07:46:01 +0200 (CEST) Subject: [Openvas-commits] r1273 - trunk/openvas-plugins Message-ID: <20080902054601.C86BF40784@pyrosoma.intevation.org> Author: chandra Date: 2008-09-02 07:46:01 +0200 (Tue, 02 Sep 2008) New Revision: 1273 Modified: trunk/openvas-plugins/ChangeLog Log: Added new plugins and updated to incorporate changes in secpod_ssh_sys_info.nasl Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2008-09-02 05:39:00 UTC (rev 1272) +++ trunk/openvas-plugins/ChangeLog 2008-09-02 05:46:01 UTC (rev 1273) @@ -1,3 +1,25 @@ +2008-09-02 Chandrashekhar B + + * scripts/secpod_openvpn_client_code_exec_vuln_900024.nasl, + scripts/secpod_opera_detection_linux_900037.nasl, + scripts/secpod_pidgin_intgr_overflow_lin_900009.nasl, + scripts/secpod_pidgin_ssl_sec_bypass_vuln_lin_900022.nasl, + scripts/secpod_python_mult_vuln_lin_900106.nasl, + scripts/secpod_ssh_sys_info.nasl, + scripts/secpod_wireshark_mult_vuln_july08_lin_900011.nasl, + scripts/secpod_xine-lib_mult_code_exe_dos_vuln_900111.nasl: + Updated the dependent plugins for changes in secpod_ssh_sys_info.nasl + +2008-09-02 Chandrashekhar B + + * scripts/secpod_anzio_web_print_obj_bof_vuln_900115.nasl, + scripts/secpod_eset_smart_sec_local_prv_esc_vuln_900114.nasl, + scripts/secpod_justsystems_ichitaro_code_exec_vuln_900207.nasl, + scripts/secpod_openoffice_code_exec_vuln_lin_900043.nasl, + scripts/secpod_openoffice_code_exec_vuln_win_900042.nasl, + scripts/secpod_ultra_office_activex_control_mult_vuln_900208.nasl: + Added new plugins + 2008-09-01 Vlatko Kosturjak * plugins/openvas_tcp_scanner/openvas_tcp_scanner.c, From scm-commit at wald.intevation.org Tue Sep 2 10:59:29 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 2 Sep 2008 10:59:29 +0200 (CEST) Subject: [Openvas-commits] r1274 - in trunk/openvas-libraries: . libopenvas Message-ID: <20080902085929.38D1740784@pyrosoma.intevation.org> Author: mwiegand Date: 2008-09-02 10:59:28 +0200 (Tue, 02 Sep 2008) New Revision: 1274 Modified: trunk/openvas-libraries/ChangeLog trunk/openvas-libraries/libopenvas/network.c Log: * libopenvas/network.c (ovas_server_context_attach): Display gnutls error messages only when DEBUG_SSL is defined. Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2008-09-02 05:46:01 UTC (rev 1273) +++ trunk/openvas-libraries/ChangeLog 2008-09-02 08:59:28 UTC (rev 1274) @@ -1,3 +1,8 @@ +2008-09-02 Michael Wiegand + + * libopenvas/network.c (ovas_server_context_attach): Display gnutls + error messages only when DEBUG_SSL is defined. + 2008-08-31 Jan-Oliver Wagner * libopenvas/network.h: Added an explicit include. Modified: trunk/openvas-libraries/libopenvas/network.c =================================================================== --- trunk/openvas-libraries/libopenvas/network.c 2008-09-02 05:46:01 UTC (rev 1273) +++ trunk/openvas-libraries/libopenvas/network.c 2008-09-02 08:59:28 UTC (rev 1274) @@ -1254,7 +1254,9 @@ ret = gnutls_handshake(fp->tls_session); if (ret < 0) { +#ifdef DEBUG_SSL tlserror("gnutls_handshake", ret); +#endif goto fail; } From scm-commit at wald.intevation.org Tue Sep 2 12:57:38 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 2 Sep 2008 12:57:38 +0200 (CEST) Subject: [Openvas-commits] r1275 - trunk/openvas-server Message-ID: <20080902105738.84D55406E6@pyrosoma.intevation.org> Author: mwiegand Date: 2008-09-02 12:57:38 +0200 (Tue, 02 Sep 2008) New Revision: 1275 Modified: trunk/openvas-server/ChangeLog trunk/openvas-server/openvas-services Log: * openvas-services: Fixed changes from rev 83 that caused the server to not report the appropriate port for the service when an open port 1241 was detected. Modified: trunk/openvas-server/ChangeLog =================================================================== --- trunk/openvas-server/ChangeLog 2008-09-02 08:59:28 UTC (rev 1274) +++ trunk/openvas-server/ChangeLog 2008-09-02 10:57:38 UTC (rev 1275) @@ -1,3 +1,9 @@ +2008-09-02 Michael Wiegand + + * openvas-services: Fixed changes from rev 83 that caused the server to + not report the appropriate port for the service when an open port 1241 + was detected. + 2008-09-01 Jan-Oliver Wagner Making protocol extension "plugins_version", "plugins_cve_id", Modified: trunk/openvas-server/openvas-services =================================================================== --- trunk/openvas-server/openvas-services 2008-09-02 08:59:28 UTC (rev 1274) +++ trunk/openvas-server/openvas-services 2008-09-02 10:57:38 UTC (rev 1275) @@ -1699,8 +1699,8 @@ nmsd 1239/udp instantia 1240/tcp instantia 1240/udp -nessus|openvas 1241/tcp -nessus|openvas 1241/udp +nessus/openvas 1241/tcp +nessus/openvas 1241/udp nmasoverip 1242/tcp nmasoverip 1242/udp serialgateway 1243/tcp From scm-commit at wald.intevation.org Tue Sep 2 16:25:08 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 2 Sep 2008 16:25:08 +0200 (CEST) Subject: [Openvas-commits] r1276 - trunk/openvas-plugins/scripts Message-ID: <20080902142508.9DA884079C@pyrosoma.intevation.org> Author: chandra Date: 2008-09-02 16:25:07 +0200 (Tue, 02 Sep 2008) New Revision: 1276 Added: trunk/openvas-plugins/scripts/secpod_dotproject_mult_xss_n_sql_inj_vuln_900116.nasl trunk/openvas-plugins/scripts/secpod_novell_edir_mult_vuln_linux_900210.nasl trunk/openvas-plugins/scripts/secpod_novell_edir_mult_vuln_win_900209.nasl Log: Added new plugins Added: trunk/openvas-plugins/scripts/secpod_dotproject_mult_xss_n_sql_inj_vuln_900116.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_dotproject_mult_xss_n_sql_inj_vuln_900116.nasl 2008-09-02 10:57:38 UTC (rev 1275) +++ trunk/openvas-plugins/scripts/secpod_dotproject_mult_xss_n_sql_inj_vuln_900116.nasl 2008-09-02 14:25:07 UTC (rev 1276) @@ -0,0 +1,118 @@ +############################################################################## +# +# dotProject Multiple XSS and SQL Injection Vulnerabilities +# +# Copyright: SecPod +# +# Date Written: 2008/09/02 +# +# Revision: 1.1 +# +# Log: ssharath +# Issue #0158 +# ------------------------------------------------------------------------ +# This program was written by SecPod and is licensed under the GNU GPL +# license. Please refer to the below link for details, +# http://www.gnu.org/licenses/gpl.html +# This header contains information regarding licensing terms under the GPL, +# and information regarding obtaining source code from the Author. +# Consequently, pursuant to section 3(c) of the GPL, you must accompany the +# information found in this header with any distribution you make of this +# Program. +# ------------------------------------------------------------------------ +############################################################################## + +if(description) +{ + script_id(900116); + script_bugtraq_id(30924); + script_copyright(english:"Copyright (C) 2008 SecPod"); + script_version("Revision: 1.1 "); + script_category(ACT_GATHER_INFO); + script_family(english:"CGI abuses"); + script_name(english:"dotProject Multiple XSS and SQL Injection Vulnerabilities"); + script_summary(english:"Check for the vulnerable version of dotProject"); + desc["english"] = " + Overview : The host is running dotProject, which is prone to multiple Cross + Site Scripting and SQL injection vulnerabilities. + + Vulnerability Insight : + The flaws exists due to, + - improper sanitisation of input value passed to inactive, date, + calendar, callback and day_view, public, dialog and ticketsmith + parameters in index.php before being returned to the user. + - failing to validate the input passed to the tab and user_id parameter + in index.php file, before being used in SQL queries. + + Impact: Successful exploitation will allow attackers to steal cookie + based authentication credentials of user and administrator, and can + also execute arbitrary code in the browser of an unsuspecting user + in the context of an affected site. + + Impact Level : Application + + Affected Software/OS: + dotProject version 2.1.2 and prior on all platform. + + Fix : No solution/patch is available as on 02nd September, 2008. Information + regarding this issue will be updated once the solution details are available. + For updates check, http://www.dotproject.net/ + + References : http://secunia.com/advisories/31681/ + http://packetstorm.linuxsecurity.com/0808-exploits/dotproject-sqlxss.txt + + CVSS Score : + CVSS Base Score : 7.1 (AV:N/AC:M/Au:NR/C:C/I:N/A:N) + CVSS Temporal Score : 6.4 + Risk factor : High"; + + script_description(english:desc["english"]); + script_dependencies("http_version.nasl"); + script_require_ports("Services/www", 80); + exit(0); +} + + + include("http_func.inc"); + include("http_keepalive.inc"); + + port = get_http_port(default:80); + if(!port){ + exit(0); + } + + foreach path (make_list("/xampp/dotproject_2_1_2/dotproject", cgi_dirs())) + { + sndReq = http_get(item:string(path, "/index.php"), port:port); + rcvRes = http_keepalive_send_recv(port:port, data:sndReq); + if(rcvRes == NULL){ + exit(0); + } + + if(egrep(pattern:"dotProject", string:rcvRes) && + egrep(pattern:"^HTTP/.* 200 OK", string:rcvRes)) + { + if(safe_checks()) + { + if(egrep(pattern:"Version ([01]\..*|2\.(0(\..*)?|" + + "1(\.[0-2])?))[^.0-9]", string:rcvRes)){ + security_warning(port); + } + exit(0); + } + + sndReq = http_get(item:string(path, "/index.php?m=public&a=" + + "calendar&dialog=1&callback=setCalendar%22" + + "%3E%3Cimg/src/onerror=alert(101010)%3E"), + port:port); + rcvRes = http_keepalive_send_recv(port:port, data:sndReq, bodyonly:1); + if(rcvRes == NULL){ + exit(0); + } + + if('alert(101010)%3E' >< rcvRes){ + security_warning(port); + } + exit(0); + } + } Property changes on: trunk/openvas-plugins/scripts/secpod_dotproject_mult_xss_n_sql_inj_vuln_900116.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/secpod_novell_edir_mult_vuln_linux_900210.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_novell_edir_mult_vuln_linux_900210.nasl 2008-09-02 10:57:38 UTC (rev 1275) +++ trunk/openvas-plugins/scripts/secpod_novell_edir_mult_vuln_linux_900210.nasl 2008-09-02 14:25:07 UTC (rev 1276) @@ -0,0 +1,125 @@ +############################################################################## +# +# Novell eDirectory Multiple Vulnerabilities (Linux) +# +# Copyright: SecPod +# +# Date Written: 2008/09/01 +# +# Revision: 1.1 +# +# Log: veerendragg +# Issue #0159 +# ------------------------------------------------------------------------ +# This program was written by SecPod and is licensed under the GNU GPL +# license. Please refer to the below link for details, +# http://www.gnu.org/licenses/gpl.html +# This header contains information regarding licensing terms under the GPL, +# and information regarding obtaining source code from the Author. +# Consequently, pursuant to section 3(c) of the GPL, you must accompany the +# information found in this header with any distribution you make of this +# Program. +# ------------------------------------------------------------------------ +############################################################################## + + +if(description) +{ + script_id(900210); + script_bugtraq_id(30947); + script_copyright(english:"Copyright (C) 2008 SecPod"); + script_version("Revision: 1.1 "); + script_category(ACT_GATHER_INFO); + script_family(english:"Misc."); + script_name(english:"Novell eDirectory Multiple Vulnerabilities (Linux)"); + script_summary(english:"Check for Novell eDirectory version"); + desc["english"] = " + Overview : This host is running Novell eDirectory, which is prone to XSS, + Denial of Service, and Remote Code Execution Vulnerabilities. + + Vulnerability Insight : + + Multiple flaw are due to, + - errors in HTTP Protocol Stack that can be exploited to cause heap + based buffer overflow via a specially crafted language/content-length + headers. + - input passed via unspecified parameters to the HTTP Protocol Stack is + not properly sanitzed before being returned to the user. + - Multiple unknown error exist in LDAP and NDS services. + + Impact : Successful Remote exploitation will allow execution of + arbitrary code, heap-based buffer overflow, Cross Site Scripting + attacks, or cause memory corruption. + + Impact Level : System + + Affected Software/OS : + Novell eDirectory 8.8 SP2 and prior versions on Linux (All). + + Fix : Apply 8.8 Service Pack 3. + http://download.novell.com/Download?buildid=RH_B5b3M6EQ~ + + References : http://secunia.com/advisories/31684 + http://securitytracker.com/alerts/2008/Aug/1020788.html + http://securitytracker.com/alerts/2008/Aug/1020787.html + http://securitytracker.com/alerts/2008/Aug/1020786.html + http://securitytracker.com/alerts/2008/Aug/1020785.html + + CVSS Score : + CVSS Base Score : 9.3 (AV:N/AC:M/Au:NR/C:C/I:C/A:C) + CVSS Temporal Score : 6.9 + Risk factor : High"; + + script_description(english:desc["english"]); + script_dependencies("secpod_ssh_sys_info.nasl"); + script_require_keys("ssh/login/uname"); + exit(0); +} + + include("ssh_func.inc"); + + if("Linux" >!< get_kb_item("ssh/login/uname")){ + exit(0); + } + + port = 8028; + if(!get_port_state(port)) + { + port = 8030; + if(!get_port_state(port)){ + exit(0); + } + } + + sock = ssh_login_or_reuse_connection(); + if(!sock){ + exit(0); + } + + output = ssh_cmd(socket:sock, cmd:"ndsd --version", timeout:120); + if("Novell eDirectory" >!< output) + { + output = ssh_cmd(socket:sock, timeout:120, + cmd:"/opt/novell/eDirectory/sbin/ndsd --version"); + } + + ssh_close_connection(); + + if("Novell eDirectory" >!< output){ + exit(0); + } + + if(!(egrep(pattern:"^Novell eDirectory ([0-7]\..*|8\.[0-7]( .*)?|8\.8( SP[0-2])?)[^.0-9]", + string:output))){ + exit(0); + } + + rpmList = get_kb_list("ssh/*/rpms"); + foreach rpm (rpmList) + { + if((egrep(pattern:"^novell-AUDTedirinst~(9\.|8\.9\.|8.8.3|[1-9][0-9]+\.)", + string:rpm))){ + exit(0); + } + } + security_warning(0); Property changes on: trunk/openvas-plugins/scripts/secpod_novell_edir_mult_vuln_linux_900210.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/secpod_novell_edir_mult_vuln_win_900209.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_novell_edir_mult_vuln_win_900209.nasl 2008-09-02 10:57:38 UTC (rev 1275) +++ trunk/openvas-plugins/scripts/secpod_novell_edir_mult_vuln_win_900209.nasl 2008-09-02 14:25:07 UTC (rev 1276) @@ -0,0 +1,174 @@ +############################################################################## +# +# Novell eDirectory Multiple Vulnerabilities (Win) +# +# Copyright: SecPod +# +# Date Written: 2008/09/02 +# +# Revision: 1.1 +# +# Log: veerendragg +# Issue #0159 +# ------------------------------------------------------------------------ +# This program was written by SecPod and is licensed under the GNU GPL +# license. Please refer to the below link for details, +# http://www.gnu.org/licenses/gpl.html +# This header contains information regarding licensing terms under the GPL, +# and information regarding obtaining source code from the Author. +# Consequently, pursuant to section 3(c) of the GPL, you must accompany the +# information found in this header with any distribution you make of this +# Program. +# ------------------------------------------------------------------------ +############################################################################## + + +if(description) +{ + script_id(900209); + script_bugtraq_id(30947); + script_copyright(english:"Copyright (C) 2008 SecPod"); + script_version("Revision: 1.1 "); + script_category(ACT_GATHER_INFO); + script_family(english:"Misc."); + script_name(english:"Novell eDirectory Multiple Vulnerabilities (Win)"); + script_summary(english:"Check for Novell eDirectory version"); + desc["english"] = " + Overview : This host is running Novell eDirectory, which is prone to XSS, + Denial of Service, and Remote Code Execution Vulnerabilities. + + Vulnerability Insight : + + Multiple flaw are due to, + - errors in HTTP Protocol Stack that can be exploited to cause heap + based buffer overflow via a specially crafted language/content-length + headers. + - input passed via unspecified parameters to the HTTP Protocol Stack is + not properly sanitzed before being returned to the user. + - Multiple unknown error exist in LDAP and NDS services. + + Impact : Successful Remote exploitation will allow execution of + arbitrary code, heap-based buffer overflow, Cross Site Scripting + attacks, or cause memory corruption. + + Impact Level : System + + Affected Software/OS : + Novell eDirectory 8.8 SP2 and prior versions on Windows 2000/2003. + + Fix : Apply 8.8 Service Pack 3. + http://download.novell.com/Download?buildid=RH_B5b3M6EQ~ + + References : http://secunia.com/advisories/31684 + http://securitytracker.com/alerts/2008/Aug/1020788.html + http://securitytracker.com/alerts/2008/Aug/1020787.html + http://securitytracker.com/alerts/2008/Aug/1020786.html + http://securitytracker.com/alerts/2008/Aug/1020785.html + + CVSS Score : + CVSS Base Score : 9.3 (AV:N/AC:M/Au:NR/C:C/I:C/A:C) + CVSS Temporal Score : 6.9 + Risk factor : High"; + + script_description(english:desc["english"]); + script_dependencies("secpod_reg_enum.nasl"); + script_require_keys("SMB/WindowsVersion"); + exit(0); +} + + + include("smb_nt.inc"); + + if(!get_kb_item("SMB/WindowsVersion")){ + exit(0); + } + + port = 8028; + if(!get_port_state(port)) + { + port = 8030; + if(!get_port_state(port)){ + exit(0); + } + } + + eDirVer = registry_get_sz(key:"SOFTWARE\Microsoft\Windows\CurrentVersion" + + "\Uninstall\NDSonNT", item:"DisplayName"); + if(!eDirVer){ + exit(0); + } + + # Grep for Novell eDirectory Version < 8.8 SP2 + if(!(egrep(pattern:"^Novell eDirectory ([0-7]\..*|8\.[0-7]( .*)?|8\.8( SP[0-2])?)$", + string:eDirVer))){ + exit(0); + } + + eDirPath = registry_get_sz(key:"SOFTWARE\NOVELL\NDS\NDSSNMPAgent" + + "\CurrentVersion", item:"Pathname"); + if(!eDirPath){ + exit(0); + } + + eDirPath = eDirPath - "ndssnmpsa.dll"; + + share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:eDirPath); + file = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1", string:eDirPath + + "nauditds.dlm "); + + name = kb_smb_name(); + login = kb_smb_login(); + pass = kb_smb_password(); + domain = kb_smb_domain(); + port = kb_smb_transport(); + + soc = open_sock_tcp(port); + if(!soc){ + exit(0); + } + + r = smb_session_request(soc:soc, remote:name); + if(!r){ + close(soc); + exit(0); + } + + prot = smb_neg_prot(soc:soc); + if(!prot){ + close(soc); + exit(0); + } + + r = smb_session_setup(soc:soc, login:login, password:pass, + domain:domain, prot:prot); + if(!r){ + close(soc); + exit(0); + } + + uid = session_extract_uid(reply:r); + r = smb_tconx(soc:soc, name:name, uid:uid, share:share); + + tid = tconx_extract_tid(reply:r); + if(!tid){ + close(soc); + exit(0); + } + + fid = OpenAndX(socket:soc, uid:uid, tid:tid, file:file); + if(!fid){ + close(soc); + exit(0); + } + + # Check for patch (By file size). + fsize = smb_get_file_size(socket:soc, uid:uid, tid:tid, fid:fid); + close(soc); + + if(!fsize){ + exit(0); + } + + if(fsize < 110592){ + security_warning(0); + } Property changes on: trunk/openvas-plugins/scripts/secpod_novell_edir_mult_vuln_win_900209.nasl ___________________________________________________________________ Name: svn:executable + * From scm-commit at wald.intevation.org Tue Sep 2 16:27:01 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 2 Sep 2008 16:27:01 +0200 (CEST) Subject: [Openvas-commits] r1277 - trunk/openvas-plugins Message-ID: <20080902142701.11B6B4079C@pyrosoma.intevation.org> Author: chandra Date: 2008-09-02 16:27:00 +0200 (Tue, 02 Sep 2008) New Revision: 1277 Modified: trunk/openvas-plugins/ChangeLog Log: Added new plugins Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2008-09-02 14:25:07 UTC (rev 1276) +++ trunk/openvas-plugins/ChangeLog 2008-09-02 14:27:00 UTC (rev 1277) @@ -1,5 +1,12 @@ 2008-09-02 Chandrashekhar B + * scripts/secpod_dotproject_mult_xss_n_sql_inj_vuln_900116.nasl, + scripts/secpod_novell_edir_mult_vuln_linux_900210.nal, + scripts/secpod_novell_edir_mult_vuln_win_900209.nasl: + Added new plugins + +2008-09-02 Chandrashekhar B + * scripts/secpod_openvpn_client_code_exec_vuln_900024.nasl, scripts/secpod_opera_detection_linux_900037.nasl, scripts/secpod_pidgin_intgr_overflow_lin_900009.nasl, From scm-commit at wald.intevation.org Tue Sep 2 17:15:28 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 2 Sep 2008 17:15:28 +0200 (CEST) Subject: [Openvas-commits] r1278 - in trunk/openvas-plugins: . scripts Message-ID: <20080902151528.35A06407A8@pyrosoma.intevation.org> Author: jan Date: 2008-09-02 17:15:27 +0200 (Tue, 02 Sep 2008) New Revision: 1278 Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/scripts/kiwi_cattools_dir_traversal.nasl Log: * scripts/kiwi_cattools_dir_traversal.nasl: changed ID to fit a loose scheme for contributors. Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2008-09-02 14:27:00 UTC (rev 1277) +++ trunk/openvas-plugins/ChangeLog 2008-09-02 15:15:27 UTC (rev 1278) @@ -1,3 +1,8 @@ +2008-09-02 Jan-Oliver Wagner + + * scripts/kiwi_cattools_dir_traversal.nasl: changed ID to fit a loose + scheme for contributors. + 2008-09-02 Chandrashekhar B * scripts/secpod_dotproject_mult_xss_n_sql_inj_vuln_900116.nasl, Modified: trunk/openvas-plugins/scripts/kiwi_cattools_dir_traversal.nasl =================================================================== --- trunk/openvas-plugins/scripts/kiwi_cattools_dir_traversal.nasl 2008-09-02 14:27:00 UTC (rev 1277) +++ trunk/openvas-plugins/scripts/kiwi_cattools_dir_traversal.nasl 2008-09-02 15:15:27 UTC (rev 1278) @@ -29,7 +29,7 @@ (AV:R/AC:L/Au:NR/C:C/A:N/I:P/B:C)"; if (description) { - script_id(999991); + script_id(200001); script_version("$Revision: 1.0 $"); script_cve_id("CVE-2007-0888"); From scm-commit at wald.intevation.org Wed Sep 3 22:30:28 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 3 Sep 2008 22:30:28 +0200 (CEST) Subject: [Openvas-commits] r1279 - in trunk/openvas-plugins: . scripts Message-ID: <20080903203028.E550F4073A@pyrosoma.intevation.org> Author: ckm Date: 2008-09-03 22:30:27 +0200 (Wed, 03 Sep 2008) New Revision: 1279 Added: trunk/openvas-plugins/scripts/flash_player_CB-A08-0059.nasl trunk/openvas-plugins/scripts/libpng_CB-A08-0064.nasl trunk/openvas-plugins/scripts/smbcl_flash_player_CB-A08-0059.nasl trunk/openvas-plugins/scripts/win_CVE-2007-6026.nasl trunk/openvas-plugins/scripts/win_CVE-2008-0087.nasl Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/scripts/clamav-CB-A08-0001.nasl trunk/openvas-plugins/scripts/cups_CB-A08-0045.nasl trunk/openvas-plugins/scripts/smbcl_CVE-2008-0234.nasl trunk/openvas-plugins/scripts/version_func.inc Log: * scripts/version_func.inc: added function find_file to find any file on local or remote Host using locate. * scripts/smbcl_CVE-2008-0234.nasl: Update * scripts/flash_player_CB-A08-0059.nasl: new * scripts/smbcl_flash_player_CB-A08-0059.nasl: new * scripts/win_CVE-2008-0087.nasl: new * scripts/win_CVE-2007-6026.nasl: new * scripts/libpng_CB-A08-0064.nasl: new * scripts/clamav-CB-A08-0001.nasl: Update * scripts/cups_CB-A08-0045.nasl: Update Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2008-09-02 15:15:27 UTC (rev 1278) +++ trunk/openvas-plugins/ChangeLog 2008-09-03 20:30:27 UTC (rev 1279) @@ -1,3 +1,16 @@ +2008-09-03 Carsten Koch-Mauthe . + + * scripts/version_func.inc: added function find_file + to find any file on local or remote Host using locate. + * scripts/smbcl_CVE-2008-0234.nasl: Update + * scripts/flash_player_CB-A08-0059.nasl: new + * scripts/smbcl_flash_player_CB-A08-0059.nasl: new + * scripts/win_CVE-2008-0087.nasl: new + * scripts/win_CVE-2007-6026.nasl: new + * scripts/libpng_CB-A08-0064.nasl: new + * scripts/clamav-CB-A08-0001.nasl: Update + * scripts/cups_CB-A08-0045.nasl: Update + 2008-09-02 Jan-Oliver Wagner * scripts/kiwi_cattools_dir_traversal.nasl: changed ID to fit a loose Modified: trunk/openvas-plugins/scripts/clamav-CB-A08-0001.nasl =================================================================== --- trunk/openvas-plugins/scripts/clamav-CB-A08-0001.nasl 2008-09-02 15:15:27 UTC (rev 1278) +++ trunk/openvas-plugins/scripts/clamav-CB-A08-0001.nasl 2008-09-03 20:30:27 UTC (rev 1279) @@ -3,20 +3,24 @@ # Slight modification by Vlatko Kosturjak - Kost # This script is released under the GNU GPLv2 # -# $Revision: 05 $ +# $Revision: 06 $ if(description) { script_id(90000); - script_version ("$Revision: 05 $"); - name["english"] = "ClamAV < 0.93 vulnerability"; + script_version ("$Revision: 06 $"); + name["english"] = "ClamAV < 0.93.1 vulnerability"; script_name(english:name["english"]); desc["english"] = "The remote host is probably affected by the vulnerabilities described in -CVE 2007-6335 CVE 2007-6336 CVE 2007-6337 CVE-2008-0318 CVE-2008-1100 CVE-2008-1387 +CVE 2007-6335 CVE 2007-6336 CVE 2007-6337 CVE-2008-0318 CVE-2008-1100 CVE-2008-1387 CVE-2008-2713 Impact + CVE 2008-2713 + libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to + cause a denial of service via a crafted Petite file that triggers an + out-of-bounds read. CVE 2008-1387 ClamAV before 0.93 allows remote attackers to cause a denial of service (CPU consumption) via a crafted ARJ archive, as demonstrated by the @@ -45,6 +49,7 @@ References: + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2713 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1387 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1100 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0318 @@ -83,7 +88,7 @@ ver = get_bin_version(full_prog_name:binary_name, version_argv:"--version", ver_pattern:"([0-9\.]+)"); if(ver != NULL) { clamavcnt++; - if(version_is_less(version:ver[0], test_version:"0.93") ) { + if(version_is_less(version:ver[0], test_version:"0.93.1") ) { security_hole(port:0, proto:"ClamAV"); report = string("\nFound : ") + binary_name + " Version : " + ver[max_index(ver)-1] + string("\n"); security_hole(port:0, proto:"ClamAV", data:report); Modified: trunk/openvas-plugins/scripts/cups_CB-A08-0045.nasl =================================================================== --- trunk/openvas-plugins/scripts/cups_CB-A08-0045.nasl 2008-09-02 15:15:27 UTC (rev 1278) +++ trunk/openvas-plugins/scripts/cups_CB-A08-0045.nasl 2008-09-03 20:30:27 UTC (rev 1279) @@ -3,19 +3,19 @@ # # This script is released under the GNU GPLv2 # -# $Revision: 02 $ +# $Revision: 03 $ if(description) { script_id(90017); - script_version ("$Revision: 02 $"); -# script_cve_id("CVE-2008-0047"); - name["english"] = "Cups < 1.3.6 vulnerability"; + script_version ("$Revision: 03 $"); +# script_cve_id("CVE-2008-1722"); + name["english"] = "Cups < 1.3.8 vulnerability"; script_name(english:name["english"]); desc["english"] = "The remote host is probably affected by the vulnerabilities described in -CVE-2008-0047 +CVE-2008-1722 CVE-2008-0047 Impact @@ -24,9 +24,15 @@ bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted search expressions. - + CVE-2008-1722 + Multiple integer overflows in (1) filter/image-png.c and (2) + filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial + of service (crash) and trigger memory corruption, as demonstrated + via a crafted PNG image. + References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047 + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1722 Solution: All Cups users should upgrade to the latest version: @@ -36,7 +42,7 @@ "; script_description(english:desc["english"]); - summary["english"] = "Determines Cups < 1.3.6 vulnerability"; + summary["english"] = "Determines Cups < 1.3.8 vulnerability"; script_summary(english:summary["english"]); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is under GPLv2"); @@ -62,43 +68,43 @@ pkg = NULL; rls[0] = "SUSE10.0"; ver[0] = "1.2.7"; - rel[0] = "12.13"; + rel[0] = "12.17"; pkg[0] = "cups"; rls[1] = "SUSE10.1"; ver[1] = "1.2.7"; - rel[1] = "12.13"; + rel[1] = "12.17"; pkg[1] = "cups"; rls[2] = "SUSE10.2"; ver[2] = "1.2.7"; - rel[2] = "12.13"; + rel[2] = "12.17"; pkg[2] = "cups"; rls[3] = "SUSE10.3"; ver[3] = "1.2.12"; - rel[3] = "22.11"; + rel[3] = "22.15"; pkg[3] = "cups"; rls[4] = "SUSE10.0"; ver[4] = "1.2.7"; - rel[4] = "12.13"; + rel[4] = "12.17"; pkg[4] = "cups-client"; rls[5] = "SUSE10.1"; ver[5] = "1.2.7"; - rel[5] = "12.13"; + rel[5] = "12.17"; pkg[5] = "cups-client"; rls[6] = "SUSE10.2"; ver[6] = "1.2.7"; - rel[6] = "12.13"; + rel[6] = "12.17"; pkg[6] = "cups-client"; rls[7] = "SUSE10.3"; ver[7] = "1.2.12"; - rel[7] = "22.11"; + rel[7] = "22.15"; pkg[7] = "cups-client"; rls[8] = "FC7"; ver[8] = "1.2.12"; - rel[8] = "10.fc7"; + rel[8] = "11.fc7"; pkg[8] = "cups"; rls[9] = "FC8"; - ver[9] = "1.3.6"; - rel[9] = "4.fc8"; + ver[9] = "1.3.7"; + rel[9] = "2.fc8"; pkg[9] = "cups"; rls[10] = "SUSE10.0"; ver[10] = "1.2.7"; @@ -106,16 +112,20 @@ pkg[10] = "cups-libs"; rls[11] = "SUSE10.1"; ver[11] = "1.2.7"; - rel[11] = "12.13"; + rel[11] = "12.17"; pkg[11] = "cups-libs"; rls[12] = "SUSE10.2"; ver[12] = "1.2.7"; - rel[12] = "12.13"; + rel[12] = "12.17"; pkg[12] = "cups-libs"; rls[13] = "SUSE10.3"; ver[13] = "1.2.12"; - rel[13] = "22.11"; + rel[13] = "22.15"; pkg[13] = "cups-libs"; + rls[14] = "FC9"; + ver[14] = "1.3.7"; + rel[14] = "2.fc9"; + pkg[14] = "cups"; foreach i (keys(rls)) { if( kbrls == rls[i] ) { @@ -149,7 +159,7 @@ pkg = NULL; rls[0] = "GENTOO"; pat = "net-print/cups-([a-zA-Z0-9\.\-]+)"; - ver[0] = "1.2.12-r7"; + ver[0] = "1.2.12-r8"; if( kbrls == rls[0] ) { pkg = get_kb_item("ssh/login/pkg"); if(pkg) { @@ -168,16 +178,16 @@ rel = NULL; pkg = NULL; rls[0] = "UBUNTU6.06 LTS"; - ver[0] = "1.2.2-0ubuntu0.6.06.8"; + ver[0] = "1.2.2-0ubuntu0.6.06.9"; pkg[0] = "cupsys"; rls[1] = "UBUNTU6.10"; - ver[1] = "1.2.4-2ubuntu3.3"; + ver[1] = " 1.2.4-2ubuntu3.4"; pkg[1] = "cupsys"; rls[2] = "UBUNTU7.04"; - ver[2] = "1.2.8-0ubuntu8.3"; + ver[2] = "1.2.8-0ubuntu8.4"; pkg[2] = "cupsys"; rls[3] = "UBUNTU7.10"; - ver[3] = "1.3.2-1ubuntu7.6"; + ver[3] = "1.3.2-1ubuntu7.7"; pkg[3] = "cupsys"; foreach i (keys(rls)) { Added: trunk/openvas-plugins/scripts/flash_player_CB-A08-0059.nasl =================================================================== --- trunk/openvas-plugins/scripts/flash_player_CB-A08-0059.nasl 2008-09-02 15:15:27 UTC (rev 1278) +++ trunk/openvas-plugins/scripts/flash_player_CB-A08-0059.nasl 2008-09-03 20:30:27 UTC (rev 1279) @@ -0,0 +1,124 @@ +# +# This script was written by Carsten Koch-Mauthe +# This script is released under the GNU GPLv2 +# +# $Revision: 01 $ + +if(description) +{ + + script_id(90018); + script_version ("$Revision: 01 $"); + name["english"] = "Adobe Flash Player 9.0.115.0 and earlier vulnerability"; + script_name(english:name["english"]); + + desc["english"] = "The remote host is probably affected by the vulnerabilities described in +CVE-2007-5275, CVE-2007-6019, CVE-2007-6243, CVE-2007-6637, CVE-2008-1654, CVE-2008-1655 + +Impact + CVE 2007-5275 + The Adobe Macromedia Flash 9 plug-in allows remote attackers to cause + a victim machine to establish TCP sessions with arbitrary hosts via a + Flash (SWF) movie, related to lack of pinning of a hostname to a single + IP address after receiving an allow-access-from element in a + cross-domain-policy XML document, and the availability of a Flash Socket + class that does not use the browser's DNS pins, aka DNS rebinding attacks, + a different issue than CVE-2002-1467 and CVE-2007-4324. + CVE 2007-6019 + Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, + allows remote attackers to execute arbitrary code via an SWF file with + a modified DeclareFunction2 Actionscript tag, which prevents an object + from being instantiated properly. + CVE 2007-6243 + Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x + up to 7.0.70.0 does not sufficiently restrict the interpretation and + usage of cross-domain policy files, which makes it easier for remote + attackers to conduct cross-domain and cross-site scripting (XSS) attacks. + CVE 2007-6637 + Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash + Player allow remote attackers to inject arbitrary web script or HTML + via a crafted SWF file, related to 'pre-generated SWF files' and Adobe + Dreamweaver CS3 or Adobe Acrobat Connect. NOTE: the asfunction: vector + is already covered by CVE-2007-6244.1. + CVE 2008-1654 + Interaction error between Adobe Flash and multiple Universal Plug and Play + (UPnP) services allow remote attackers to perform Cross-Site Request + Forgery (CSRF) style attacks by using the Flash navigateToURL function + to send a SOAP message to a UPnP control point, as demonstrated by changing + the primary DNS server. + CVE 2008-1655 + Unspecified vulnerability in Adobe Flash Player 9.0.115.0 and earlier, + and 8.0.39.0 and earlier, makes it easier for remote attackers to + conduct DNS rebinding attacks via unknown vectors. + + +References: + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5275 + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6019 + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6243 + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6637 + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1654 + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1655 + +Solution: + All Adobe Flash Player users should upgrade to the latest version: + + +Risk factor : High +"; + + script_description(english:desc["english"]); + summary["english"] = "Determines the Version of Flashplayer"; + script_summary(english:summary["english"]); + script_category(ACT_GATHER_INFO); + script_copyright(english:"This script is under GPLv2"); + family["english"] = "Local test"; + script_family(english:family["english"]); + script_dependencies("ssh_authorization.nasl"); + exit(0); +} + +# +# The code starts here +# + +include("version_func.inc"); + +flashplcnt = 0; +sec_hole = 0; +grep = find_bin(prog_name:"grep"); +grep = chomp(grep[0]); +r = find_bin(prog_name:"flashplayer"); +r = make_list(r,find_file(file_name:"/libflashplayer.so")); +garg[0] = "-o"; +garg[1] = "-m1"; +garg[2] = "-a"; +garg[3] = string("[0-9]\\+,[0-9]\\+,[0-9]\\+,[0-9]\\+"); +foreach binary_name (r) { + binary_name = chomp(binary_name); + if (islocalhost()) { + garg[4] = binary_name; + arg = garg; + } else { + arg = garg[0]+" "+garg[1]+" "+garg[2]+" "+raw_string(0x22)+garg[3]+raw_string(0x22)+" "+binary_name; + } + ver = get_bin_version(full_prog_name:grep, version_argv:arg, ver_pattern:"([0-9]+,[0-9]+,[0-9]+,[0-9]+)"); + if(ver != NULL) { + flashplcnt++; + if(version_is_less_equal(version:ver[0], test_version:"9,0,115,0") ) { + if(sec_hole == 0) { + security_hole(port:0, proto:"Adobe Flash Player"); + sec_hole = 1; + } + security_hole(port:0, proto:"Adobe Flash Player", data:string("\nFound : ") + binary_name + " Version : " + ver[0] + string("\n")); + } + } +} + +if(report_verbosity > 1) { + if(flashplcnt == 0) { + report = "Adobe Flash Player not found or ssh login not possible on this host." + string("\n"); + security_note(port:0, proto:"Adobe Flash Player", data:report); + } +} +exit(0); Property changes on: trunk/openvas-plugins/scripts/flash_player_CB-A08-0059.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/libpng_CB-A08-0064.nasl =================================================================== --- trunk/openvas-plugins/scripts/libpng_CB-A08-0064.nasl 2008-09-02 15:15:27 UTC (rev 1278) +++ trunk/openvas-plugins/scripts/libpng_CB-A08-0064.nasl 2008-09-03 20:30:27 UTC (rev 1279) @@ -0,0 +1,89 @@ +# +# This script was written by Carsten Koch-Mauthe +# This script is released under the GNU GPLv2 +# +# $Revision: 01 $ + +if(description) +{ + + script_id(90021); + script_version ("$Revision: 01 $"); + script_cve_id("CVE-2008-1382"); + name["english"] = "libpng vulnerability"; + script_name(english:name["english"]); + + desc["english"] = "The remote host is probably affected by the vulnerabilities described in +CVE-2008-1382 + +Impact + libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, + and 1.4.0beta01 through 1.4.0beta19 allows context-dependent + attackers to cause a denial of service (crash) and possibly + execute arbitrary code via a PNG file with zero length + unknown chunks, which trigger an access of uninitialized + memory. + +References: + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382 + +Solution: + All users should upgrade to the latest libpng version of their Linux Distribution. + + +Risk factor : High +"; + + script_description(english:desc["english"]); + summary["english"] = "Determines the Version of libpng"; + script_summary(english:summary["english"]); + script_category(ACT_GATHER_INFO); + script_copyright(english:"This script is under GPLv2"); + family["english"] = "Local test"; + script_family(english:family["english"]); + script_dependencies("ssh_authorization.nasl"); + exit(0); +} + +# +# The code starts here +# + +include("version_func.inc"); + +local_var sec_proto, r; + +sec_proto = "libpng"; +r = find_bin(prog_name:"libpng-config"); +foreach binary_name (r) { + binary_name = chomp(binary_name); + ver = get_bin_version(full_prog_name:binary_name, version_argv:"--version", ver_pattern:"([0-9\.]+)"); + if(ver != NULL) { + if(version_is_less(version:ver[0], test_version:"1.0.32") ) { + security_warning(port:0, proto:secproto); + report = string("\nFound : ") + binary_name + " Version : " + ver[max_index(ver)-1] + string("\n"); + security_warning(port:0, proto:secproto, data:report); + } else { + if(version_is_greater_equal(version:ver[0], test_version:"1.2.0") && + version_is_less(version:ver[0], test_version:"1.2.27") ) { + security_warning(port:0, proto:secproto); + report = string("\nFound : ") + binary_name + " Version : " + ver[max_index(ver)-1] + string("\n"); + security_warning(port:0, proto:secproto, data:report); + } else { + if(version_is_equal(version:ver[0], test_version:"1.4.0") ) { + ver = get_bin_version(full_prog_name:binary_name, version_argv:"--version", ver_pattern:"(beta..)"); + if(ver != NULL) { + if(version_is_greater_equal(version:ver[0], test_version:"beta01") && + version_is_less(version:ver[0], test_version:"beta20") ) { + security_warning(port:0, proto:secproto); + report = string("\nFound : ") + binary_name + " Version : " + ver[max_index(ver)-1] + string("\n"); + security_warning(port:0, proto:secproto, data:report); + } + } + } + } + } + } +} + +exit(0); Property changes on: trunk/openvas-plugins/scripts/libpng_CB-A08-0064.nasl ___________________________________________________________________ Name: svn:executable + * Modified: trunk/openvas-plugins/scripts/smbcl_CVE-2008-0234.nasl =================================================================== --- trunk/openvas-plugins/scripts/smbcl_CVE-2008-0234.nasl 2008-09-02 15:15:27 UTC (rev 1278) +++ trunk/openvas-plugins/scripts/smbcl_CVE-2008-0234.nasl 2008-09-03 20:30:27 UTC (rev 1279) @@ -3,21 +3,21 @@ # # This script is released under the GNU GPLv2 # -# $Revision: 01 $ +# $Revision: 02 $ if(description) { script_id(90012); - script_version ("$Revision: 01 $"); - script_cve_id("CVE-2008-0234"); + script_version ("$Revision: 02 $"); + script_cve_id("CVE-2008-2010"); name["english"] = "Buffer overflow in Apple Quicktime Player"; script_name(english:name["english"]); desc["english"] = "The remote host is probable affected by the vulnerabilitys described in -CVE-2008-0234 +CVE-2008-0234 CVE-2008-2010 -Checking if QuickTime version is less than 7.4.1 +Checking if QuickTime version is less than 7.5 Impact Buffer overflow in Apple Quicktime Player 7.3.1.70 @@ -27,10 +27,19 @@ to an rtsp:// request, as demonstrated using a 404 error message. + Unspecified vulnerability in Apple QuickTime Player + on Windows XP SP2 and Vista SP1 allows remote attackers + to execute arbitrary code via a crafted QuickTime media + file. NOTE: as of 20080429, the only disclosure is a + vague pre-advisory with no actionable information. + However, because it is from a well-known researcher, + it is being assigned a CVE identifier for tracking purposes. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0234 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2010 http://lists.apple.com/archives/security-announce/2008/Feb/msg00001.html + http://lists.apple.com/archives/Security-announce/2008/Jun/msg00000.html Solution: All Users should upgrade to the latest version. @@ -57,7 +66,7 @@ if( !get_kb_item("SMB/smbclient") ) { smbclientavail(); } -test_version = "7.4.1"; +test_version = "7.50.51"; if(get_kb_item("SMB/smbclient") ) { if( smbversion() == 0){ Added: trunk/openvas-plugins/scripts/smbcl_flash_player_CB-A08-0059.nasl =================================================================== --- trunk/openvas-plugins/scripts/smbcl_flash_player_CB-A08-0059.nasl 2008-09-02 15:15:27 UTC (rev 1278) +++ trunk/openvas-plugins/scripts/smbcl_flash_player_CB-A08-0059.nasl 2008-09-03 20:30:27 UTC (rev 1279) @@ -0,0 +1,132 @@ +# +# This script was written by Carsten Koch-Mauthe +# +# This script is released under the GNU GPLv2 +# +# $Revision: 01 $ + +if(description) +{ + + script_id(90019); + script_version ("$Revision: 01 $"); + name["english"] = "Adobe Flash Player 9.0.115.0 and earlier vulnerability"; + script_name(english:name["english"]); + + desc["english"] = "The remote host is probably affected by the vulnerabilities described in +CVE-2007-5275, CVE-2007-6019, CVE-2007-6243, CVE-2007-6637, CVE-2008-1654, CVE-2008-1655 + +Impact + CVE 2007-5275 + The Adobe Macromedia Flash 9 plug-in allows remote attackers to cause + a victim machine to establish TCP sessions with arbitrary hosts via a + Flash (SWF) movie, related to lack of pinning of a hostname to a single + IP address after receiving an allow-access-from element in a + cross-domain-policy XML document, and the availability of a Flash Socket + class that does not use the browser's DNS pins, aka DNS rebinding attacks, + a different issue than CVE-2002-1467 and CVE-2007-4324. + CVE 2007-6019 + Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, + allows remote attackers to execute arbitrary code via an SWF file with + a modified DeclareFunction2 Actionscript tag, which prevents an object + from being instantiated properly. + CVE 2007-6243 + Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x + up to 7.0.70.0 does not sufficiently restrict the interpretation and + usage of cross-domain policy files, which makes it easier for remote + attackers to conduct cross-domain and cross-site scripting (XSS) attacks. + CVE 2007-6637 + Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash + Player allow remote attackers to inject arbitrary web script or HTML + via a crafted SWF file, related to 'pre-generated SWF files' and Adobe + Dreamweaver CS3 or Adobe Acrobat Connect. NOTE: the asfunction: vector + is already covered by CVE-2007-6244.1. + CVE 2008-1654 + Interaction error between Adobe Flash and multiple Universal Plug and Play + (UPnP) services allow remote attackers to perform Cross-Site Request + Forgery (CSRF) style attacks by using the Flash navigateToURL function + to send a SOAP message to a UPnP control point, as demonstrated by changing + the primary DNS server. + CVE 2008-1655 + Unspecified vulnerability in Adobe Flash Player 9.0.115.0 and earlier, + and 8.0.39.0 and earlier, makes it easier for remote attackers to + conduct DNS rebinding attacks via unknown vectors. + + +References: + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5275 + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6019 + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6243 + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6637 + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1654 + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1655 + +Solution: + All Adobe Flash Player users should upgrade to the latest version: + + +Risk factor : High +"; + + script_description(english:desc["english"]); + summary["english"] = "Determines the Version of Flashplayer"; + script_summary(english:summary["english"]); + script_category(ACT_GATHER_INFO); + script_copyright(english:"This script is under GPLv2"); + family["english"] = "Windows"; + script_family(english:family["english"]); + exit(0); +} + +# +# The code starts here +# + +include("version_func.inc"); +include("smbcl_func.inc"); +if( !get_kb_item("SMB/smbclient") ) { + smbclientavail(); +} + + if(get_kb_item("SMB/smbclient") ) { + if( smbversion() == 0){ + report = string("Error getting SMB-Data -> "+get_kb_item("SMB/ERROR")); + security_note(port:0, proto:"SMBClient", data:report); + exit(0); + } + } else { + report = string("SMBClient not found on openvasd host !"); + security_note(port:0, proto:"SMBClient", data:report); + exit(0); + } + + sec_hole = 0; + test_version = "9.0.115.0"; + win_dir = get_windir(); + if( !isnull(win_dir) ) { + test_file[0] = win_dir+"System32\Macromed\Flash\NPSWF32.dll"; + test_file[1] = win_dir+"System32\Macromed\Flash\Flash.ocx"; + test_file[2] = win_dir+"System32\Macromed\Flash\Flash6.ocx"; + foreach filespec (test_file) { + r = smbgetdir(share: "C$", dir: filespec, typ: 1 ); + if( !isnull(r) ) { + tmp_filename = get_tmp_dir()+"tmpfile"+rand(); + if( smbgetfile(share: "C$", filename: filespec, tmp_filename: tmp_filename) ) { + v = GetPEFileVersion(tmp_filename:tmp_filename, orig_filename:filespec); + unlink(tmp_filename); + if( version_is_less_equal(version: v, test_version: test_version) ) { + if( sec_hole == 0 ) { + security_hole(port:0, proto:"Win_Flashplayer"); + sec_hole = 1; + } + security_hole(port:0, proto:"Win_Flashplayer", data:"Fileversion : C$ "+filespec + " "+v+string("\n")); + } + } else { + report = string("Error getting SMB-File -> "+get_kb_item("SMB/ERROR")) + string("\n"); + security_note(port:0, proto:"Win_Flashplayer", data:report); + } + } + } + } + +exit(0); Modified: trunk/openvas-plugins/scripts/version_func.inc =================================================================== --- trunk/openvas-plugins/scripts/version_func.inc 2008-09-02 15:15:27 UTC (rev 1278) +++ trunk/openvas-plugins/scripts/version_func.inc 2008-09-03 20:30:27 UTC (rev 1279) @@ -3,7 +3,7 @@ # # This script is released under the GNU GPLv2 # -# $Revision: 5 $ +# $Revision: 6 $ # XXX: the version tests should be eventually consolidated with # the methods from revisions-lib.inc. @@ -46,8 +46,28 @@ return (r); } +function find_file(file_name) { + local_var r, sock; + + r = NULL; + if (islocalhost()) { + r = split(pread(cmd:"locate", argv:make_list("locate", file_name)) ); + } else { + sock = ssh_login_or_reuse_connection(); + if (sock) { + r = split(ssh_cmd(socket:sock, cmd:"locate "+file_name, timeout:20)); + ssh_close_connection(); + } + } + if( ("/locatedb" >< r) || ("execvp:" >< r) || ("fatal error" >< r) || ("No such file or dir" >< r) ) { + r = NULL; + } + return (r); +} + function get_bin_version(full_prog_name, version_argv, ver_pattern) { local_var loc_version, r, sock, report; + if (islocalhost()) { r = pread(cmd:full_prog_name, argv:make_list(full_prog_name, version_argv) ); } else { Added: trunk/openvas-plugins/scripts/win_CVE-2007-6026.nasl =================================================================== --- trunk/openvas-plugins/scripts/win_CVE-2007-6026.nasl 2008-09-02 15:15:27 UTC (rev 1278) +++ trunk/openvas-plugins/scripts/win_CVE-2007-6026.nasl 2008-09-03 20:30:27 UTC (rev 1279) @@ -0,0 +1,154 @@ +# +# This script was written by Carsten Koch-Mauthe +# +# This script is released under the GNU GPLv2 +# +# $Revision: 01 $ + +if(description) +{ + + script_id(90024); + script_version ("$Revision: 01 $"); + script_cve_id("CVE-2007-6026"); + name["english"] = "Windows Vulnerability in Microsoft Jet Database Engine"; + script_name(english:name["english"]); + + desc["english"] = "The remote host is probably affected by the vulnerability described in +CVE-2007-6026 + + +Impact + Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 + (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft + Office 2003 SP3, allows user-assisted attackers to execute arbitrary + code via a crafted MDB file database file containing a column + structure with a modified column count. NOTE: this might be the + same issue as CVE-2005-0944. + +References: + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6026 + http://www.microsoft.com/technet/security/bulletin/ms08-028.mspx + +Solution: + All Users should upgrade to the latest version. + + +Risk factor : High"; + + script_description(english:desc["english"]); + summary["english"] = "Windows Vulnerability in Microsoft Jet Database Engine"; + script_summary(english:summary["english"]); + script_category(ACT_GATHER_INFO); + script_copyright(english:"This script is under GPLv2"); + family["english"] = "Windows"; + script_family(english:family["english"]); + exit(0); +} + +# +# The code starts here +# + +local_var os; + +include("version_func.inc"); +include("smbcl_func.inc"); + + if( !get_kb_item("SMB/smbclient") ) { + smbclientavail(); + } + + if(get_kb_item("SMB/smbclient") ) { + if( smbversion() == 0){ + report = string("Error getting SMB-Data -> "+get_kb_item("SMB/ERROR")); + security_note(port:0, proto:"SMBClient", data:report); + exit(0); + } + } else { + report = string("SMBClient not found on this host !"); + security_note(port:0, proto:"SMBClient", data:report); + exit(0); + } + + win_dir = get_windir(); + sec_hole = 0; + if( !isnull(win_dir) ) { + os = get_kb_item("SMB/OS"); + filespec = win_dir+"system32\Msjint40.dll"; + test_version = NULL; + if( "WINDOWS 5.1" >< os ) { + test_version = "4.0.9502.0"; + } else { + if( "WINDOWS SERVER 2003" >< os ) { + test_version = "4.0.9502.0"; + } else { + if( "WINDOWS 5.0" >< os ) { + test_version = "4.0.9502.0"; + } + } + } + if( !isnull(test_version) ) { + r = smbgetdir(share: "C$", dir: filespec, typ: 1 ); + if( !isnull(r) ) { + tmp_filename = get_tmp_dir()+"tmpfile"+rand(); + if( smbgetfile(share: "C$", filename: filespec, tmp_filename: tmp_filename) ) { + v = GetPEFileVersion(tmp_filename:tmp_filename, orig_filename:filespec); + unlink(tmp_filename); + if( version_is_less(version: v, test_version: test_version) ) { + if( sec_hole == 0 ) { + security_hole(port:0, proto:"Win"); + sec_hole = 1; + } + security_hole(port:0, proto:"Win", data:"Version found : C$ "+filespec + " "+v+string("\n")+ + "Version expected : "+test_version+" or higher "+string("\n")); + } + } else { + report = string("Error getting SMB-File -> "+get_kb_item("SMB/ERROR")) + string("\n"); + security_note(port:0, proto:"SMB", data:report); + } + } else { + report = string(filespec+" not found/no access -> "+get_kb_item("SMB/ERROR")) + string("\n"); + security_note(port:0, proto:"SMB", data:report); + } + } + filespec = win_dir+"system32\Msjet40.dll"; + test_version = NULL; + if( "WINDOWS 5.1" >< os ) { + test_version = "4.0.9511.0"; + } else { + if( "WINDOWS SERVER 2003" >< os ) { + test_version = "4.0.9511.0"; + } else { + if( "WINDOWS 5.0" >< os ) { + test_version = "4.0.9511.0"; + } + } + } + if( !isnull(test_version) ) { + r = smbgetdir(share: "C$", dir: filespec, typ: 1 ); + if( !isnull(r) ) { + tmp_filename = get_tmp_dir()+"tmpfile"+rand(); + if( smbgetfile(share: "C$", filename: filespec, tmp_filename: tmp_filename) ) { + v = GetPEFileVersion(tmp_filename:tmp_filename, orig_filename:filespec); + unlink(tmp_filename); + if( version_is_less(version: v, test_version: test_version) ) { + if( sec_hole == 0 ) { + security_hole(port:0, proto:"Win"); + sec_hole = 1; + } + security_hole(port:0, proto:"Win", data:"Version found : C$ "+filespec + " "+v+string("\n")+ + "Version expected : "+test_version+" or higher "+string("\n")); + } + } else { + report = string("Error getting SMB-File -> "+get_kb_item("SMB/ERROR")) + string("\n"); + security_note(port:0, proto:"SMB", data:report); + } + } else { + report = string(filespec+" not found/no access -> "+get_kb_item("SMB/ERROR")) + string("\n"); + security_note(port:0, proto:"SMB", data:report); + } + } + } + +exit(0); Added: trunk/openvas-plugins/scripts/win_CVE-2008-0087.nasl =================================================================== --- trunk/openvas-plugins/scripts/win_CVE-2008-0087.nasl 2008-09-02 15:15:27 UTC (rev 1278) +++ trunk/openvas-plugins/scripts/win_CVE-2008-0087.nasl 2008-09-03 20:30:27 UTC (rev 1279) @@ -0,0 +1,122 @@ +# +# This script was written by Carsten Koch-Mauthe +# +# This script is released under the GNU GPLv2 +# +# $Revision: 01 $ + +if(description) +{ + + script_id(90020); + script_version ("$Revision: 01 $"); + script_cve_id("CVE-2008-0087"); + name["english"] = "Windows vulnerability in DNS Client Could Allow Spoofing (945553)"; + script_name(english:name["english"]); + + desc["english"] = "The remote host is probably affected by the vulnerability described in +CVE-2008-0087 + + +Impact + The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 + and SP2, and Vista uses predictable DNS transaction IDs, which allows + remote attackers to spoof DNS responses. + +References: + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0087 + http://www.microsoft.com/technet/security/bulletin/ms08-020.mspx + +Solution: + All Users should upgrade to the latest version. + + +Risk factor : High"; + + script_description(english:desc["english"]); + summary["english"] = "Windows vulnerability in DNS Client Could Allow Spoofing (945553)"; + script_summary(english:summary["english"]); + script_category(ACT_GATHER_INFO); + script_copyright(english:"This script is under GPLv2"); + family["english"] = "Windows"; + script_family(english:family["english"]); + exit(0); +} + +# +# The code starts here +# + +local_var os; + +include("version_func.inc"); +include("smbcl_func.inc"); + + if( !get_kb_item("SMB/smbclient") ) { + smbclientavail(); + } + + if(get_kb_item("SMB/smbclient") ) { + if( smbversion() == 0){ + report = string("Error getting SMB-Data -> "+get_kb_item("SMB/ERROR")); + security_note(port:0, proto:"SMBClient", data:report); + exit(0); + } + } else { + report = string("SMBClient not found on this host !"); + security_note(port:0, proto:"SMBClient", data:report); + exit(0); + } + + win_dir = get_windir(); + sec_hole = 0; + if( !isnull(win_dir) ) { + os = get_kb_item("SMB/OS"); + filespec = win_dir+"system32\Dnsapi.dll"; + test_version = NULL; + if( "WINDOWS VISTA" >< os ) { + test_version = "6.0.6000.16615"; + } else { + if( "WINDOWS 5.1" >< os ) { + test_version = "5.1.2600.3316"; + } else { + if( "WINDOWS SERVER 2003" >< os ) { + if( "SERVICE PACK 2" >< os ) { + test_version = "5.2.3790.4238"; + } else { + test_version = "5.2.3790.3092"; + } + } else { + if( "WINDOWS 5.0" >< os ) { + test_version = "5.0.2195.7151"; + } + } + } + } + if( !isnull(test_version) ) { + r = smbgetdir(share: "C$", dir: filespec, typ: 1 ); + if( !isnull(r) ) { + tmp_filename = get_tmp_dir()+"tmpfile"+rand(); + if( smbgetfile(share: "C$", filename: filespec, tmp_filename: tmp_filename) ) { + v = GetPEFileVersion(tmp_filename:tmp_filename, orig_filename:filespec); + unlink(tmp_filename); + if( version_is_less(version: v, test_version: test_version) ) { + if( sec_hole == 0 ) { + security_hole(port:0, proto:"Win"); + sec_hole = 1; + } + security_hole(port:0, proto:"Win", data:"Version found : C$ "+filespec + " "+v+string("\n")+ + "Version expected : "+test_version+" or higher "+string("\n")); + } + } else { + report = string("Error getting SMB-File -> "+get_kb_item("SMB/ERROR")) + string("\n"); + security_note(port:0, proto:"SMB", data:report); + } + } else { + report = string(filespec+" not found/no access -> "+get_kb_item("SMB/ERROR")) + string("\n"); + security_note(port:0, proto:"SMB", data:report); + } + } + } + +exit(0); From scm-commit at wald.intevation.org Thu Sep 4 16:56:55 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 4 Sep 2008 16:56:55 +0200 (CEST) Subject: [Openvas-commits] r1280 - in trunk/openvas-plugins: . scripts Message-ID: <20080904145655.754F740791@pyrosoma.intevation.org> Author: kost Date: 2008-09-04 16:56:53 +0200 (Thu, 04 Sep 2008) New Revision: 1280 Added: trunk/openvas-plugins/scripts/openvas-https.inc Modified: trunk/openvas-plugins/ChangeLog Log: scripts/openvas-https.inc: Started implementation of common https functions in nasl (first f() taken from iss_deploymanager.nasl) Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2008-09-03 20:30:27 UTC (rev 1279) +++ trunk/openvas-plugins/ChangeLog 2008-09-04 14:56:53 UTC (rev 1280) @@ -1,3 +1,8 @@ +2008-09-04 Vlatko Kosturjak + + * scripts/openvas-https.inc: Started implementation of common + https functions in nasl (first f() taken from iss_deploymanager.nasl) + 2008-09-03 Carsten Koch-Mauthe . * scripts/version_func.inc: added function find_file Added: trunk/openvas-plugins/scripts/openvas-https.inc =================================================================== --- trunk/openvas-plugins/scripts/openvas-https.inc 2008-09-03 20:30:27 UTC (rev 1279) +++ trunk/openvas-plugins/scripts/openvas-https.inc 2008-09-04 14:56:53 UTC (rev 1280) @@ -0,0 +1,19 @@ +# Implementation of common https functions +# Vlatko Kosturjak +# Distributed under GPL + +function https_req_get(port, request) +{ + if(get_port_state(port)) + { + + soc = open_sock_tcp(port, transport:ENCAPS_SSLv23); + if(soc) + { + send(socket:soc, data:string(request,"\r\n")); + result = http_recv(socket:soc); + close(soc); + return(result); + } + } +} From scm-commit at wald.intevation.org Thu Sep 4 17:00:42 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 4 Sep 2008 17:00:42 +0200 (CEST) Subject: [Openvas-commits] r1281 - in trunk/openvas-plugins: . scripts Message-ID: <20080904150042.E306F40795@pyrosoma.intevation.org> Author: reinke Date: 2008-09-04 17:00:42 +0200 (Thu, 04 Sep 2008) New Revision: 1281 Added: trunk/openvas-plugins/scripts/deb_1629_1.nasl trunk/openvas-plugins/scripts/deb_1629_2.nasl trunk/openvas-plugins/scripts/deb_1630_1.nasl trunk/openvas-plugins/scripts/deb_1631_1.nasl Modified: trunk/openvas-plugins/ChangeLog Log: New scripts added Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2008-09-04 14:56:53 UTC (rev 1280) +++ trunk/openvas-plugins/ChangeLog 2008-09-04 15:00:42 UTC (rev 1281) @@ -1,3 +1,8 @@ +2008-09-04 Thomas Reinke + + * deb_1629_1.nasl deb_1629_2.nasl deb_1630_1.nasl deb_1631_1.nasl + New debian scripts + 2008-09-04 Vlatko Kosturjak * scripts/openvas-https.inc: Started implementation of common Added: trunk/openvas-plugins/scripts/deb_1629_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1629_1.nasl 2008-09-04 14:56:53 UTC (rev 1280) +++ trunk/openvas-plugins/scripts/deb_1629_1.nasl 2008-09-04 15:00:42 UTC (rev 1281) @@ -0,0 +1,120 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1629-1 (postfix) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(61434); + script_cve_id("CVE-2008-2936"); + script_version ("$"); + name["english"] = "Debian Security Advisory DSA 1629-1 (postfix)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to postfix +announced via advisory DSA 1629-1. + +Sebastian Krahmer discovered that Postfix, a mail transfer agent, +incorrectly checks the ownership of a mailbox. In some configurations, +this allows for appending data to arbitrary files as root. + +The default Debian installation of Postfix is not affected. Only a +configuration meeting the following requirements is vulnerable: +* The mail delivery style is mailbox, with the Postfix built-in +local(8) or virtual(8) delivery agents. +* The mail spool directory is user-writeable. +* The user can create hardlinks pointing to root-owned symlinks +located in other directories. + +For a detailed treating of this issue, please refer to the upstream +author's announcement: +http://article.gmane.org/gmane.mail.postfix.announce/110 + +For the stable distribution (etch), this problem has been fixed in +version 2.3.8-2etch1. + +For the testing distribution (lenny), this problem has been fixed in +version 2.5.2-2lenny1. + +For the unstable distribution (sid), this problem has been fixed +in version 2.5.4-1. + +We recommend that you upgrade your postfix package. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201629-1 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Debian Security Advisory DSA 1629-1 (postfix)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Debian Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"postfix-dev", ver:"2.3.8-2etch1", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"postfix-doc", ver:"2.3.8-2etch1", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"postfix", ver:"2.3.8-2etch1", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"postfix-cdb", ver:"2.3.8-2etch1", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"postfix-mysql", ver:"2.3.8-2etch1", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"postfix-ldap", ver:"2.3.8-2etch1", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"postfix-pcre", ver:"2.3.8-2etch1", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"postfix-pgsql", ver:"2.3.8-2etch1", rls:"DEB4.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1629_2.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1629_2.nasl 2008-09-04 14:56:53 UTC (rev 1280) +++ trunk/openvas-plugins/scripts/deb_1629_2.nasl 2008-09-04 15:00:42 UTC (rev 1281) @@ -0,0 +1,126 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1629-2 (postfix) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(61435); + script_cve_id("CVE-2008-2936"); + script_version ("$"); + name["english"] = "Debian Security Advisory DSA 1629-2 (postfix)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to postfix +announced via advisory DSA 1629-2. + +Due to a version numbering problem, the Postfix update for DSA 1629 was +not installable on the i386 (Intel ia32) architecture. This update +increases the version number to make it installable on i386 aswell. +For reference the original advisory text is below. + +Sebastian Krahmer discovered that Postfix, a mail transfer agent, +incorrectly checks the ownership of a mailbox. In some configurations, +this allows for appending data to arbitrary files as root. + +Note that only specific configurations are vulnerable; the default +Debian installation is not affected. Only a configuration meeting +the following requirements is vulnerable: +* The mail delivery style is mailbox, with the Postfix built-in +local(8) or virtual(8) delivery agents. +* The mail spool directory (/var/spool/mail) is user-writeable. +* The user can create hardlinks pointing to root-owned symlinks +located in other directories. + +For a detailed treating of the issue, please refer to the upstream +author's announcement: +http://article.gmane.org/gmane.mail.postfix.announce/110 + +For the stable distribution (etch), this problem has been fixed in +version 2.3.8-2+etch1. + +For the testing distribution (lenny), this problem has been fixed in +version 2.5.2-2lenny1. + +For the unstable distribution (sid), this problem has been fixed +in version 2.5.4-1. + +We recommend that you upgrade your postfix package. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201629-2 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Debian Security Advisory DSA 1629-2 (postfix)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Debian Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"postfix-doc", ver:"2.3.8-2+etch1", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"postfix-dev", ver:"2.3.8-2+etch1", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"postfix-pcre", ver:"2.3.8-2+etch1", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"postfix-mysql", ver:"2.3.8-2+etch1", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"postfix-cdb", ver:"2.3.8-2+etch1", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"postfix", ver:"2.3.8-2+etch1", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"postfix-ldap", ver:"2.3.8-2+etch1", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"postfix-pgsql", ver:"2.3.8-2+etch1", rls:"DEB4.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1630_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1630_1.nasl 2008-09-04 14:56:53 UTC (rev 1280) +++ trunk/openvas-plugins/scripts/deb_1630_1.nasl 2008-09-04 15:00:42 UTC (rev 1281) @@ -0,0 +1,516 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1630-1 (linux-2.6) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(61436); + script_cve_id("CVE-2007-6282", "CVE-2008-0598", "CVE-2008-2729", "CVE-2008-2812", "CVE-2008-2826", "CVE-2008-2931", "CVE-2008-3272", "CVE-2008-3275"); + script_version ("$"); + name["english"] = "Debian Security Advisory DSA 1630-1 (linux-2.6)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to linux-2.6 +announced via advisory DSA 1630-1. + +Several vulnerabilities have been discovered in the Linux kernel that may +lead to a denial of service or arbitrary code execution. The Common +Vulnerabilities and Exposures project identifies the following +problems: + +CVE-2007-6282 + +Dirk Nehring discovered a vulnerability in the IPsec code that allows +remote users to cause a denial of service by sending a specially crafted +ESP packet. + +CVE-2008-0598 + +Tavis Ormandy discovered a vulnerability that allows local users to access +uninitialized kernel memory, possibly leaking sensitive data. This issue +is specific to the amd64-flavour kernel images. + +CVE-2008-2729 + +Andi Kleen discovered an issue where uninitialized kernel memory +was being leaked to userspace during an exception. This issue may allow +local users to gain access to sensitive data. Only the amd64-flavour +Debian kernel images are affected. + +CVE-2008-2812 + +Alan Cox discovered an issue in multiple tty drivers that allows +local users to trigger a denial of service (NULL pointer dereference) +and possibly obtain elevated privileges. + +CVE-2008-2826 + +Gabriel Campana discovered an integer overflow in the sctp code that +can be exploited by local users to cause a denial of service. + +CVE-2008-2931 + +Miklos Szeredi reported a missing privilege check in the do_change_type() +function. This allows local, unprivileged users to change the properties +of mount points. + +CVE-2008-3272 + +Tobias Klein reported a locally exploitable data leak in the +snd_seq_oss_synth_make_info() function. This may allow local users +to gain access to sensitive information. + +CVE-2008-3275 + +Zoltan Sogor discovered a coding error in the VFS that allows local users +to exploit a kernel memory leak resulting in a denial of service. + +For the stable distribution (etch), this problem has been fixed in +version 2.6.18.dfsg.1-22etch2. + +We recommend that you upgrade your linux-2.6, fai-kernels, and + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201630-1 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Debian Security Advisory DSA 1630-1 (linux-2.6)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Debian Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"linux-support-2.6.18-6", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-source-2.6.18", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-patch-debian-2.6.18", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-manual-2.6.18", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-doc-2.6.18", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-tree-2.6.18", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-alpha-legacy", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-alpha-generic", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-alpha", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-alpha-smp", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-alpha", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-alpha-smp", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-alpha-generic", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-alpha-legacy", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"fai-kernels", ver:"1.17+etch.22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-amd64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-amd64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-amd64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-xen-amd64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"xen-linux-system-2.6.18-6-xen-vserver-amd64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-xen-amd64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-xen-vserver-amd64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-modules-2.6.18-6-xen-vserver-amd64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-amd64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-amd64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-xen-vserver", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-xen", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-xen-vserver-amd64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"xen-linux-system-2.6.18-6-xen-amd64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-modules-2.6.18-6-xen-amd64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-ixp4xx", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-rpc", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-iop32x", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-iop32x", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-s3c2410", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-arm", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-rpc", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-footbridge", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-footbridge", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-s3c2410", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-ixp4xx", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-parisc64-smp", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-hppa", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-parisc", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-parisc64-smp", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-parisc64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-parisc-smp", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-parisc64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-parisc-smp", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-parisc", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-686", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-xen-686", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-k7", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-k7", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"user-mode-linux", ver:"2.6.18-1um-2etch.22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-686-bigmem", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"xen-linux-system-2.6.18-6-xen-686", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-i386", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-xen-vserver-686", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"xen-linux-system-2.6.18-6-xen-vserver-686", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-modules-2.6.18-6-xen-vserver-686", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-686", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-486", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-k7", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-686-bigmem", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-486", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-686", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-686", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-xen-vserver-686", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-k7", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-xen-686", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-modules-2.6.18-6-xen-686", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-mckinley", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-ia64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-itanium", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-mckinley", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-itanium", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-r4k-ip22", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-qemu", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-sb1a-bcm91480b", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-r4k-ip22", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-sb1a-bcm91480b", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-qemu", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-sb1-bcm91250a", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-r5k-ip32", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-r5k-ip32", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-mips", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-sb1-bcm91250a", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-r4k-kn04", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-r5k-cobalt", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-r3k-kn02", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-r3k-kn02", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-r5k-cobalt", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-mipsel", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-r4k-kn04", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-powerpc64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-powerpc", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-powerpc-miboot", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-powerpc", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-powerpc64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-powerpc-smp", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-powerpc64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-powerpc", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-powerpc64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-prep", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-prep", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-powerpc-miboot", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-powerpc-smp", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-powerpc", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-powerpc", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-s390", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-s390x", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-s390", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-s390x", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-s390", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-s390x", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-s390x", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-s390-tape", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-sparc64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-sparc32", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-sparc32", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-sparc64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-sparc64-smp", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-sparc64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-sparc64", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-sparc64-smp", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-sparc", ver:"2.6.18.dfsg.1-22etch2", rls:"DEB4.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1631_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1631_1.nasl 2008-09-04 14:56:53 UTC (rev 1280) +++ trunk/openvas-plugins/scripts/deb_1631_1.nasl 2008-09-04 15:00:42 UTC (rev 1281) @@ -0,0 +1,98 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1631-1 (libxml2) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(61437); + script_cve_id("CVE-2008-3281"); + script_version ("$"); + name["english"] = "Debian Security Advisory DSA 1631-1 (libxml2)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to libxml2 +announced via advisory DSA 1631-1. + +Andreas Solberg discovered that libxml2, the GNOME XML library, +could be forced to recursively evaluate entities, until available +CPU & memory resources were exhausted. + +For the stable distribution (etch), this problem has been fixed in version +2.6.27.dfsg-3. + +For the unstable distribution (sid), this problem will be fixed soon. + +We recommend that you upgrade your libxml2 package. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201631-1 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Debian Security Advisory DSA 1631-1 (libxml2)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Debian Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"libxml2-doc", ver:"2.6.27.dfsg-3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxml2-utils", ver:"2.6.27.dfsg-3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"python-libxml2", ver:"2.6.27.dfsg-3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxml2-dbg", ver:"2.6.27.dfsg-3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxml2-dev", ver:"2.6.27.dfsg-3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxml2", ver:"2.6.27.dfsg-3", rls:"DEB4.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} From scm-commit at wald.intevation.org Thu Sep 4 22:29:07 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 4 Sep 2008 22:29:07 +0200 (CEST) Subject: [Openvas-commits] r1283 - in trunk/openvas-plugins: . scripts Message-ID: <20080904202907.93EAC4079E@pyrosoma.intevation.org> Author: ckm Date: 2008-09-04 22:29:05 +0200 (Thu, 04 Sep 2008) New Revision: 1283 Added: trunk/openvas-plugins/scripts/ubuntu_usn-612.nasl Modified: trunk/openvas-plugins/ChangeLog Log: * scripts/ubuntu_usn-612.nasl: new Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2008-09-04 18:41:11 UTC (rev 1282) +++ trunk/openvas-plugins/ChangeLog 2008-09-04 20:29:05 UTC (rev 1283) @@ -1,3 +1,7 @@ +2008-09-04 Carsten Koch-Mauthe . + + * scripts/ubuntu_usn-612.nasl: new + 2008-09-04 Thomas Reinke * FreeBSD scripts added. Added: trunk/openvas-plugins/scripts/ubuntu_usn-612.nasl =================================================================== --- trunk/openvas-plugins/scripts/ubuntu_usn-612.nasl 2008-09-04 18:41:11 UTC (rev 1282) +++ trunk/openvas-plugins/scripts/ubuntu_usn-612.nasl 2008-09-04 20:29:05 UTC (rev 1283) @@ -0,0 +1,201 @@ +# Carsten Koch-Mauthe +# +# based on deb_1571_1.nasl by Thomas Reinke +# +# Copyright: +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +# $Revision: 01 $ + +if(description) +{ + script_id(90025); + script_cve_id("CVE-2008-0166"); + script_version ("$Revision: 01 $"); + name["english"] = "USN-612-1 through USN-612-11: OpenSSL vulnerability (openssl)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is probably affected by the vulnerabilities described in +USN-612-1,USN-612-2,USN-612-3,USN-612-4: OpenSSL vulnerability + +Luciano Bello discovered that the random number generator in Debian's +openssl package is predictable. This is caused by an incorrect +Debian-specific change to the openssl package (CVE-2008-0166). As a +result, cryptographic key material may be guessable. + +This is a Debian-specific vulnerability which does not affect other +operating systems which are not based on Debian. However, other systems +can be indirectly affected if weak keys are imported into them. + +It is strongly recommended that all cryptographic key material which has +been generated by OpenSSL versions starting with 0.9.8c-1 on Debian +systems is recreated from scratch. Furthermore, all DSA keys ever used +on affected Debian systems for signing or authentication purposes should +be considered compromised; the Digital Signature Algorithm relies on a +secret random value used during signature generation. + +The first vulnerable version, 0.9.8c-1, was uploaded to the unstable +distribution on 2006-09-17, and has since propagated to the testing and +current stable (etch) distributions. The old stable distribution +(sarge) is not affected. + +Affected keys include SSH keys, OpenVPN keys, DNSSEC keys, and key +material for use in X.509 certificates and session keys used in SSL/TLS +connections. Keys generated with GnuPG or GNUTLS are not affected, +though. + +The problem can be corrected by upgrading your system to the actual +packages. + +Solution: +http://www.ubuntu.com/usn/usn-612-1 +http://www.ubuntu.com/usn/usn-612-2 +http://www.ubuntu.com/usn/usn-612-3 +http://www.ubuntu.com/usn/usn-612-4 +http://www.ubuntu.com/usn/usn-612-5 +http://www.ubuntu.com/usn/usn-612-6 +http://www.ubuntu.com/usn/usn-612-7 +http://www.ubuntu.com/usn/usn-612-8 +http://www.ubuntu.com/usn/usn-612-9 +http://www.ubuntu.com/usn/usn-612-10 +http://www.ubuntu.com/usn/usn-612-11 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "USN-612-1 through USN-612-11: OpenSSL vulnerability (openssl)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + family["english"] = "Ubuntu Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); + + vuln = 0; + kbrls = get_kb_item("ssh/login/release"); + rls = NULL; + ver = NULL; + rel = NULL; + pkg = NULL; + rls[0] = "UBUNTU6.06"; + ver[0] = "0.3.3+0.4-0ubuntu0.6.06.2"; + pkg[0] = "openssl-blacklist"; + rls[1] = "UBUNTU6.06"; + ver[1] = "0.3.3+0.4-0ubuntu0.6.06.2"; + pkg[1] = "openssl-blacklist-extra"; + rls[2] = "UBUNTU6.06"; + ver[2] = "1:4.2p1-7ubuntu3.4"; + pkg[2] = "openssh-server"; + rls[3] = "UBUNTU6.06"; + ver[3] = "0.1-0ubuntu0.6.06.1"; + pkg[3] = "openssl-blacklist"; + rls[4] = "UBUNTU7.04"; + ver[4] = "0.1-0ubuntu0.6.06.1"; + pkg[4] = "libssl0.9.8"; + rls[5] = "UBUNTU7.04"; + ver[5] = "1:4.3p2-8ubuntu1.3"; + pkg[5] = "openssh-server"; + rls[6] = "UBUNTU7.04"; + ver[6] = "1.0.13-0ubuntu0.7.04.1"; + pkg[6] = "ssl-cert"; + rls[7] = "UBUNTU7.04"; + ver[7] = "1:4.3p2-8ubuntu1.4"; + pkg[7] = "openssh-client"; + rls[8] = "UBUNTU7.04"; + ver[8] = "1:4.3p2-8ubuntu1.4"; + pkg[8] = "openssh-client-udeb"; + rls[9] = "UBUNTU7.04"; + ver[9] = "2.0.9-5ubuntu0.3"; + pkg[9] = "openvpn"; + rls[10] = "UBUNTU7.04"; + ver[10] = "0.3.3+0.4-0ubuntu0.7.04.2"; + pkg[10] = "openssl-blacklist"; + rls[11] = "UBUNTU7.04"; + ver[11] = "0.3.3+0.4-0ubuntu0.7.04.2"; + pkg[11] = "openssl-blacklist-extra"; + rls[12] = "UBUNTU7.10"; + ver[12] = "0.9.8e-5ubuntu3.2"; + pkg[12] = "libssl0.9.8"; + rls[13] = "UBUNTU7.10"; + ver[13] = "1:4.6p1-5ubuntu0.3"; + pkg[13] = "openssh-server"; + rls[14] = "UBUNTU7.10"; + ver[14] = "1.0.14-0ubuntu0.7.10.1"; + pkg[14] = "ssl-cert"; + rls[15] = "UBUNTU7.10"; + ver[15] = "1:4.6p1-5ubuntu0.5"; + pkg[15] = "openssh-client"; + rls[16] = "UBUNTU7.10"; + ver[16] = "1:4.6p1-5ubuntu0.5"; + pkg[16] = "openssh-client-udeb"; + rls[17] = "UBUNTU7.10"; + ver[17] = "2.0.9-8ubuntu0.3"; + pkg[17] = "openvpn"; + rls[18] = "UBUNTU7.10"; + ver[18] = "0.3.3+0.4-0ubuntu0.7.10.2"; + pkg[18] = "openssl-blacklist"; + rls[19] = "UBUNTU7.10"; + ver[19] = "0.3.3+0.4-0ubuntu0.7.10.2"; + pkg[19] = "openssl-blacklist-extra"; + rls[20] = "UBUNTU8.04"; + ver[20] = "0.9.8g-4ubuntu3.1"; + pkg[20] = "libssl0.9.8"; + rls[21] = "UBUNTU8.04"; + ver[21] = "1:4.7p1-8ubuntu1.1"; + pkg[21] = "openssh-server"; + rls[22] = "UBUNTU8.04"; + ver[22] = "1.0.14-0ubuntu2.1"; + pkg[22] = "ssl-cert"; + rls[23] = "UBUNTU8.04"; + ver[23] = "1:4.7p1-8ubuntu1.2"; + pkg[23] = "openssh-client"; + rls[24] = "UBUNTU8.04"; + ver[24] = "1:4.7p1-8ubuntu1.2"; + pkg[24] = "openssh-client-udeb"; + rls[25] = "UBUNTU8.04"; + ver[25] = "2.1~rc7-1ubuntu3.3"; + pkg[25] = "openvpn"; + rls[26] = "UBUNTU8.04"; + ver[26] = "0.3.3+0.4-0ubuntu0.8.04.3"; + pkg[26] = "openssl-blacklist"; + rls[27] = "UBUNTU8.04"; + ver[27] = "0.3.3+0.4-0ubuntu0.8.04.3"; + pkg[27] = "openssl-blacklist-extra"; + foreach i (keys(rls)) { + if( kbrls == rls[i] ) { + if(isdpkgvuln(pkg:pkg[i], ver:ver[i], rls:rls[i])) { + vuln = 1; + } + } + } + +if(vuln) { + security_hole(0); +} From scm-commit at wald.intevation.org Thu Sep 4 20:41:55 2008 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 4 Sep 2008 20:41:55 +0200 (CEST) Subject: [Openvas-commits] r1282 - in trunk/openvas-plugins: . scripts Message-ID: <20080904184155.6D8C9407A2@pyrosoma.intevation.org> Author: reinke Date: 2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008) New Revision: 1282 Added: trunk/openvas-plugins/scripts/freebsd_DarwinStreamingServer.nasl trunk/openvas-plugins/scripts/freebsd_ImageMagick.nasl trunk/openvas-plugins/scripts/freebsd_ImageMagick0.nasl trunk/openvas-plugins/scripts/freebsd_ImageMagick1.nasl trunk/openvas-plugins/scripts/freebsd_ImageMagick2.nasl trunk/openvas-plugins/scripts/freebsd_ImageMagick3.nasl trunk/openvas-plugins/scripts/freebsd_ImageMagick4.nasl trunk/openvas-plugins/scripts/freebsd_ImageMagick5.nasl trunk/openvas-plugins/scripts/freebsd_ImageMagick6.nasl trunk/openvas-plugins/scripts/freebsd_MT.nasl trunk/openvas-plugins/scripts/freebsd_SSLtelnet.nasl trunk/openvas-plugins/scripts/freebsd_WebCalendar.nasl trunk/openvas-plugins/scripts/freebsd_WebCalendar0.nasl trunk/openvas-plugins/scripts/freebsd_WebCalendar1.nasl trunk/openvas-plugins/scripts/freebsd_XFree86-Server.nasl trunk/openvas-plugins/scripts/freebsd_XFree86-Server0.nasl trunk/openvas-plugins/scripts/freebsd_a2ps-a4.nasl trunk/openvas-plugins/scripts/freebsd_a2ps-a40.nasl trunk/openvas-plugins/scripts/freebsd_acroread.nasl trunk/openvas-plugins/scripts/freebsd_acroread0.nasl trunk/openvas-plugins/scripts/freebsd_acroread1.nasl trunk/openvas-plugins/scripts/freebsd_acroread4.nasl trunk/openvas-plugins/scripts/freebsd_acroread40.nasl trunk/openvas-plugins/scripts/freebsd_acroread7.nasl trunk/openvas-plugins/scripts/freebsd_agenda-snow-libs.nasl trunk/openvas-plugins/scripts/freebsd_alsaplayer.nasl trunk/openvas-plugins/scripts/freebsd_amaya.nasl trunk/openvas-plugins/scripts/freebsd_anubis.nasl trunk/openvas-plugins/scripts/freebsd_apache+mod_ssl.nasl trunk/openvas-plugins/scripts/freebsd_apache+ssl.nasl trunk/openvas-plugins/scripts/freebsd_apache-tomcat.nasl trunk/openvas-plugins/scripts/freebsd_apache-tomcat0.nasl trunk/openvas-plugins/scripts/freebsd_apache.nasl trunk/openvas-plugins/scripts/freebsd_apache0.nasl trunk/openvas-plugins/scripts/freebsd_apache1.nasl trunk/openvas-plugins/scripts/freebsd_apache10.nasl trunk/openvas-plugins/scripts/freebsd_apache11.nasl trunk/openvas-plugins/scripts/freebsd_apache12.nasl trunk/openvas-plugins/scripts/freebsd_apache13.nasl trunk/openvas-plugins/scripts/freebsd_apache2.nasl trunk/openvas-plugins/scripts/freebsd_apache3.nasl trunk/openvas-plugins/scripts/freebsd_apache4.nasl trunk/openvas-plugins/scripts/freebsd_apache5.nasl trunk/openvas-plugins/scripts/freebsd_apache6.nasl trunk/openvas-plugins/scripts/freebsd_apache7.nasl trunk/openvas-plugins/scripts/freebsd_apache8.nasl trunk/openvas-plugins/scripts/freebsd_apache9.nasl trunk/openvas-plugins/scripts/freebsd_asterisk.nasl trunk/openvas-plugins/scripts/freebsd_asterisk0.nasl trunk/openvas-plugins/scripts/freebsd_awstats.nasl trunk/openvas-plugins/scripts/freebsd_awstats0.nasl trunk/openvas-plugins/scripts/freebsd_awstats1.nasl trunk/openvas-plugins/scripts/freebsd_awstats2.nasl trunk/openvas-plugins/scripts/freebsd_axel.nasl trunk/openvas-plugins/scripts/freebsd_base.nasl trunk/openvas-plugins/scripts/freebsd_bidwatcher.nasl trunk/openvas-plugins/scripts/freebsd_bind.nasl trunk/openvas-plugins/scripts/freebsd_bind0.nasl trunk/openvas-plugins/scripts/freebsd_bind9.nasl trunk/openvas-plugins/scripts/freebsd_bind90.nasl trunk/openvas-plugins/scripts/freebsd_bmon.nasl trunk/openvas-plugins/scripts/freebsd_bnc.nasl trunk/openvas-plugins/scripts/freebsd_bogofilter.nasl trunk/openvas-plugins/scripts/freebsd_bogofilter0.nasl trunk/openvas-plugins/scripts/freebsd_bogofilter1.nasl trunk/openvas-plugins/scripts/freebsd_bugzilla.nasl trunk/openvas-plugins/scripts/freebsd_bugzilla0.nasl trunk/openvas-plugins/scripts/freebsd_bugzilla1.nasl trunk/openvas-plugins/scripts/freebsd_bugzilla2.nasl trunk/openvas-plugins/scripts/freebsd_bugzilla3.nasl trunk/openvas-plugins/scripts/freebsd_bugzilla4.nasl trunk/openvas-plugins/scripts/freebsd_bugzilla5.nasl trunk/openvas-plugins/scripts/freebsd_bzip2.nasl trunk/openvas-plugins/scripts/freebsd_bzip20.nasl trunk/openvas-plugins/scripts/freebsd_c-ares.nasl trunk/openvas-plugins/scripts/freebsd_cabextract.nasl trunk/openvas-plugins/scripts/freebsd_cacti.nasl trunk/openvas-plugins/scripts/freebsd_cacti0.nasl trunk/openvas-plugins/scripts/freebsd_cacti1.nasl trunk/openvas-plugins/scripts/freebsd_cacti2.nasl trunk/openvas-plugins/scripts/freebsd_cacti3.nasl trunk/openvas-plugins/scripts/freebsd_cacti4.nasl trunk/openvas-plugins/scripts/freebsd_cacti5.nasl trunk/openvas-plugins/scripts/freebsd_cdf3.nasl trunk/openvas-plugins/scripts/freebsd_cdrdao.nasl trunk/openvas-plugins/scripts/freebsd_cfengine.nasl trunk/openvas-plugins/scripts/freebsd_clamav.nasl trunk/openvas-plugins/scripts/freebsd_clamav0.nasl trunk/openvas-plugins/scripts/freebsd_clamav1.nasl trunk/openvas-plugins/scripts/freebsd_clamav10.nasl trunk/openvas-plugins/scripts/freebsd_clamav11.nasl trunk/openvas-plugins/scripts/freebsd_clamav12.nasl trunk/openvas-plugins/scripts/freebsd_clamav13.nasl trunk/openvas-plugins/scripts/freebsd_clamav14.nasl trunk/openvas-plugins/scripts/freebsd_clamav2.nasl trunk/openvas-plugins/scripts/freebsd_clamav3.nasl trunk/openvas-plugins/scripts/freebsd_clamav4.nasl trunk/openvas-plugins/scripts/freebsd_clamav5.nasl trunk/openvas-plugins/scripts/freebsd_clamav6.nasl trunk/openvas-plugins/scripts/freebsd_clamav7.nasl trunk/openvas-plugins/scripts/freebsd_clamav8.nasl trunk/openvas-plugins/scripts/freebsd_clamav9.nasl trunk/openvas-plugins/scripts/freebsd_claws-mail.nasl trunk/openvas-plugins/scripts/freebsd_claws-mail0.nasl trunk/openvas-plugins/scripts/freebsd_claws-mail1.nasl trunk/openvas-plugins/scripts/freebsd_coppermine.nasl trunk/openvas-plugins/scripts/freebsd_coppermine0.nasl trunk/openvas-plugins/scripts/freebsd_coppermine1.nasl trunk/openvas-plugins/scripts/freebsd_coppermine2.nasl trunk/openvas-plugins/scripts/freebsd_coppermine3.nasl trunk/openvas-plugins/scripts/freebsd_coppermine4.nasl trunk/openvas-plugins/scripts/freebsd_courier-authlib.nasl trunk/openvas-plugins/scripts/freebsd_courier-imap.nasl trunk/openvas-plugins/scripts/freebsd_courier.nasl trunk/openvas-plugins/scripts/freebsd_crossfire-server.nasl trunk/openvas-plugins/scripts/freebsd_cscope.nasl trunk/openvas-plugins/scripts/freebsd_cscope0.nasl trunk/openvas-plugins/scripts/freebsd_cscope1.nasl trunk/openvas-plugins/scripts/freebsd_cups-base.nasl trunk/openvas-plugins/scripts/freebsd_cups-base0.nasl trunk/openvas-plugins/scripts/freebsd_cups-base1.nasl trunk/openvas-plugins/scripts/freebsd_cups-base2.nasl trunk/openvas-plugins/scripts/freebsd_cups-base3.nasl trunk/openvas-plugins/scripts/freebsd_cups-base4.nasl trunk/openvas-plugins/scripts/freebsd_cups-base5.nasl trunk/openvas-plugins/scripts/freebsd_cups-lpr.nasl trunk/openvas-plugins/scripts/freebsd_curl.nasl trunk/openvas-plugins/scripts/freebsd_curl0.nasl trunk/openvas-plugins/scripts/freebsd_curl1.nasl trunk/openvas-plugins/scripts/freebsd_cvs+ipv6.nasl trunk/openvas-plugins/scripts/freebsd_cvs+ipv60.nasl trunk/openvas-plugins/scripts/freebsd_cvs+ipv61.nasl trunk/openvas-plugins/scripts/freebsd_cyrus-imapd.nasl trunk/openvas-plugins/scripts/freebsd_cyrus-imapd0.nasl trunk/openvas-plugins/scripts/freebsd_cyrus-imapd1.nasl trunk/openvas-plugins/scripts/freebsd_cyrus-imapd2.nasl trunk/openvas-plugins/scripts/freebsd_cyrus-imapd3.nasl trunk/openvas-plugins/scripts/freebsd_cyrus-imspd.nasl trunk/openvas-plugins/scripts/freebsd_cyrus-sasl.nasl trunk/openvas-plugins/scripts/freebsd_cyrus-sasl0.nasl trunk/openvas-plugins/scripts/freebsd_cyrus-sasl1.nasl trunk/openvas-plugins/scripts/freebsd_cyrus.nasl trunk/openvas-plugins/scripts/freebsd_dbus.nasl trunk/openvas-plugins/scripts/freebsd_de-netscape7.nasl trunk/openvas-plugins/scripts/freebsd_dia.nasl trunk/openvas-plugins/scripts/freebsd_dillo.nasl trunk/openvas-plugins/scripts/freebsd_dirproxy.nasl trunk/openvas-plugins/scripts/freebsd_distcc.nasl trunk/openvas-plugins/scripts/freebsd_dnrd.nasl trunk/openvas-plugins/scripts/freebsd_dokuwiki.nasl trunk/openvas-plugins/scripts/freebsd_dokuwiki0.nasl trunk/openvas-plugins/scripts/freebsd_dokuwiki1.nasl trunk/openvas-plugins/scripts/freebsd_dokuwiki2.nasl trunk/openvas-plugins/scripts/freebsd_dokuwiki3.nasl trunk/openvas-plugins/scripts/freebsd_dovecot.nasl trunk/openvas-plugins/scripts/freebsd_dovecot0.nasl trunk/openvas-plugins/scripts/freebsd_drupal-pubcookie.nasl trunk/openvas-plugins/scripts/freebsd_drupal.nasl trunk/openvas-plugins/scripts/freebsd_drupal0.nasl trunk/openvas-plugins/scripts/freebsd_drupal1.nasl trunk/openvas-plugins/scripts/freebsd_drupal2.nasl trunk/openvas-plugins/scripts/freebsd_drupal3.nasl trunk/openvas-plugins/scripts/freebsd_drupal4.nasl trunk/openvas-plugins/scripts/freebsd_drupal40.nasl trunk/openvas-plugins/scripts/freebsd_drupal41.nasl trunk/openvas-plugins/scripts/freebsd_drupal5.nasl trunk/openvas-plugins/scripts/freebsd_drupal50.nasl trunk/openvas-plugins/scripts/freebsd_drupal51.nasl trunk/openvas-plugins/scripts/freebsd_drupal52.nasl trunk/openvas-plugins/scripts/freebsd_drupal53.nasl trunk/openvas-plugins/scripts/freebsd_drupal54.nasl trunk/openvas-plugins/scripts/freebsd_drupal55.nasl trunk/openvas-plugins/scripts/freebsd_drupal56.nasl trunk/openvas-plugins/scripts/freebsd_drupal6.nasl trunk/openvas-plugins/scripts/freebsd_drupal7.nasl trunk/openvas-plugins/scripts/freebsd_drupal8.nasl trunk/openvas-plugins/scripts/freebsd_e2fsprogs.nasl trunk/openvas-plugins/scripts/freebsd_eGroupWare.nasl trunk/openvas-plugins/scripts/freebsd_ecartis.nasl trunk/openvas-plugins/scripts/freebsd_ecartis0.nasl trunk/openvas-plugins/scripts/freebsd_egroupware.nasl trunk/openvas-plugins/scripts/freebsd_elm.nasl trunk/openvas-plugins/scripts/freebsd_emil.nasl trunk/openvas-plugins/scripts/freebsd_enscript-a4.nasl trunk/openvas-plugins/scripts/freebsd_ethereal.nasl trunk/openvas-plugins/scripts/freebsd_ethereal0.nasl trunk/openvas-plugins/scripts/freebsd_ethereal1.nasl trunk/openvas-plugins/scripts/freebsd_ethereal2.nasl trunk/openvas-plugins/scripts/freebsd_ethereal3.nasl trunk/openvas-plugins/scripts/freebsd_ethereal4.nasl trunk/openvas-plugins/scripts/freebsd_ethereal5.nasl trunk/openvas-plugins/scripts/freebsd_ethereal6.nasl trunk/openvas-plugins/scripts/freebsd_ethereal7.nasl trunk/openvas-plugins/scripts/freebsd_evince.nasl trunk/openvas-plugins/scripts/freebsd_evolution-data-server.nasl trunk/openvas-plugins/scripts/freebsd_evolution.nasl trunk/openvas-plugins/scripts/freebsd_evolution0.nasl trunk/openvas-plugins/scripts/freebsd_exim.nasl trunk/openvas-plugins/scripts/freebsd_exim0.nasl trunk/openvas-plugins/scripts/freebsd_extman.nasl trunk/openvas-plugins/scripts/freebsd_eyeOS.nasl trunk/openvas-plugins/scripts/freebsd_ez-ipupdate.nasl trunk/openvas-plugins/scripts/freebsd_ezbounce.nasl trunk/openvas-plugins/scripts/freebsd_f2c.nasl trunk/openvas-plugins/scripts/freebsd_fcron.nasl trunk/openvas-plugins/scripts/freebsd_fetchmail.nasl trunk/openvas-plugins/scripts/freebsd_fetchmail0.nasl trunk/openvas-plugins/scripts/freebsd_fetchmail1.nasl trunk/openvas-plugins/scripts/freebsd_fetchmail10.nasl trunk/openvas-plugins/scripts/freebsd_fetchmail11.nasl trunk/openvas-plugins/scripts/freebsd_fetchmail2.nasl trunk/openvas-plugins/scripts/freebsd_fetchmail3.nasl trunk/openvas-plugins/scripts/freebsd_fetchmail4.nasl trunk/openvas-plugins/scripts/freebsd_fetchmail5.nasl trunk/openvas-plugins/scripts/freebsd_fetchmail6.nasl trunk/openvas-plugins/scripts/freebsd_fetchmail7.nasl trunk/openvas-plugins/scripts/freebsd_fetchmail8.nasl trunk/openvas-plugins/scripts/freebsd_fetchmail9.nasl trunk/openvas-plugins/scripts/freebsd_ffmpeg.nasl trunk/openvas-plugins/scripts/freebsd_fidogate.nasl trunk/openvas-plugins/scripts/freebsd_file.nasl trunk/openvas-plugins/scripts/freebsd_findutils.nasl trunk/openvas-plugins/scripts/freebsd_firebird-server.nasl trunk/openvas-plugins/scripts/freebsd_firefox.nasl trunk/openvas-plugins/scripts/freebsd_firefox0.nasl trunk/openvas-plugins/scripts/freebsd_firefox1.nasl trunk/openvas-plugins/scripts/freebsd_firefox10.nasl trunk/openvas-plugins/scripts/freebsd_firefox11.nasl trunk/openvas-plugins/scripts/freebsd_firefox12.nasl trunk/openvas-plugins/scripts/freebsd_firefox13.nasl trunk/openvas-plugins/scripts/freebsd_firefox14.nasl trunk/openvas-plugins/scripts/freebsd_firefox15.nasl trunk/openvas-plugins/scripts/freebsd_firefox16.nasl trunk/openvas-plugins/scripts/freebsd_firefox17.nasl trunk/openvas-plugins/scripts/freebsd_firefox18.nasl trunk/openvas-plugins/scripts/freebsd_firefox19.nasl trunk/openvas-plugins/scripts/freebsd_firefox2.nasl trunk/openvas-plugins/scripts/freebsd_firefox20.nasl trunk/openvas-plugins/scripts/freebsd_firefox21.nasl trunk/openvas-plugins/scripts/freebsd_firefox22.nasl trunk/openvas-plugins/scripts/freebsd_firefox23.nasl trunk/openvas-plugins/scripts/freebsd_firefox24.nasl trunk/openvas-plugins/scripts/freebsd_firefox25.nasl trunk/openvas-plugins/scripts/freebsd_firefox26.nasl trunk/openvas-plugins/scripts/freebsd_firefox27.nasl trunk/openvas-plugins/scripts/freebsd_firefox28.nasl trunk/openvas-plugins/scripts/freebsd_firefox29.nasl trunk/openvas-plugins/scripts/freebsd_firefox3.nasl trunk/openvas-plugins/scripts/freebsd_firefox30.nasl trunk/openvas-plugins/scripts/freebsd_firefox31.nasl trunk/openvas-plugins/scripts/freebsd_firefox32.nasl trunk/openvas-plugins/scripts/freebsd_firefox33.nasl trunk/openvas-plugins/scripts/freebsd_firefox4.nasl trunk/openvas-plugins/scripts/freebsd_firefox5.nasl trunk/openvas-plugins/scripts/freebsd_firefox6.nasl trunk/openvas-plugins/scripts/freebsd_firefox7.nasl trunk/openvas-plugins/scripts/freebsd_firefox8.nasl trunk/openvas-plugins/scripts/freebsd_firefox9.nasl trunk/openvas-plugins/scripts/freebsd_flac.nasl trunk/openvas-plugins/scripts/freebsd_flac123.nasl trunk/openvas-plugins/scripts/freebsd_flyspray.nasl trunk/openvas-plugins/scripts/freebsd_flyspray0.nasl trunk/openvas-plugins/scripts/freebsd_freeciv.nasl trunk/openvas-plugins/scripts/freebsd_freeciv0.nasl trunk/openvas-plugins/scripts/freebsd_freeradius.nasl trunk/openvas-plugins/scripts/freebsd_freeradius0.nasl trunk/openvas-plugins/scripts/freebsd_freeradius1.nasl trunk/openvas-plugins/scripts/freebsd_freeradius2.nasl trunk/openvas-plugins/scripts/freebsd_freeradius3.nasl trunk/openvas-plugins/scripts/freebsd_freeradius4.nasl trunk/openvas-plugins/scripts/freebsd_freetype2.nasl trunk/openvas-plugins/scripts/freebsd_freetype20.nasl trunk/openvas-plugins/scripts/freebsd_freetype21.nasl trunk/openvas-plugins/scripts/freebsd_frontpage.nasl trunk/openvas-plugins/scripts/freebsd_fspd.nasl trunk/openvas-plugins/scripts/freebsd_fsplib.nasl trunk/openvas-plugins/scripts/freebsd_fswiki.nasl trunk/openvas-plugins/scripts/freebsd_fswiki0.nasl trunk/openvas-plugins/scripts/freebsd_fswiki1.nasl trunk/openvas-plugins/scripts/freebsd_gaim.nasl trunk/openvas-plugins/scripts/freebsd_gaim0.nasl trunk/openvas-plugins/scripts/freebsd_gaim1.nasl trunk/openvas-plugins/scripts/freebsd_gaim10.nasl trunk/openvas-plugins/scripts/freebsd_gaim11.nasl trunk/openvas-plugins/scripts/freebsd_gaim12.nasl trunk/openvas-plugins/scripts/freebsd_gaim13.nasl trunk/openvas-plugins/scripts/freebsd_gaim14.nasl trunk/openvas-plugins/scripts/freebsd_gaim15.nasl trunk/openvas-plugins/scripts/freebsd_gaim16.nasl trunk/openvas-plugins/scripts/freebsd_gaim17.nasl trunk/openvas-plugins/scripts/freebsd_gaim18.nasl trunk/openvas-plugins/scripts/freebsd_gaim2.nasl trunk/openvas-plugins/scripts/freebsd_gaim3.nasl trunk/openvas-plugins/scripts/freebsd_gaim4.nasl trunk/openvas-plugins/scripts/freebsd_gaim5.nasl trunk/openvas-plugins/scripts/freebsd_gaim6.nasl trunk/openvas-plugins/scripts/freebsd_gaim7.nasl trunk/openvas-plugins/scripts/freebsd_gaim8.nasl trunk/openvas-plugins/scripts/freebsd_gaim9.nasl trunk/openvas-plugins/scripts/freebsd_gallery.nasl trunk/openvas-plugins/scripts/freebsd_gallery0.nasl trunk/openvas-plugins/scripts/freebsd_gallery1.nasl trunk/openvas-plugins/scripts/freebsd_gallery2.nasl trunk/openvas-plugins/scripts/freebsd_gallery20.nasl trunk/openvas-plugins/scripts/freebsd_gallery21.nasl trunk/openvas-plugins/scripts/freebsd_ganglia-webfrontend.nasl trunk/openvas-plugins/scripts/freebsd_gatekeeper.nasl trunk/openvas-plugins/scripts/freebsd_gd.nasl trunk/openvas-plugins/scripts/freebsd_gd0.nasl trunk/openvas-plugins/scripts/freebsd_gedit.nasl trunk/openvas-plugins/scripts/freebsd_geeklog.nasl trunk/openvas-plugins/scripts/freebsd_getmail.nasl trunk/openvas-plugins/scripts/freebsd_gforge.nasl trunk/openvas-plugins/scripts/freebsd_gforge0.nasl trunk/openvas-plugins/scripts/freebsd_gftp.nasl trunk/openvas-plugins/scripts/freebsd_gftp0.nasl trunk/openvas-plugins/scripts/freebsd_ghostscript-gnu.nasl trunk/openvas-plugins/scripts/freebsd_ghostscript-gpl.nasl trunk/openvas-plugins/scripts/freebsd_giFT-FastTrack.nasl trunk/openvas-plugins/scripts/freebsd_gld.nasl trunk/openvas-plugins/scripts/freebsd_globus.nasl trunk/openvas-plugins/scripts/freebsd_gnats.nasl trunk/openvas-plugins/scripts/freebsd_gnats0.nasl trunk/openvas-plugins/scripts/freebsd_gnomevfs2.nasl trunk/openvas-plugins/scripts/freebsd_gnu-finger.nasl trunk/openvas-plugins/scripts/freebsd_gnu-radius.nasl trunk/openvas-plugins/scripts/freebsd_gnupg.nasl trunk/openvas-plugins/scripts/freebsd_gnupg0.nasl trunk/openvas-plugins/scripts/freebsd_gnupg1.nasl trunk/openvas-plugins/scripts/freebsd_gnupg2.nasl trunk/openvas-plugins/scripts/freebsd_gnupg3.nasl trunk/openvas-plugins/scripts/freebsd_gnupg4.nasl trunk/openvas-plugins/scripts/freebsd_gnupg5.nasl trunk/openvas-plugins/scripts/freebsd_gnupg6.nasl trunk/openvas-plugins/scripts/freebsd_gnupg7.nasl trunk/openvas-plugins/scripts/freebsd_gnutls.nasl trunk/openvas-plugins/scripts/freebsd_gnutls0.nasl trunk/openvas-plugins/scripts/freebsd_gnutls1.nasl trunk/openvas-plugins/scripts/freebsd_gnutls2.nasl trunk/openvas-plugins/scripts/freebsd_golddig.nasl trunk/openvas-plugins/scripts/freebsd_google-earth.nasl trunk/openvas-plugins/scripts/freebsd_gpdf.nasl trunk/openvas-plugins/scripts/freebsd_greed.nasl trunk/openvas-plugins/scripts/freebsd_grip.nasl trunk/openvas-plugins/scripts/freebsd_gtar.nasl trunk/openvas-plugins/scripts/freebsd_gtar0.nasl trunk/openvas-plugins/scripts/freebsd_gtar1.nasl trunk/openvas-plugins/scripts/freebsd_gtetrinet.nasl trunk/openvas-plugins/scripts/freebsd_gzip.nasl trunk/openvas-plugins/scripts/freebsd_gzip0.nasl trunk/openvas-plugins/scripts/freebsd_hafiye.nasl trunk/openvas-plugins/scripts/freebsd_hashcash.nasl trunk/openvas-plugins/scripts/freebsd_hashcash0.nasl trunk/openvas-plugins/scripts/freebsd_heartbeat.nasl trunk/openvas-plugins/scripts/freebsd_heimdal.nasl trunk/openvas-plugins/scripts/freebsd_heimdal0.nasl trunk/openvas-plugins/scripts/freebsd_heimdal1.nasl trunk/openvas-plugins/scripts/freebsd_hlstats.nasl trunk/openvas-plugins/scripts/freebsd_horde.nasl trunk/openvas-plugins/scripts/freebsd_horde0.nasl trunk/openvas-plugins/scripts/freebsd_horde1.nasl trunk/openvas-plugins/scripts/freebsd_horde2.nasl trunk/openvas-plugins/scripts/freebsd_horde3.nasl trunk/openvas-plugins/scripts/freebsd_horde4.nasl trunk/openvas-plugins/scripts/freebsd_horde5.nasl trunk/openvas-plugins/scripts/freebsd_horde6.nasl trunk/openvas-plugins/scripts/freebsd_horde7.nasl trunk/openvas-plugins/scripts/freebsd_horde8.nasl trunk/openvas-plugins/scripts/freebsd_hsftp.nasl trunk/openvas-plugins/scripts/freebsd_htdig.nasl trunk/openvas-plugins/scripts/freebsd_hylafax.nasl trunk/openvas-plugins/scripts/freebsd_icecast.nasl trunk/openvas-plugins/scripts/freebsd_icecast0.nasl trunk/openvas-plugins/scripts/freebsd_icecast2.nasl trunk/openvas-plugins/scripts/freebsd_id3lib.nasl trunk/openvas-plugins/scripts/freebsd_ident2.nasl trunk/openvas-plugins/scripts/freebsd_ifmail.nasl trunk/openvas-plugins/scripts/freebsd_ikiwiki.nasl trunk/openvas-plugins/scripts/freebsd_ikiwiki0.nasl trunk/openvas-plugins/scripts/freebsd_ikiwiki1.nasl trunk/openvas-plugins/scripts/freebsd_ikiwiki2.nasl trunk/openvas-plugins/scripts/freebsd_ikiwiki3.nasl trunk/openvas-plugins/scripts/freebsd_imap-uw.nasl trunk/openvas-plugins/scripts/freebsd_imap-uw0.nasl trunk/openvas-plugins/scripts/freebsd_imlib.nasl trunk/openvas-plugins/scripts/freebsd_imlib0.nasl trunk/openvas-plugins/scripts/freebsd_imlib2.nasl trunk/openvas-plugins/scripts/freebsd_imlib20.nasl trunk/openvas-plugins/scripts/freebsd_imp.nasl trunk/openvas-plugins/scripts/freebsd_imwheel.nasl trunk/openvas-plugins/scripts/freebsd_ingo.nasl trunk/openvas-plugins/scripts/freebsd_inn.nasl trunk/openvas-plugins/scripts/freebsd_ircservices.nasl trunk/openvas-plugins/scripts/freebsd_isakmpd.nasl trunk/openvas-plugins/scripts/freebsd_isc-dhcp3-client.nasl trunk/openvas-plugins/scripts/freebsd_isc-dhcp3-relay.nasl trunk/openvas-plugins/scripts/freebsd_ja-groff.nasl trunk/openvas-plugins/scripts/freebsd_ja-groff0.nasl trunk/openvas-plugins/scripts/freebsd_ja-kdelibs.nasl trunk/openvas-plugins/scripts/freebsd_ja-kdelibs0.nasl trunk/openvas-plugins/scripts/freebsd_ja-mailman.nasl trunk/openvas-plugins/scripts/freebsd_ja-squirrelmail.nasl trunk/openvas-plugins/scripts/freebsd_ja-squirrelmail0.nasl trunk/openvas-plugins/scripts/freebsd_ja-uim.nasl trunk/openvas-plugins/scripts/freebsd_ja-uim0.nasl trunk/openvas-plugins/scripts/freebsd_jabber.nasl trunk/openvas-plugins/scripts/freebsd_jabberd.nasl trunk/openvas-plugins/scripts/freebsd_jabberd0.nasl trunk/openvas-plugins/scripts/freebsd_jabberd1.nasl trunk/openvas-plugins/scripts/freebsd_jakarta-tomcat.nasl trunk/openvas-plugins/scripts/freebsd_jdk.nasl trunk/openvas-plugins/scripts/freebsd_jdk0.nasl trunk/openvas-plugins/scripts/freebsd_jdk1.nasl trunk/openvas-plugins/scripts/freebsd_jetty.nasl trunk/openvas-plugins/scripts/freebsd_jetty0.nasl trunk/openvas-plugins/scripts/freebsd_jetty1.nasl trunk/openvas-plugins/scripts/freebsd_jftpgw.nasl trunk/openvas-plugins/scripts/freebsd_joomla.nasl trunk/openvas-plugins/scripts/freebsd_joomla0.nasl trunk/openvas-plugins/scripts/freebsd_joomla1.nasl trunk/openvas-plugins/scripts/freebsd_joomla15.nasl trunk/openvas-plugins/scripts/freebsd_joomla2.nasl trunk/openvas-plugins/scripts/freebsd_junkbuster.nasl trunk/openvas-plugins/scripts/freebsd_kaffeine.nasl trunk/openvas-plugins/scripts/freebsd_kdebase.nasl trunk/openvas-plugins/scripts/freebsd_kdebase0.nasl trunk/openvas-plugins/scripts/freebsd_kdebase3.nasl trunk/openvas-plugins/scripts/freebsd_kdebase30.nasl trunk/openvas-plugins/scripts/freebsd_kdeedu.nasl trunk/openvas-plugins/scripts/freebsd_kdegraphics.nasl trunk/openvas-plugins/scripts/freebsd_kdelibs.nasl trunk/openvas-plugins/scripts/freebsd_kdelibs0.nasl trunk/openvas-plugins/scripts/freebsd_kdelibs1.nasl trunk/openvas-plugins/scripts/freebsd_kdelibs2.nasl trunk/openvas-plugins/scripts/freebsd_kdelibs3.nasl trunk/openvas-plugins/scripts/freebsd_kdelibs4.nasl trunk/openvas-plugins/scripts/freebsd_kdepim.nasl trunk/openvas-plugins/scripts/freebsd_kdewebdev.nasl trunk/openvas-plugins/scripts/freebsd_ko-helvis.nasl trunk/openvas-plugins/scripts/freebsd_ko-helvis0.nasl trunk/openvas-plugins/scripts/freebsd_koffice.nasl trunk/openvas-plugins/scripts/freebsd_konversation.nasl trunk/openvas-plugins/scripts/freebsd_kpopup.nasl trunk/openvas-plugins/scripts/freebsd_krb5.nasl trunk/openvas-plugins/scripts/freebsd_krb50.nasl trunk/openvas-plugins/scripts/freebsd_krb51.nasl trunk/openvas-plugins/scripts/freebsd_kronolith.nasl trunk/openvas-plugins/scripts/freebsd_kronolith0.nasl trunk/openvas-plugins/scripts/freebsd_ktorrent.nasl trunk/openvas-plugins/scripts/freebsd_lbreakout2.nasl trunk/openvas-plugins/scripts/freebsd_ldapscripts.nasl trunk/openvas-plugins/scripts/freebsd_leafnode.nasl trunk/openvas-plugins/scripts/freebsd_leafnode0.nasl trunk/openvas-plugins/scripts/freebsd_leafnode1.nasl trunk/openvas-plugins/scripts/freebsd_leafnode2.nasl trunk/openvas-plugins/scripts/freebsd_leafnode3.nasl trunk/openvas-plugins/scripts/freebsd_lftp.nasl trunk/openvas-plugins/scripts/freebsd_lha.nasl trunk/openvas-plugins/scripts/freebsd_lha0.nasl trunk/openvas-plugins/scripts/freebsd_libarchive.nasl trunk/openvas-plugins/scripts/freebsd_libexif.nasl trunk/openvas-plugins/scripts/freebsd_libmcrypt.nasl trunk/openvas-plugins/scripts/freebsd_libmms.nasl trunk/openvas-plugins/scripts/freebsd_libmusicbrainz.nasl trunk/openvas-plugins/scripts/freebsd_libtomcrypt.nasl trunk/openvas-plugins/scripts/freebsd_libtool.nasl trunk/openvas-plugins/scripts/freebsd_libvorbis.nasl trunk/openvas-plugins/scripts/freebsd_libvorbis0.nasl trunk/openvas-plugins/scripts/freebsd_libxine.nasl trunk/openvas-plugins/scripts/freebsd_libxine0.nasl trunk/openvas-plugins/scripts/freebsd_libxine1.nasl trunk/openvas-plugins/scripts/freebsd_libxine2.nasl trunk/openvas-plugins/scripts/freebsd_libxine3.nasl trunk/openvas-plugins/scripts/freebsd_libxine4.nasl trunk/openvas-plugins/scripts/freebsd_libxine5.nasl trunk/openvas-plugins/scripts/freebsd_libxine6.nasl trunk/openvas-plugins/scripts/freebsd_libxine7.nasl trunk/openvas-plugins/scripts/freebsd_libxine8.nasl trunk/openvas-plugins/scripts/freebsd_libxine9.nasl trunk/openvas-plugins/scripts/freebsd_libxml.nasl trunk/openvas-plugins/scripts/freebsd_libxml2.nasl trunk/openvas-plugins/scripts/freebsd_lifetype.nasl trunk/openvas-plugins/scripts/freebsd_lighttpd.nasl trunk/openvas-plugins/scripts/freebsd_lighttpd0.nasl trunk/openvas-plugins/scripts/freebsd_lighttpd1.nasl trunk/openvas-plugins/scripts/freebsd_lighttpd2.nasl trunk/openvas-plugins/scripts/freebsd_lighttpd3.nasl trunk/openvas-plugins/scripts/freebsd_lighttpd4.nasl trunk/openvas-plugins/scripts/freebsd_linux-flashplugin.nasl trunk/openvas-plugins/scripts/freebsd_linux-flashplugin0.nasl trunk/openvas-plugins/scripts/freebsd_linux-flashplugin1.nasl trunk/openvas-plugins/scripts/freebsd_linux-flashplugin2.nasl trunk/openvas-plugins/scripts/freebsd_linux-flashplugin3.nasl trunk/openvas-plugins/scripts/freebsd_linux-flashplugin6.nasl trunk/openvas-plugins/scripts/freebsd_linux-gdk-pixbuf.nasl trunk/openvas-plugins/scripts/freebsd_linux-opera.nasl trunk/openvas-plugins/scripts/freebsd_linux-opera0.nasl trunk/openvas-plugins/scripts/freebsd_linux-opera1.nasl trunk/openvas-plugins/scripts/freebsd_linux-opera2.nasl trunk/openvas-plugins/scripts/freebsd_linux-opera3.nasl trunk/openvas-plugins/scripts/freebsd_linux-opera4.nasl trunk/openvas-plugins/scripts/freebsd_linux-opera5.nasl trunk/openvas-plugins/scripts/freebsd_linux-opera6.nasl trunk/openvas-plugins/scripts/freebsd_linux-opera7.nasl trunk/openvas-plugins/scripts/freebsd_linux-png.nasl trunk/openvas-plugins/scripts/freebsd_linux-realplayer.nasl trunk/openvas-plugins/scripts/freebsd_linux-realplayer0.nasl trunk/openvas-plugins/scripts/freebsd_linux-realplayer1.nasl trunk/openvas-plugins/scripts/freebsd_linux-realplayer2.nasl trunk/openvas-plugins/scripts/freebsd_linux-realplayer3.nasl trunk/openvas-plugins/scripts/freebsd_linux-realplayer4.nasl trunk/openvas-plugins/scripts/freebsd_linux_base-suse.nasl trunk/openvas-plugins/scripts/freebsd_linux_base.nasl trunk/openvas-plugins/scripts/freebsd_liveMedia.nasl trunk/openvas-plugins/scripts/freebsd_lsh.nasl trunk/openvas-plugins/scripts/freebsd_lynx.nasl trunk/openvas-plugins/scripts/freebsd_mail-notification.nasl trunk/openvas-plugins/scripts/freebsd_mailman.nasl trunk/openvas-plugins/scripts/freebsd_mailman0.nasl trunk/openvas-plugins/scripts/freebsd_mailman1.nasl trunk/openvas-plugins/scripts/freebsd_mailman2.nasl trunk/openvas-plugins/scripts/freebsd_mailman3.nasl trunk/openvas-plugins/scripts/freebsd_mailman4.nasl trunk/openvas-plugins/scripts/freebsd_mailman5.nasl trunk/openvas-plugins/scripts/freebsd_mailman6.nasl trunk/openvas-plugins/scripts/freebsd_mailman7.nasl trunk/openvas-plugins/scripts/freebsd_mambo.nasl trunk/openvas-plugins/scripts/freebsd_mambo0.nasl trunk/openvas-plugins/scripts/freebsd_mambo1.nasl trunk/openvas-plugins/scripts/freebsd_mambo2.nasl trunk/openvas-plugins/scripts/freebsd_mantis.nasl trunk/openvas-plugins/scripts/freebsd_mantis0.nasl trunk/openvas-plugins/scripts/freebsd_mantis1.nasl trunk/openvas-plugins/scripts/freebsd_maradns.nasl trunk/openvas-plugins/scripts/freebsd_mathopd.nasl trunk/openvas-plugins/scripts/freebsd_mc.nasl trunk/openvas-plugins/scripts/freebsd_mc0.nasl trunk/openvas-plugins/scripts/freebsd_mc1.nasl trunk/openvas-plugins/scripts/freebsd_mcweject.nasl trunk/openvas-plugins/scripts/freebsd_mediawiki.nasl trunk/openvas-plugins/scripts/freebsd_mediawiki0.nasl trunk/openvas-plugins/scripts/freebsd_mediawiki1.nasl trunk/openvas-plugins/scripts/freebsd_metamail.nasl trunk/openvas-plugins/scripts/freebsd_milter-bogom.nasl trunk/openvas-plugins/scripts/freebsd_mkbold-mkitalic.nasl trunk/openvas-plugins/scripts/freebsd_mksh.nasl trunk/openvas-plugins/scripts/freebsd_mnemo.nasl trunk/openvas-plugins/scripts/freebsd_mnogosearch.nasl trunk/openvas-plugins/scripts/freebsd_mod_access_referer.nasl trunk/openvas-plugins/scripts/freebsd_mod_dosevasive20.nasl trunk/openvas-plugins/scripts/freebsd_mod_jk-ap2.nasl trunk/openvas-plugins/scripts/freebsd_mod_jk.nasl trunk/openvas-plugins/scripts/freebsd_mod_perl.nasl trunk/openvas-plugins/scripts/freebsd_mod_php4-twig.nasl trunk/openvas-plugins/scripts/freebsd_mod_php4-twig0.nasl trunk/openvas-plugins/scripts/freebsd_mod_php4-twig1.nasl trunk/openvas-plugins/scripts/freebsd_mod_php4-twig2.nasl trunk/openvas-plugins/scripts/freebsd_mod_php4-twig3.nasl trunk/openvas-plugins/scripts/freebsd_mod_php4-twig4.nasl trunk/openvas-plugins/scripts/freebsd_mod_pubcookie.nasl trunk/openvas-plugins/scripts/freebsd_mod_python.nasl trunk/openvas-plugins/scripts/freebsd_mod_python0.nasl trunk/openvas-plugins/scripts/freebsd_mod_security.nasl trunk/openvas-plugins/scripts/freebsd_moinmoin.nasl trunk/openvas-plugins/scripts/freebsd_moinmoin0.nasl trunk/openvas-plugins/scripts/freebsd_moinmoin1.nasl trunk/openvas-plugins/scripts/freebsd_moinmoin2.nasl trunk/openvas-plugins/scripts/freebsd_mono.nasl trunk/openvas-plugins/scripts/freebsd_mozilla.nasl trunk/openvas-plugins/scripts/freebsd_mozilla0.nasl trunk/openvas-plugins/scripts/freebsd_mpg123.nasl trunk/openvas-plugins/scripts/freebsd_mpg1230.nasl trunk/openvas-plugins/scripts/freebsd_mpg1231.nasl trunk/openvas-plugins/scripts/freebsd_mpg1232.nasl trunk/openvas-plugins/scripts/freebsd_mpg1233.nasl trunk/openvas-plugins/scripts/freebsd_mplayer.nasl trunk/openvas-plugins/scripts/freebsd_mplayer0.nasl trunk/openvas-plugins/scripts/freebsd_mplayer1.nasl trunk/openvas-plugins/scripts/freebsd_mplayer2.nasl trunk/openvas-plugins/scripts/freebsd_mplayer3.nasl trunk/openvas-plugins/scripts/freebsd_mplayer4.nasl trunk/openvas-plugins/scripts/freebsd_mplayer5.nasl trunk/openvas-plugins/scripts/freebsd_mplayer6.nasl trunk/openvas-plugins/scripts/freebsd_mplayer7.nasl trunk/openvas-plugins/scripts/freebsd_mplayer8.nasl trunk/openvas-plugins/scripts/freebsd_mt-daapd.nasl trunk/openvas-plugins/scripts/freebsd_mt-daapd0.nasl trunk/openvas-plugins/scripts/freebsd_mutt.nasl trunk/openvas-plugins/scripts/freebsd_mutt0.nasl trunk/openvas-plugins/scripts/freebsd_mutt1.nasl trunk/openvas-plugins/scripts/freebsd_mysql-client.nasl trunk/openvas-plugins/scripts/freebsd_mysql-scripts.nasl trunk/openvas-plugins/scripts/freebsd_mysql-scripts0.nasl trunk/openvas-plugins/scripts/freebsd_mysql-server.nasl trunk/openvas-plugins/scripts/freebsd_mysql-server0.nasl trunk/openvas-plugins/scripts/freebsd_mysql-server1.nasl trunk/openvas-plugins/scripts/freebsd_mysql-server10.nasl trunk/openvas-plugins/scripts/freebsd_mysql-server11.nasl trunk/openvas-plugins/scripts/freebsd_mysql-server12.nasl trunk/openvas-plugins/scripts/freebsd_mysql-server13.nasl trunk/openvas-plugins/scripts/freebsd_mysql-server2.nasl trunk/openvas-plugins/scripts/freebsd_mysql-server3.nasl trunk/openvas-plugins/scripts/freebsd_mysql-server4.nasl trunk/openvas-plugins/scripts/freebsd_mysql-server5.nasl trunk/openvas-plugins/scripts/freebsd_mysql-server6.nasl trunk/openvas-plugins/scripts/freebsd_mysql-server7.nasl trunk/openvas-plugins/scripts/freebsd_mysql-server8.nasl trunk/openvas-plugins/scripts/freebsd_mysql-server9.nasl trunk/openvas-plugins/scripts/freebsd_nag.nasl trunk/openvas-plugins/scripts/freebsd_nagios-plugins.nasl trunk/openvas-plugins/scripts/freebsd_nagios.nasl trunk/openvas-plugins/scripts/freebsd_named.nasl trunk/openvas-plugins/scripts/freebsd_named0.nasl trunk/openvas-plugins/scripts/freebsd_nap.nasl trunk/openvas-plugins/scripts/freebsd_nbd-server.nasl trunk/openvas-plugins/scripts/freebsd_nbsmtp.nasl trunk/openvas-plugins/scripts/freebsd_neon.nasl trunk/openvas-plugins/scripts/freebsd_neon0.nasl trunk/openvas-plugins/scripts/freebsd_net-snmp.nasl trunk/openvas-plugins/scripts/freebsd_net-snmp0.nasl trunk/openvas-plugins/scripts/freebsd_net-snmp1.nasl trunk/openvas-plugins/scripts/freebsd_netpbm.nasl trunk/openvas-plugins/scripts/freebsd_newsfetch.nasl trunk/openvas-plugins/scripts/freebsd_newsgrab.nasl trunk/openvas-plugins/scripts/freebsd_newsgrab0.nasl trunk/openvas-plugins/scripts/freebsd_newspost.nasl trunk/openvas-plugins/scripts/freebsd_ngircd.nasl trunk/openvas-plugins/scripts/freebsd_ngircd0.nasl trunk/openvas-plugins/scripts/freebsd_nss.nasl trunk/openvas-plugins/scripts/freebsd_nvidia-driver.nasl trunk/openvas-plugins/scripts/freebsd_nwclient.nasl trunk/openvas-plugins/scripts/freebsd_oftpd.nasl trunk/openvas-plugins/scripts/freebsd_oops.nasl trunk/openvas-plugins/scripts/freebsd_opendchub.nasl trunk/openvas-plugins/scripts/freebsd_openfire.nasl trunk/openvas-plugins/scripts/freebsd_openldap-server.nasl trunk/openvas-plugins/scripts/freebsd_openldap-server0.nasl trunk/openvas-plugins/scripts/freebsd_openldap-server1.nasl trunk/openvas-plugins/scripts/freebsd_openoffice.nasl trunk/openvas-plugins/scripts/freebsd_openoffice0.nasl trunk/openvas-plugins/scripts/freebsd_openoffice1.nasl trunk/openvas-plugins/scripts/freebsd_openssh.nasl trunk/openvas-plugins/scripts/freebsd_openssl.nasl trunk/openvas-plugins/scripts/freebsd_openssl0.nasl trunk/openvas-plugins/scripts/freebsd_openssl1.nasl trunk/openvas-plugins/scripts/freebsd_openssl2.nasl trunk/openvas-plugins/scripts/freebsd_openvpn-devel.nasl trunk/openvas-plugins/scripts/freebsd_openvpn.nasl trunk/openvas-plugins/scripts/freebsd_openvpn0.nasl trunk/openvas-plugins/scripts/freebsd_openvpn1.nasl trunk/openvas-plugins/scripts/freebsd_openvpn2.nasl trunk/openvas-plugins/scripts/freebsd_openvpn3.nasl trunk/openvas-plugins/scripts/freebsd_openvpn4.nasl trunk/openvas-plugins/scripts/freebsd_openvpn5.nasl trunk/openvas-plugins/scripts/freebsd_openwebmail.nasl trunk/openvas-plugins/scripts/freebsd_opera.nasl trunk/openvas-plugins/scripts/freebsd_opera0.nasl trunk/openvas-plugins/scripts/freebsd_opera1.nasl trunk/openvas-plugins/scripts/freebsd_opera10.nasl trunk/openvas-plugins/scripts/freebsd_opera11.nasl trunk/openvas-plugins/scripts/freebsd_opera2.nasl trunk/openvas-plugins/scripts/freebsd_opera3.nasl trunk/openvas-plugins/scripts/freebsd_opera4.nasl trunk/openvas-plugins/scripts/freebsd_opera5.nasl trunk/openvas-plugins/scripts/freebsd_opera6.nasl trunk/openvas-plugins/scripts/freebsd_opera7.nasl trunk/openvas-plugins/scripts/freebsd_opera8.nasl trunk/openvas-plugins/scripts/freebsd_opera9.nasl trunk/openvas-plugins/scripts/freebsd_p5-Archive-Zip.nasl trunk/openvas-plugins/scripts/freebsd_p5-DBI.nasl trunk/openvas-plugins/scripts/freebsd_p5-Imager.nasl trunk/openvas-plugins/scripts/freebsd_p5-Mail-SpamAssassin.nasl trunk/openvas-plugins/scripts/freebsd_p5-Mail-SpamAssassin0.nasl trunk/openvas-plugins/scripts/freebsd_p5-Mail-SpamAssassin1.nasl trunk/openvas-plugins/scripts/freebsd_p5-Mail-SpamAssassin2.nasl trunk/openvas-plugins/scripts/freebsd_p5-Net-DNS.nasl trunk/openvas-plugins/scripts/freebsd_pam_ldap.nasl trunk/openvas-plugins/scripts/freebsd_pam_smb.nasl trunk/openvas-plugins/scripts/freebsd_pavuk.nasl trunk/openvas-plugins/scripts/freebsd_pcal.nasl trunk/openvas-plugins/scripts/freebsd_pcre.nasl trunk/openvas-plugins/scripts/freebsd_pcre0.nasl trunk/openvas-plugins/scripts/freebsd_pcre1.nasl trunk/openvas-plugins/scripts/freebsd_pear-PEAR.nasl trunk/openvas-plugins/scripts/freebsd_pear-XML_RPC.nasl trunk/openvas-plugins/scripts/freebsd_pear-XML_RPC0.nasl trunk/openvas-plugins/scripts/freebsd_pear-XML_RPC1.nasl trunk/openvas-plugins/scripts/freebsd_peercast.nasl trunk/openvas-plugins/scripts/freebsd_peercast0.nasl trunk/openvas-plugins/scripts/freebsd_perdition.nasl trunk/openvas-plugins/scripts/freebsd_perl.nasl trunk/openvas-plugins/scripts/freebsd_perl0.nasl trunk/openvas-plugins/scripts/freebsd_perl1.nasl trunk/openvas-plugins/scripts/freebsd_perl2.nasl trunk/openvas-plugins/scripts/freebsd_php4.nasl trunk/openvas-plugins/scripts/freebsd_php40.nasl trunk/openvas-plugins/scripts/freebsd_php41.nasl trunk/openvas-plugins/scripts/freebsd_php5-imap.nasl trunk/openvas-plugins/scripts/freebsd_php5-imap0.nasl trunk/openvas-plugins/scripts/freebsd_php5-posix.nasl trunk/openvas-plugins/scripts/freebsd_php5.nasl trunk/openvas-plugins/scripts/freebsd_php50.nasl trunk/openvas-plugins/scripts/freebsd_php51.nasl trunk/openvas-plugins/scripts/freebsd_php52.nasl trunk/openvas-plugins/scripts/freebsd_phpMyAdmin.nasl trunk/openvas-plugins/scripts/freebsd_phpMyAdmin0.nasl trunk/openvas-plugins/scripts/freebsd_phpMyAdmin1.nasl trunk/openvas-plugins/scripts/freebsd_phpMyAdmin10.nasl trunk/openvas-plugins/scripts/freebsd_phpMyAdmin11.nasl trunk/openvas-plugins/scripts/freebsd_phpMyAdmin12.nasl trunk/openvas-plugins/scripts/freebsd_phpMyAdmin13.nasl trunk/openvas-plugins/scripts/freebsd_phpMyAdmin14.nasl trunk/openvas-plugins/scripts/freebsd_phpMyAdmin2.nasl trunk/openvas-plugins/scripts/freebsd_phpMyAdmin3.nasl trunk/openvas-plugins/scripts/freebsd_phpMyAdmin4.nasl trunk/openvas-plugins/scripts/freebsd_phpMyAdmin5.nasl trunk/openvas-plugins/scripts/freebsd_phpMyAdmin6.nasl trunk/openvas-plugins/scripts/freebsd_phpMyAdmin7.nasl trunk/openvas-plugins/scripts/freebsd_phpMyAdmin8.nasl trunk/openvas-plugins/scripts/freebsd_phpMyAdmin9.nasl trunk/openvas-plugins/scripts/freebsd_phpSysInfo.nasl trunk/openvas-plugins/scripts/freebsd_phpSysInfo0.nasl trunk/openvas-plugins/scripts/freebsd_phpSysInfo1.nasl trunk/openvas-plugins/scripts/freebsd_phpbb.nasl trunk/openvas-plugins/scripts/freebsd_phpbb0.nasl trunk/openvas-plugins/scripts/freebsd_phpbb1.nasl trunk/openvas-plugins/scripts/freebsd_phpbb10.nasl trunk/openvas-plugins/scripts/freebsd_phpbb2.nasl trunk/openvas-plugins/scripts/freebsd_phpbb3.nasl trunk/openvas-plugins/scripts/freebsd_phpbb4.nasl trunk/openvas-plugins/scripts/freebsd_phpbb5.nasl trunk/openvas-plugins/scripts/freebsd_phpbb6.nasl trunk/openvas-plugins/scripts/freebsd_phpbb7.nasl trunk/openvas-plugins/scripts/freebsd_phpbb8.nasl trunk/openvas-plugins/scripts/freebsd_phpbb9.nasl trunk/openvas-plugins/scripts/freebsd_phpicalendar.nasl trunk/openvas-plugins/scripts/freebsd_phpicalendar0.nasl trunk/openvas-plugins/scripts/freebsd_phpldapadmin098.nasl trunk/openvas-plugins/scripts/freebsd_phpmyadmin.nasl trunk/openvas-plugins/scripts/freebsd_phpmyadmin0.nasl trunk/openvas-plugins/scripts/freebsd_phpmyadmin1.nasl trunk/openvas-plugins/scripts/freebsd_phpmyadmin10.nasl trunk/openvas-plugins/scripts/freebsd_phpmyadmin2.nasl trunk/openvas-plugins/scripts/freebsd_phpmyadmin3.nasl trunk/openvas-plugins/scripts/freebsd_phpmyadmin4.nasl trunk/openvas-plugins/scripts/freebsd_phpmyadmin5.nasl trunk/openvas-plugins/scripts/freebsd_phpmyadmin6.nasl trunk/openvas-plugins/scripts/freebsd_phpmyadmin7.nasl trunk/openvas-plugins/scripts/freebsd_phpmyadmin8.nasl trunk/openvas-plugins/scripts/freebsd_phpmyadmin9.nasl trunk/openvas-plugins/scripts/freebsd_phpmyfaq.nasl trunk/openvas-plugins/scripts/freebsd_phpnuke.nasl trunk/openvas-plugins/scripts/freebsd_phpnuke0.nasl trunk/openvas-plugins/scripts/freebsd_phppgadmin.nasl trunk/openvas-plugins/scripts/freebsd_phppgadmin0.nasl trunk/openvas-plugins/scripts/freebsd_phpwebftp.nasl trunk/openvas-plugins/scripts/freebsd_picasm.nasl trunk/openvas-plugins/scripts/freebsd_pine.nasl trunk/openvas-plugins/scripts/freebsd_pine0.nasl trunk/openvas-plugins/scripts/freebsd_pine1.nasl trunk/openvas-plugins/scripts/freebsd_pinentry.nasl trunk/openvas-plugins/scripts/freebsd_pl-ekg.nasl trunk/openvas-plugins/scripts/freebsd_plans.nasl trunk/openvas-plugins/scripts/freebsd_plone.nasl trunk/openvas-plugins/scripts/freebsd_plone0.nasl trunk/openvas-plugins/scripts/freebsd_plone1.nasl trunk/openvas-plugins/scripts/freebsd_plone2.nasl trunk/openvas-plugins/scripts/freebsd_png.nasl trunk/openvas-plugins/scripts/freebsd_png0.nasl trunk/openvas-plugins/scripts/freebsd_png1.nasl trunk/openvas-plugins/scripts/freebsd_png2.nasl trunk/openvas-plugins/scripts/freebsd_popfile.nasl trunk/openvas-plugins/scripts/freebsd_poppler.nasl trunk/openvas-plugins/scripts/freebsd_portupgrade.nasl trunk/openvas-plugins/scripts/freebsd_postfix-policyd-weight.nasl trunk/openvas-plugins/scripts/freebsd_postgresql-contrib.nasl trunk/openvas-plugins/scripts/freebsd_postgresql-server.nasl trunk/openvas-plugins/scripts/freebsd_postgresql.nasl trunk/openvas-plugins/scripts/freebsd_postgresql0.nasl trunk/openvas-plugins/scripts/freebsd_postgresql1.nasl trunk/openvas-plugins/scripts/freebsd_postgresql2.nasl trunk/openvas-plugins/scripts/freebsd_postgresql3.nasl trunk/openvas-plugins/scripts/freebsd_postgresql4.nasl trunk/openvas-plugins/scripts/freebsd_postnuke.nasl trunk/openvas-plugins/scripts/freebsd_postnuke0.nasl trunk/openvas-plugins/scripts/freebsd_postnuke1.nasl trunk/openvas-plugins/scripts/freebsd_postnuke2.nasl trunk/openvas-plugins/scripts/freebsd_pound.nasl trunk/openvas-plugins/scripts/freebsd_powerdns-recursor.nasl trunk/openvas-plugins/scripts/freebsd_powerdns.nasl trunk/openvas-plugins/scripts/freebsd_powerdns0.nasl trunk/openvas-plugins/scripts/freebsd_ppxp.nasl trunk/openvas-plugins/scripts/freebsd_proftpd.nasl trunk/openvas-plugins/scripts/freebsd_proftpd0.nasl trunk/openvas-plugins/scripts/freebsd_proftpd1.nasl trunk/openvas-plugins/scripts/freebsd_proftpd2.nasl trunk/openvas-plugins/scripts/freebsd_proftpd3.nasl trunk/openvas-plugins/scripts/freebsd_proxytunnel.nasl trunk/openvas-plugins/scripts/freebsd_prozilla.nasl trunk/openvas-plugins/scripts/freebsd_pubcookie-login-server.nasl trunk/openvas-plugins/scripts/freebsd_punbb.nasl trunk/openvas-plugins/scripts/freebsd_putty.nasl trunk/openvas-plugins/scripts/freebsd_putty0.nasl trunk/openvas-plugins/scripts/freebsd_pwlib.nasl trunk/openvas-plugins/scripts/freebsd_py23-django.nasl trunk/openvas-plugins/scripts/freebsd_py23-django0.nasl trunk/openvas-plugins/scripts/freebsd_py24-pylons.nasl trunk/openvas-plugins/scripts/freebsd_python+ipv6.nasl trunk/openvas-plugins/scripts/freebsd_python.nasl trunk/openvas-plugins/scripts/freebsd_python23.nasl trunk/openvas-plugins/scripts/freebsd_qemu.nasl trunk/openvas-plugins/scripts/freebsd_qemu0.nasl trunk/openvas-plugins/scripts/freebsd_qemu1.nasl trunk/openvas-plugins/scripts/freebsd_qemu2.nasl trunk/openvas-plugins/scripts/freebsd_qpopper.nasl trunk/openvas-plugins/scripts/freebsd_qpopper0.nasl trunk/openvas-plugins/scripts/freebsd_qt.nasl trunk/openvas-plugins/scripts/freebsd_quake2forge.nasl trunk/openvas-plugins/scripts/freebsd_racoon.nasl trunk/openvas-plugins/scripts/freebsd_racoon0.nasl trunk/openvas-plugins/scripts/freebsd_racoon1.nasl trunk/openvas-plugins/scripts/freebsd_racoon2.nasl trunk/openvas-plugins/scripts/freebsd_racoon3.nasl trunk/openvas-plugins/scripts/freebsd_racoon4.nasl trunk/openvas-plugins/scripts/freebsd_racoon5.nasl trunk/openvas-plugins/scripts/freebsd_rar.nasl trunk/openvas-plugins/scripts/freebsd_razor-agents.nasl trunk/openvas-plugins/scripts/freebsd_ripmime.nasl trunk/openvas-plugins/scripts/freebsd_rkhunter.nasl trunk/openvas-plugins/scripts/freebsd_rockdodger.nasl trunk/openvas-plugins/scripts/freebsd_rsnapshot.nasl trunk/openvas-plugins/scripts/freebsd_rssh.nasl trunk/openvas-plugins/scripts/freebsd_rssh0.nasl trunk/openvas-plugins/scripts/freebsd_rssh1.nasl trunk/openvas-plugins/scripts/freebsd_rssh2.nasl trunk/openvas-plugins/scripts/freebsd_rsync.nasl trunk/openvas-plugins/scripts/freebsd_rsync0.nasl trunk/openvas-plugins/scripts/freebsd_rsync1.nasl trunk/openvas-plugins/scripts/freebsd_rsync2.nasl trunk/openvas-plugins/scripts/freebsd_rsync3.nasl trunk/openvas-plugins/scripts/freebsd_ru-apache+mod_ssl.nasl trunk/openvas-plugins/scripts/freebsd_ruby.nasl trunk/openvas-plugins/scripts/freebsd_ruby0.nasl trunk/openvas-plugins/scripts/freebsd_ruby1.nasl trunk/openvas-plugins/scripts/freebsd_ruby2.nasl trunk/openvas-plugins/scripts/freebsd_ruby3.nasl trunk/openvas-plugins/scripts/freebsd_ruby4.nasl trunk/openvas-plugins/scripts/freebsd_ruby5.nasl trunk/openvas-plugins/scripts/freebsd_ruby6.nasl trunk/openvas-plugins/scripts/freebsd_ruby7.nasl trunk/openvas-plugins/scripts/freebsd_ruby8.nasl trunk/openvas-plugins/scripts/freebsd_ruby9.nasl trunk/openvas-plugins/scripts/freebsd_rubygem-rails.nasl trunk/openvas-plugins/scripts/freebsd_rubygem-rails0.nasl trunk/openvas-plugins/scripts/freebsd_rubygem-rails1.nasl trunk/openvas-plugins/scripts/freebsd_rxvt-unicode.nasl trunk/openvas-plugins/scripts/freebsd_rxvt-unicode0.nasl trunk/openvas-plugins/scripts/freebsd_samba.nasl trunk/openvas-plugins/scripts/freebsd_samba0.nasl trunk/openvas-plugins/scripts/freebsd_samba1.nasl trunk/openvas-plugins/scripts/freebsd_samba10.nasl trunk/openvas-plugins/scripts/freebsd_samba11.nasl trunk/openvas-plugins/scripts/freebsd_samba12.nasl trunk/openvas-plugins/scripts/freebsd_samba13.nasl trunk/openvas-plugins/scripts/freebsd_samba2.nasl trunk/openvas-plugins/scripts/freebsd_samba3.nasl trunk/openvas-plugins/scripts/freebsd_samba4.nasl trunk/openvas-plugins/scripts/freebsd_samba5.nasl trunk/openvas-plugins/scripts/freebsd_samba6.nasl trunk/openvas-plugins/scripts/freebsd_samba7.nasl trunk/openvas-plugins/scripts/freebsd_samba8.nasl trunk/openvas-plugins/scripts/freebsd_samba9.nasl trunk/openvas-plugins/scripts/freebsd_scponly.nasl trunk/openvas-plugins/scripts/freebsd_screen.nasl trunk/openvas-plugins/scripts/freebsd_sdl_image.nasl trunk/openvas-plugins/scripts/freebsd_sendmail.nasl trunk/openvas-plugins/scripts/freebsd_serendipity.nasl trunk/openvas-plugins/scripts/freebsd_serendipity0.nasl trunk/openvas-plugins/scripts/freebsd_setiathome.nasl trunk/openvas-plugins/scripts/freebsd_sge.nasl trunk/openvas-plugins/scripts/freebsd_sharutils.nasl trunk/openvas-plugins/scripts/freebsd_sharutils0.nasl trunk/openvas-plugins/scripts/freebsd_shoutcast.nasl trunk/openvas-plugins/scripts/freebsd_shtool.nasl trunk/openvas-plugins/scripts/freebsd_silc-irssi-client.nasl trunk/openvas-plugins/scripts/freebsd_sircd.nasl trunk/openvas-plugins/scripts/freebsd_sircd0.nasl trunk/openvas-plugins/scripts/freebsd_skype.nasl trunk/openvas-plugins/scripts/freebsd_smbftpd.nasl trunk/openvas-plugins/scripts/freebsd_snort.nasl trunk/openvas-plugins/scripts/freebsd_snort0.nasl trunk/openvas-plugins/scripts/freebsd_socat.nasl trunk/openvas-plugins/scripts/freebsd_sox.nasl trunk/openvas-plugins/scripts/freebsd_spamdyke.nasl trunk/openvas-plugins/scripts/freebsd_sql-ledger.nasl trunk/openvas-plugins/scripts/freebsd_sql-ledger0.nasl trunk/openvas-plugins/scripts/freebsd_squid.nasl trunk/openvas-plugins/scripts/freebsd_squid0.nasl trunk/openvas-plugins/scripts/freebsd_squid1.nasl trunk/openvas-plugins/scripts/freebsd_squid10.nasl trunk/openvas-plugins/scripts/freebsd_squid11.nasl trunk/openvas-plugins/scripts/freebsd_squid12.nasl trunk/openvas-plugins/scripts/freebsd_squid13.nasl trunk/openvas-plugins/scripts/freebsd_squid14.nasl trunk/openvas-plugins/scripts/freebsd_squid15.nasl trunk/openvas-plugins/scripts/freebsd_squid16.nasl trunk/openvas-plugins/scripts/freebsd_squid17.nasl trunk/openvas-plugins/scripts/freebsd_squid18.nasl trunk/openvas-plugins/scripts/freebsd_squid19.nasl trunk/openvas-plugins/scripts/freebsd_squid2.nasl trunk/openvas-plugins/scripts/freebsd_squid20.nasl trunk/openvas-plugins/scripts/freebsd_squid21.nasl trunk/openvas-plugins/scripts/freebsd_squid3.nasl trunk/openvas-plugins/scripts/freebsd_squid4.nasl trunk/openvas-plugins/scripts/freebsd_squid5.nasl trunk/openvas-plugins/scripts/freebsd_squid6.nasl trunk/openvas-plugins/scripts/freebsd_squid7.nasl trunk/openvas-plugins/scripts/freebsd_squid8.nasl trunk/openvas-plugins/scripts/freebsd_squid9.nasl trunk/openvas-plugins/scripts/freebsd_squirrelmail.nasl trunk/openvas-plugins/scripts/freebsd_squirrelmail0.nasl trunk/openvas-plugins/scripts/freebsd_squirrelmail1.nasl trunk/openvas-plugins/scripts/freebsd_squirrelmail2.nasl trunk/openvas-plugins/scripts/freebsd_squirrelmail3.nasl trunk/openvas-plugins/scripts/freebsd_squirrelmail4.nasl trunk/openvas-plugins/scripts/freebsd_ssh2.nasl trunk/openvas-plugins/scripts/freebsd_subversion.nasl trunk/openvas-plugins/scripts/freebsd_subversion0.nasl trunk/openvas-plugins/scripts/freebsd_sudo.nasl trunk/openvas-plugins/scripts/freebsd_sudo0.nasl trunk/openvas-plugins/scripts/freebsd_sudo1.nasl trunk/openvas-plugins/scripts/freebsd_sudo2.nasl trunk/openvas-plugins/scripts/freebsd_sudo3.nasl trunk/openvas-plugins/scripts/freebsd_sudoscript.nasl trunk/openvas-plugins/scripts/freebsd_sup.nasl trunk/openvas-plugins/scripts/freebsd_suphp.nasl trunk/openvas-plugins/scripts/freebsd_swfdec.nasl trunk/openvas-plugins/scripts/freebsd_sylpheed.nasl trunk/openvas-plugins/scripts/freebsd_sylpheed0.nasl trunk/openvas-plugins/scripts/freebsd_sympa.nasl trunk/openvas-plugins/scripts/freebsd_tcl.nasl trunk/openvas-plugins/scripts/freebsd_tcpdump.nasl trunk/openvas-plugins/scripts/freebsd_tcpdump0.nasl trunk/openvas-plugins/scripts/freebsd_tcpdump1.nasl trunk/openvas-plugins/scripts/freebsd_tcpdump2.nasl trunk/openvas-plugins/scripts/freebsd_tdiary.nasl trunk/openvas-plugins/scripts/freebsd_tdiary0.nasl trunk/openvas-plugins/scripts/freebsd_thunderbird.nasl trunk/openvas-plugins/scripts/freebsd_thunderbird0.nasl trunk/openvas-plugins/scripts/freebsd_thunderbird1.nasl trunk/openvas-plugins/scripts/freebsd_thunderbird2.nasl trunk/openvas-plugins/scripts/freebsd_thunderbird3.nasl trunk/openvas-plugins/scripts/freebsd_thunderbird4.nasl trunk/openvas-plugins/scripts/freebsd_thunderbird5.nasl trunk/openvas-plugins/scripts/freebsd_thunderbird6.nasl trunk/openvas-plugins/scripts/freebsd_tiff.nasl trunk/openvas-plugins/scripts/freebsd_tiff0.nasl trunk/openvas-plugins/scripts/freebsd_tiff1.nasl trunk/openvas-plugins/scripts/freebsd_tiff2.nasl trunk/openvas-plugins/scripts/freebsd_tiff3.nasl trunk/openvas-plugins/scripts/freebsd_tiff4.nasl trunk/openvas-plugins/scripts/freebsd_tikiwik.nasl trunk/openvas-plugins/scripts/freebsd_tikiwiki.nasl trunk/openvas-plugins/scripts/freebsd_tin.nasl trunk/openvas-plugins/scripts/freebsd_tkdiff.nasl trunk/openvas-plugins/scripts/freebsd_tnftp.nasl trunk/openvas-plugins/scripts/freebsd_tnftpd.nasl trunk/openvas-plugins/scripts/freebsd_tnftpd0.nasl trunk/openvas-plugins/scripts/freebsd_tor.nasl trunk/openvas-plugins/scripts/freebsd_tor0.nasl trunk/openvas-plugins/scripts/freebsd_tor1.nasl trunk/openvas-plugins/scripts/freebsd_tor2.nasl trunk/openvas-plugins/scripts/freebsd_torrentflux.nasl trunk/openvas-plugins/scripts/freebsd_trac.nasl trunk/openvas-plugins/scripts/freebsd_trac0.nasl trunk/openvas-plugins/scripts/freebsd_trac1.nasl trunk/openvas-plugins/scripts/freebsd_trac2.nasl trunk/openvas-plugins/scripts/freebsd_trac3.nasl trunk/openvas-plugins/scripts/freebsd_turba.nasl trunk/openvas-plugins/scripts/freebsd_twiki.nasl trunk/openvas-plugins/scripts/freebsd_twiki0.nasl trunk/openvas-plugins/scripts/freebsd_typespeed.nasl trunk/openvas-plugins/scripts/freebsd_typo3.nasl trunk/openvas-plugins/scripts/freebsd_unace.nasl trunk/openvas-plugins/scripts/freebsd_unarj.nasl trunk/openvas-plugins/scripts/freebsd_unarj0.nasl trunk/openvas-plugins/scripts/freebsd_unrtf.nasl trunk/openvas-plugins/scripts/freebsd_unzip.nasl trunk/openvas-plugins/scripts/freebsd_unzoo.nasl trunk/openvas-plugins/scripts/freebsd_up-imapproxy.nasl trunk/openvas-plugins/scripts/freebsd_urban.nasl trunk/openvas-plugins/scripts/freebsd_uulib.nasl trunk/openvas-plugins/scripts/freebsd_viewcvs.nasl trunk/openvas-plugins/scripts/freebsd_vim.nasl trunk/openvas-plugins/scripts/freebsd_vim0.nasl trunk/openvas-plugins/scripts/freebsd_vim1.nasl trunk/openvas-plugins/scripts/freebsd_vim2.nasl trunk/openvas-plugins/scripts/freebsd_vlc.nasl trunk/openvas-plugins/scripts/freebsd_vnc.nasl trunk/openvas-plugins/scripts/freebsd_vorbis-tools.nasl trunk/openvas-plugins/scripts/freebsd_vtiger.nasl trunk/openvas-plugins/scripts/freebsd_w3m.nasl trunk/openvas-plugins/scripts/freebsd_webcalendar.nasl trunk/openvas-plugins/scripts/freebsd_webmin.nasl trunk/openvas-plugins/scripts/freebsd_webmin0.nasl trunk/openvas-plugins/scripts/freebsd_webmin1.nasl trunk/openvas-plugins/scripts/freebsd_weex.nasl trunk/openvas-plugins/scripts/freebsd_wget.nasl trunk/openvas-plugins/scripts/freebsd_win32-codecs.nasl trunk/openvas-plugins/scripts/freebsd_wine.nasl trunk/openvas-plugins/scripts/freebsd_wireshark.nasl trunk/openvas-plugins/scripts/freebsd_wireshark0.nasl trunk/openvas-plugins/scripts/freebsd_wordpress.nasl trunk/openvas-plugins/scripts/freebsd_wordpress0.nasl trunk/openvas-plugins/scripts/freebsd_wordpress1.nasl trunk/openvas-plugins/scripts/freebsd_wordpress2.nasl trunk/openvas-plugins/scripts/freebsd_wordpress3.nasl trunk/openvas-plugins/scripts/freebsd_wordpress4.nasl trunk/openvas-plugins/scripts/freebsd_wordpress5.nasl trunk/openvas-plugins/scripts/freebsd_wordpress6.nasl trunk/openvas-plugins/scripts/freebsd_wu-ftpd.nasl trunk/openvas-plugins/scripts/freebsd_wu-ftpd0.nasl trunk/openvas-plugins/scripts/freebsd_wv.nasl trunk/openvas-plugins/scripts/freebsd_wv2.nasl trunk/openvas-plugins/scripts/freebsd_wzdftpd.nasl trunk/openvas-plugins/scripts/freebsd_x11vnc.nasl trunk/openvas-plugins/scripts/freebsd_xboing.nasl trunk/openvas-plugins/scripts/freebsd_xchat2.nasl trunk/openvas-plugins/scripts/freebsd_xerces-c2.nasl trunk/openvas-plugins/scripts/freebsd_xfce4-panel.nasl trunk/openvas-plugins/scripts/freebsd_xfs.nasl trunk/openvas-plugins/scripts/freebsd_xine.nasl trunk/openvas-plugins/scripts/freebsd_xine0.nasl trunk/openvas-plugins/scripts/freebsd_xli.nasl trunk/openvas-plugins/scripts/freebsd_xli0.nasl trunk/openvas-plugins/scripts/freebsd_xli1.nasl trunk/openvas-plugins/scripts/freebsd_xloadimage.nasl trunk/openvas-plugins/scripts/freebsd_xorg-clients.nasl trunk/openvas-plugins/scripts/freebsd_xorg-server.nasl trunk/openvas-plugins/scripts/freebsd_xorg-server0.nasl trunk/openvas-plugins/scripts/freebsd_xorg-server1.nasl trunk/openvas-plugins/scripts/freebsd_xpcd.nasl trunk/openvas-plugins/scripts/freebsd_xpdf.nasl trunk/openvas-plugins/scripts/freebsd_xpdf0.nasl trunk/openvas-plugins/scripts/freebsd_xpdf1.nasl trunk/openvas-plugins/scripts/freebsd_xpdf2.nasl trunk/openvas-plugins/scripts/freebsd_xshisen.nasl trunk/openvas-plugins/scripts/freebsd_xtrlock.nasl trunk/openvas-plugins/scripts/freebsd_xv.nasl trunk/openvas-plugins/scripts/freebsd_xv0.nasl trunk/openvas-plugins/scripts/freebsd_xview.nasl trunk/openvas-plugins/scripts/freebsd_yamt.nasl trunk/openvas-plugins/scripts/freebsd_yamt0.nasl trunk/openvas-plugins/scripts/freebsd_zebra.nasl trunk/openvas-plugins/scripts/freebsd_zenphoto.nasl trunk/openvas-plugins/scripts/freebsd_zgv.nasl trunk/openvas-plugins/scripts/freebsd_zgv0.nasl trunk/openvas-plugins/scripts/freebsd_zh-cce.nasl trunk/openvas-plugins/scripts/freebsd_zh-chitex.nasl trunk/openvas-plugins/scripts/freebsd_zh-emacs.nasl trunk/openvas-plugins/scripts/freebsd_zh-pine.nasl trunk/openvas-plugins/scripts/freebsd_zhcon.nasl trunk/openvas-plugins/scripts/freebsd_zinf.nasl trunk/openvas-plugins/scripts/freebsd_zip.nasl trunk/openvas-plugins/scripts/freebsd_zoo.nasl trunk/openvas-plugins/scripts/freebsd_zope.nasl trunk/openvas-plugins/scripts/freebsd_zope0.nasl trunk/openvas-plugins/scripts/freebsd_zope1.nasl trunk/openvas-plugins/scripts/freebsd_zope28.nasl trunk/openvas-plugins/scripts/freebsd_zsync.nasl trunk/openvas-plugins/scripts/freebsdsa_80211.nasl trunk/openvas-plugins/scripts/freebsdsa_amd64.nasl trunk/openvas-plugins/scripts/freebsdsa_amd641.nasl trunk/openvas-plugins/scripts/freebsdsa_arp.nasl trunk/openvas-plugins/scripts/freebsdsa_bind.nasl trunk/openvas-plugins/scripts/freebsdsa_bind1.nasl trunk/openvas-plugins/scripts/freebsdsa_bind2.nasl trunk/openvas-plugins/scripts/freebsdsa_bind3.nasl trunk/openvas-plugins/scripts/freebsdsa_bind4.nasl trunk/openvas-plugins/scripts/freebsdsa_bind5.nasl trunk/openvas-plugins/scripts/freebsdsa_bind9.nasl trunk/openvas-plugins/scripts/freebsdsa_bzip2.nasl trunk/openvas-plugins/scripts/freebsdsa_cpio.nasl trunk/openvas-plugins/scripts/freebsdsa_cvs.nasl trunk/openvas-plugins/scripts/freebsdsa_cvs1.nasl trunk/openvas-plugins/scripts/freebsdsa_cvs2.nasl trunk/openvas-plugins/scripts/freebsdsa_cvs3.nasl trunk/openvas-plugins/scripts/freebsdsa_cvsbug.nasl trunk/openvas-plugins/scripts/freebsdsa_devfs.nasl trunk/openvas-plugins/scripts/freebsdsa_ee.nasl trunk/openvas-plugins/scripts/freebsdsa_fetch.nasl trunk/openvas-plugins/scripts/freebsdsa_file.nasl trunk/openvas-plugins/scripts/freebsdsa_filedesc.nasl trunk/openvas-plugins/scripts/freebsdsa_fpu.nasl trunk/openvas-plugins/scripts/freebsdsa_gtar.nasl trunk/openvas-plugins/scripts/freebsdsa_gtar1.nasl trunk/openvas-plugins/scripts/freebsdsa_gzip.nasl trunk/openvas-plugins/scripts/freebsdsa_gzip1.nasl trunk/openvas-plugins/scripts/freebsdsa_heimdal.nasl trunk/openvas-plugins/scripts/freebsdsa_htt.nasl trunk/openvas-plugins/scripts/freebsdsa_icmp6.nasl trunk/openvas-plugins/scripts/freebsdsa_ifconf.nasl trunk/openvas-plugins/scripts/freebsdsa_iir.nasl trunk/openvas-plugins/scripts/freebsdsa_ipfw.nasl trunk/openvas-plugins/scripts/freebsdsa_ipfw1.nasl trunk/openvas-plugins/scripts/freebsdsa_ipsec.nasl trunk/openvas-plugins/scripts/freebsdsa_ipsec1.nasl trunk/openvas-plugins/scripts/freebsdsa_ipsec2.nasl trunk/openvas-plugins/scripts/freebsdsa_ipv6.nasl trunk/openvas-plugins/scripts/freebsdsa_ipv61.nasl trunk/openvas-plugins/scripts/freebsdsa_jail.nasl trunk/openvas-plugins/scripts/freebsdsa_jail1.nasl trunk/openvas-plugins/scripts/freebsdsa_jailroute.nasl trunk/openvas-plugins/scripts/freebsdsa_kadmind.nasl trunk/openvas-plugins/scripts/freebsdsa_kmem.nasl trunk/openvas-plugins/scripts/freebsdsa_kmem1.nasl trunk/openvas-plugins/scripts/freebsdsa_kmem2.nasl trunk/openvas-plugins/scripts/freebsdsa_ldt.nasl trunk/openvas-plugins/scripts/freebsdsa_libarchive.nasl trunk/openvas-plugins/scripts/freebsdsa_libc.nasl trunk/openvas-plugins/scripts/freebsdsa_linux.nasl trunk/openvas-plugins/scripts/freebsdsa_mksnap_ffs.nasl trunk/openvas-plugins/scripts/freebsdsa_msync.nasl trunk/openvas-plugins/scripts/freebsdsa_nfs.nasl trunk/openvas-plugins/scripts/freebsdsa_nmount.nasl trunk/openvas-plugins/scripts/freebsdsa_openssh.nasl trunk/openvas-plugins/scripts/freebsdsa_openssh1.nasl trunk/openvas-plugins/scripts/freebsdsa_openssh2.nasl trunk/openvas-plugins/scripts/freebsdsa_openssh3.nasl trunk/openvas-plugins/scripts/freebsdsa_openssh4.nasl trunk/openvas-plugins/scripts/freebsdsa_openssl.nasl trunk/openvas-plugins/scripts/freebsdsa_openssl1.nasl trunk/openvas-plugins/scripts/freebsdsa_openssl2.nasl trunk/openvas-plugins/scripts/freebsdsa_openssl3.nasl trunk/openvas-plugins/scripts/freebsdsa_openssl4.nasl trunk/openvas-plugins/scripts/freebsdsa_openssl5.nasl trunk/openvas-plugins/scripts/freebsdsa_opie.nasl trunk/openvas-plugins/scripts/freebsdsa_pf.nasl trunk/openvas-plugins/scripts/freebsdsa_ppp.nasl trunk/openvas-plugins/scripts/freebsdsa_procfs.nasl trunk/openvas-plugins/scripts/freebsdsa_procfs1.nasl trunk/openvas-plugins/scripts/freebsdsa_pty.nasl trunk/openvas-plugins/scripts/freebsdsa_random.nasl trunk/openvas-plugins/scripts/freebsdsa_sack.nasl trunk/openvas-plugins/scripts/freebsdsa_sendfile.nasl trunk/openvas-plugins/scripts/freebsdsa_sendfile1.nasl trunk/openvas-plugins/scripts/freebsdsa_sendmail.nasl trunk/openvas-plugins/scripts/freebsdsa_sendmail1.nasl trunk/openvas-plugins/scripts/freebsdsa_sendmail2.nasl trunk/openvas-plugins/scripts/freebsdsa_shmat.nasl trunk/openvas-plugins/scripts/freebsdsa_smbfs.nasl trunk/openvas-plugins/scripts/freebsdsa_syncache.nasl trunk/openvas-plugins/scripts/freebsdsa_syscons.nasl trunk/openvas-plugins/scripts/freebsdsa_tcp.nasl trunk/openvas-plugins/scripts/freebsdsa_tcp1.nasl trunk/openvas-plugins/scripts/freebsdsa_tcpdump.nasl trunk/openvas-plugins/scripts/freebsdsa_tcpdump1.nasl trunk/openvas-plugins/scripts/freebsdsa_telnet.nasl trunk/openvas-plugins/scripts/freebsdsa_texindex.nasl trunk/openvas-plugins/scripts/freebsdsa_ypserv.nasl trunk/openvas-plugins/scripts/freebsdsa_zlib.nasl trunk/openvas-plugins/scripts/freebsdsa_zlib1.nasl trunk/openvas-plugins/scripts/pkg-lib-bsd.inc Modified: trunk/openvas-plugins/ChangeLog Log: New scripts added Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/ChangeLog 2008-09-04 18:41:11 UTC (rev 1282) @@ -1,5 +1,8 @@ 2008-09-04 Thomas Reinke + * FreeBSD scripts added. +2008-09-04 Thomas Reinke + * deb_1629_1.nasl deb_1629_2.nasl deb_1630_1.nasl deb_1631_1.nasl New debian scripts Added: trunk/openvas-plugins/scripts/freebsd_DarwinStreamingServer.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_DarwinStreamingServer.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_DarwinStreamingServer.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID c7cad0f0-671a-11d8-bdeb-000a95bc6fae +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52512); + script_bugtraq_id(9735); + script_cve_id("CVE-2004-0169"); + script_version ("$"); + name["english"] = "FreeBSD Ports: DarwinStreamingServer"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: DarwinStreamingServer + +CVE-2004-0169 +QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote +attackers to cause a denial of service (crash) via DESCRIBE requests +with long User-Agent fields, which causes an Assert error to be +triggered in the BufferIsFull function. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.idefense.com/application/poi/display?id=75 +http://www.vuxml.org/freebsd/c7cad0f0-671a-11d8-bdeb-000a95bc6fae.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: DarwinStreamingServer"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"DarwinStreamingServer"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.1.3g")<=0) { + security_note(0, data:"Package DarwinStreamingServer version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ImageMagick.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ImageMagick.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_ImageMagick.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID 713c3913-8c2b-11d9-b58c-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52167); + script_cve_id("CVE-2005-0397"); + script_version ("$"); + name["english"] = "FreeBSD Ports: ImageMagick"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: ImageMagick + +CVE-2005-0397 +Format string vulnerability in the SetImageInfo function in image.c +for ImageMagick before 6.0.2.5 may allow remote attackers to cause a +denial of service (application crash) and possibly execute arbitrary +code via format string specifiers in a filename argument to convert, +which may be called by other web applications. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.ubuntulinux.org/support/documentation/usn/usn-90-1 +http://www.vuxml.org/freebsd/713c3913-8c2b-11d9-b58c-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ImageMagick"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ImageMagick"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.2.0.3")<0) { + security_note(0, data:"Package ImageMagick version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ImageMagick0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ImageMagick0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_ImageMagick0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,86 @@ +# +#VID 597e2bee-68ea-11d9-a9e7-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52230); + script_cve_id("CVE-2005-0005"); + script_version ("$"); + name["english"] = "FreeBSD Ports: ImageMagick"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: ImageMagick + +CVE-2005-0005 +Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and +possibly earlier versions allows remote attackers to execute arbitrary +code via a .PSD image file with a large number of layers. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.idefense.com/application/poi/display?id=184&type=vulnerabilities +http://www.vuxml.org/freebsd/597e2bee-68ea-11d9-a9e7-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ImageMagick"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ImageMagick"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.1.8.8")<0) { + security_note(0, data:"Package ImageMagick version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ImageMagick1.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ImageMagick1.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_ImageMagick1.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID eeb1c128-33e7-11d9-a9e7-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52309); + script_cve_id("CVE-2004-0981"); + script_bugtraq_id(11548); + script_version ("$"); + name["english"] = "FreeBSD Ports: ImageMagick"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: ImageMagick + +CVE-2004-0981 +Buffer overflow in the EXIF parsing routine in ImageMagick before +6.1.0 allows remote attackers to execute arbitrary code via a certain +image file. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/12995/ +http://www.imagemagick.org/www/Changelog.html +http://www.vuxml.org/freebsd/eeb1c128-33e7-11d9-a9e7-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ImageMagick"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ImageMagick"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.1.3")<0) { + security_note(0, data:"Package ImageMagick version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ImageMagick2.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ImageMagick2.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_ImageMagick2.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,94 @@ +# +#VID b6cad7f3-fb59-11d8-9837-000c41e2cdad +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52397); + script_cve_id("CVE-2004-0827"); + script_version ("$"); + name["english"] = "FreeBSD Ports: ImageMagick, ImageMagick-nox11"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + ImageMagick + ImageMagick-nox11 + +CVE-2004-0827 +Multiple buffer overflows in the ImageMagick graphics library 5.x +before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause +a denial of service (application crash) and possibly execute arbitrary +code via malformed (1) AVI, (2) BMP, or (3) DIB files. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.imagemagick.org/www/Changelog.html +http://www.vuxml.org/freebsd/b6cad7f3-fb59-11d8-9837-000c41e2cdad.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ImageMagick, ImageMagick-nox11"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ImageMagick"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.0.6.2")<0) { + security_note(0, data:"Package ImageMagick version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ImageMagick-nox11"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.0.6.2")<0) { + security_note(0, data:"Package ImageMagick-nox11 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ImageMagick3.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ImageMagick3.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_ImageMagick3.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,111 @@ +# +#VID a713c0f9-ec54-11d8-9440-000347a4fa7d +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52430); + script_cve_id("CVE-2004-0597", "CVE-2004-0598", "CVE-2004-0599"); + script_version ("$"); + name["english"] = "FreeBSD Ports: ImageMagick, ImageMagick-nox11"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + ImageMagick + ImageMagick-nox11 + +CVE-2004-0597 +Multiple buffer overflows in libpng 1.2.5 and earlier, as used in +multiple products, allow remote attackers to execute arbitrary code +via malformed PNG images in which (1) the png_handle_tRNS function +does not properly validate the length of transparency chunk (tRNS) +data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do +not perform sufficient bounds checking. + +CVE-2004-0598 +The png_handle_iCCP function in libpng 1.2.5 and earlier allows +remote attackers to cause a denial of service (application crash) +via a certain PNG image that triggers a null dereference. + +CVE-2004-0599 +Multiple integer overflows in the (1) png_read_png in pngread.c +or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive +display image reading capability in libpng 1.2.5 and earlier allow +remote attackers to cause a denial of service (application crash) +via a malformed PNG image. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://studio.imagemagick.org/pipermail/magick-users/2004-August/013218.html +http://freshmeat.net/releases/169228 +http://secunia.com/advisories/12236 +http://www.freebsd.org/ports/portaudit/f9e3e60b-e650-11d8-9b0a-000347a4fa7d.html +http://www.vuxml.org/freebsd/a713c0f9-ec54-11d8-9440-000347a4fa7d.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ImageMagick, ImageMagick-nox11"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ImageMagick"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.0.4.2")<0) { + security_note(0, data:"Package ImageMagick version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ImageMagick-nox11"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.0.4.2")<0) { + security_note(0, data:"Package ImageMagick-nox11 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ImageMagick4.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ImageMagick4.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_ImageMagick4.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,87 @@ +# +#VID cd286cc5-b762-11d9-bfb7-000c6ec775d9 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52544); + script_bugtraq_id(13351); + script_cve_id("CVE-2005-1275"); + script_version ("$"); + name["english"] = "FreeBSD Ports: ImageMagick"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: ImageMagick + +The installed version of ImageMagick is vulnerable +to a heap-based buffer overflow in the ReadPNMImage +function. Attackers may trigger a denial of service +attack via a PNM file with small colors value. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://marc.theaimsgroup.com/?l=bugtraq&m=111445767107869 +http://www.vuxml.org/freebsd/cd286cc5-b762-11d9-bfb7-000c6ec775d9.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ImageMagick"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ImageMagick"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.2.2")<0) { + security_note(0, data:"Package ImageMagick version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ImageMagick5.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ImageMagick5.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_ImageMagick5.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,82 @@ +# +#VID 18e3a5be-81f9-11db-95a2-0012f06707f0 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57677); + script_cve_id("CVE-2006-5868"); + script_bugtraq_id(21185); + script_version ("$"); + name["english"] = "FreeBSD Ports: ImageMagick"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: ImageMagick + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.securityfocus.com/bid/21185/discuss +http://www.vuxml.org/freebsd/18e3a5be-81f9-11db-95a2-0012f06707f0.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ImageMagick"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ImageMagick"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.0.0")>=0 && ssvercheck(a:bver, b:"6.2.9")<0) { + security_note(0, data:"Package ImageMagick version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ImageMagick6.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ImageMagick6.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_ImageMagick6.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,90 @@ +# +#VID f5b29ec0-71f9-11dc-8c6a-00304881ac9a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58785); + script_cve_id("CVE-2007-4985", "CVE-2007-4986", "CVE-2007-4987", "CVE-2007-4988"); + script_version ("$"); + name["english"] = "FreeBSD Ports: ImageMagick, ImageMagick-nox11"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + ImageMagick + ImageMagick-nox11 + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html +http://www.vuxml.org/freebsd/f5b29ec0-71f9-11dc-8c6a-00304881ac9a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ImageMagick, ImageMagick-nox11"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ImageMagick"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.3.5.9")<0) { + security_note(0, data:"Package ImageMagick version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ImageMagick-nox11"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.3.5.9")<0) { + security_note(0, data:"Package ImageMagick-nox11 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_MT.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_MT.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_MT.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,82 @@ +# +#VID 350a5bd9-520b-11db-8f1a-000a48049292 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57468); + script_cve_id("CVE-2006-5080"); + script_version ("$"); + name["english"] = "FreeBSD Ports: MT"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: MT + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/22109 +http://www.sixapart.com/movabletype/news/2006/09/mt_333-mte_103_updates.html +http://www.vuxml.org/freebsd/350a5bd9-520b-11db-8f1a-000a48049292.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: MT"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"MT"); +if(!isnull(bver) && revisions-lib(a:bver, b:"3.3")>=0 && ssvercheck(a:bver, b:"3.33")<0) { + security_note(0, data:"Package MT version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_SSLtelnet.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_SSLtelnet.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_SSLtelnet.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,86 @@ +# +#VID 4aec9d58-ce7b-11d8-858d-000d610a3b12 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52435); + script_cve_id("CVE-2004-0640"); + script_version ("$"); + name["english"] = "FreeBSD Ports: SSLtelnet"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: SSLtelnet + +CVE-2004-0640 +Format string vulnerability in the SSL_set_verify function in +telnetd.c for SSLtelnet daemon (SSLtelnetd) 0.13 allows remote +attackers to execute arbitrary code. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.idefense.com/application/poi/display?id=114&type=vulnerabilities +http://www.vuxml.org/freebsd/4aec9d58-ce7b-11d8-858d-000d610a3b12.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: SSLtelnet"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"SSLtelnet"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.13_1")<=0) { + security_note(0, data:"Package SSLtelnet version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_WebCalendar.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_WebCalendar.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_WebCalendar.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,84 @@ +# +#VID 07ead557-a220-11da-b410-000e0c2e438a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56316); + script_cve_id("CVE-2005-2320"); + script_bugtraq_id(14072); + script_version ("$"); + name["english"] = "FreeBSD Ports: WebCalendar"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: WebCalendar + +CVE-2005-2320 +WebCalendar before 1.0.0 does not properly restrict access to +assistant_edit.php, which allows remote attackers to gain privileges. + +Solution: +Update your system with the appropriate patches or +software upgrades. + + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: WebCalendar"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"WebCalendar"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.0.0")<0) { + security_note(0, data:"Package WebCalendar version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_WebCalendar0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_WebCalendar0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_WebCalendar0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,90 @@ +# +#VID 09c92f3a-fd49-11da-995c-605724cdf281 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56974); + script_cve_id("CVE-2006-2762"); + script_bugtraq_id(18175); + script_version ("$"); + name["english"] = "FreeBSD Ports: WebCalendar"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: WebCalendar + +CVE-2006-2762 +PHP remote file inclusion vulnerability in includes/config.php in +WebCalendar 1.0.3 allows remote attackers to execute arbitrary PHP +code via a URL in the includedir parameter, which is remotely accessed +in an fopen call whose results are used to define a user_inc setting +that is used in an include_once call. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.securityfocus.com/archive/1/435379 +http://www.securityfocus.com/archive/1/436263 +http://www.vuxml.org/freebsd/09c92f3a-fd49-11da-995c-605724cdf281.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: WebCalendar"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"WebCalendar"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.0.4")<0) { + security_note(0, data:"Package WebCalendar version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_WebCalendar1.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_WebCalendar1.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_WebCalendar1.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,85 @@ +# +#VID 72999d57-d6f6-11db-961b-005056847b26 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58866); + script_cve_id("CVE-2007-1343"); + script_bugtraq_id(22834); + script_version ("$"); + name["english"] = "FreeBSD Ports: WebCalendar"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: WebCalendar + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://sourceforge.net/project/shownotes.php?release_id=491130 +http://xforce.iss.net/xforce/xfdb/32832 +http://www.vuxml.org/freebsd/72999d57-d6f6-11db-961b-005056847b26.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: WebCalendar"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"WebCalendar"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.0.5")<0) { + security_note(0, data:"Package WebCalendar version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_XFree86-Server.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_XFree86-Server.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_XFree86-Server.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,105 @@ +# +#VID 3837f462-5d6b-11d8-80e3-0020ed76ef5a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52495); + script_cve_id("CVE-2004-0083", "CVE-2004-0084", "CVE-2004-0106"); + script_bugtraq_id(9636,9652,9655); + script_version ("$"); + name["english"] = "FreeBSD Ports: XFree86-Server"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: XFree86-Server + +CVE-2004-0083 +Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 +through 4.3.0 allows local users and remote attackers to execute +arbitrary code via a font alias file (font.alias) with a long token, a +different vulnerability than CVE-2004-0084 and CVE-2004-0106. + +CVE-2004-0084 +Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to +4.3.0, when using the CopyISOLatin1Lowered function, allows local or +remote authenticated users to execute arbitrary code via a malformed +entry in the font alias (font.alias) file, a different vulnerability +than CVE-2004-0083 and CVE-2004-0106. + +CVE-2004-0106 +Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to +improper handling of font files, a different set of vulnerabilities +than CVE-2004-0083 and CVE-2004-0084. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.idefense.com/application/poi/display?id=72 +http://www.idefense.com/application/poi/display?id=73 +http://www.vuxml.org/freebsd/3837f462-5d6b-11d8-80e3-0020ed76ef5a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: XFree86-Server"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"XFree86-Server"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.3.0_13")<=0) { + security_note(0, data:"Package XFree86-Server version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"4.3.99")>=0 && ssvercheck(a:bver, b:"4.3.99.15_1")<=0) { + security_note(0, data:"Package XFree86-Server version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_XFree86-Server0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_XFree86-Server0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_XFree86-Server0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,94 @@ +# +#VID a863aa74-24be-11da-8882-000e0c33c2dc +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(55335); + script_cve_id("CVE-2005-2495"); + script_bugtraq_id(14807); + script_version ("$"); + name["english"] = "FreeBSD Ports: XFree86-Server"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + XFree86-Server + xorg-server + +Solution: +Update your system with the appropriate patches or +software upgrades. + +https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166856 +https://bugs.freedesktop.org/show_bug.cgi?id=594 +http://www.vuxml.org/freebsd/a863aa74-24be-11da-8882-000e0c33c2dc.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: XFree86-Server"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"XFree86-Server"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.5.0_2")<0) { + security_note(0, data:"Package XFree86-Server version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"xorg-server"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.8.2_5")<0) { + security_note(0, data:"Package xorg-server version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"6.8.99")>0 && ssvercheck(a:bver, b:"6.8.99.12_1")<0) { + security_note(0, data:"Package xorg-server version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_a2ps-a4.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_a2ps-a4.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_a2ps-a4.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,100 @@ +# +#VID 9168253c-5a6d-11d9-a9e7-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52258); + script_cve_id("CVE-2004-1377"); + script_bugtraq_id(12108,12109); + script_version ("$"); + name["english"] = "FreeBSD Ports: a2ps-a4, a2ps-letter, a2ps-letterdj"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + a2ps-a4 + a2ps-letter + a2ps-letterdj + +CVE-2004-1377 +The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) +scripts in a2ps before 4.13 allow local users to overwrite arbitrary +files via a symlink attack on temporary files. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/13641/ +http://www.vuxml.org/freebsd/9168253c-5a6d-11d9-a9e7-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: a2ps-a4, a2ps-letter, a2ps-letterdj"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"a2ps-a4"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.13b_3")<0) { + security_note(0, data:"Package a2ps-a4 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"a2ps-letter"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.13b_3")<0) { + security_note(0, data:"Package a2ps-letter version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"a2ps-letterdj"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.13b_3")<0) { + security_note(0, data:"Package a2ps-letterdj version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_a2ps-a40.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_a2ps-a40.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_a2ps-a40.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,100 @@ +# +#VID 8091fcea-f35e-11d8-81b0-000347a4fa7d +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52334); + script_cve_id("CVE-2004-1170"); + script_bugtraq_id(11025); + script_version ("$"); + name["english"] = "FreeBSD Ports: a2ps-a4"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + a2ps-a4 + a2ps-letter + a2ps-letterdj + +CVE-2004-1170 +a2ps 4.13 allows remote attackers to execute arbitrary commands via +shell metacharacters in the filename. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.osvdb.org/9176 +http://marc.theaimsgroup.com/?l=full-disclosure&m=109334851517137 +http://www.vuxml.org/freebsd/8091fcea-f35e-11d8-81b0-000347a4fa7d.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: a2ps-a4"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"a2ps-a4"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.13b_2")<0) { + security_note(0, data:"Package a2ps-a4 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"a2ps-letter"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.13b_2")<0) { + security_note(0, data:"Package a2ps-letter version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"a2ps-letterdj"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.13b_2")<0) { + security_note(0, data:"Package a2ps-letterdj version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_acroread.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_acroread.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_acroread.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,100 @@ +# +#VID 28e93883-539f-11d9-a9e7-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52264); + script_cve_id("CVE-2004-1152"); + script_version ("$"); + name["english"] = "FreeBSD Ports: acroread, acroread4, acroread5"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + acroread + acroread4 + acroread5 + +CVE-2004-1152 +Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader +5.09 for Unix allows remote attackers to execute arbitrary code via an +e-mail message with a crafted PDF attachment. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.adobe.com/support/techdocs/331153.html +http://www.idefense.com/application/poi/display?id=161&type=vulnerabilities +http://www.vuxml.org/freebsd/28e93883-539f-11d9-a9e7-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: acroread, acroread4, acroread5"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"acroread"); +if(!isnull(bver) && revisions-lib(a:bver, b:"5.10")<0) { + security_note(0, data:"Package acroread version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"acroread4"); +if(!isnull(bver) && revisions-lib(a:bver, b:"5.10")<0) { + security_note(0, data:"Package acroread4 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"acroread5"); +if(!isnull(bver) && revisions-lib(a:bver, b:"5.10")<0) { + security_note(0, data:"Package acroread5 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_acroread0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_acroread0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_acroread0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,102 @@ +# +#VID 78348ea2-ec91-11d8-b913-000c41e2cdad +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52425); + script_bugtraq_id(10931); + script_cve_id("CVE-2004-0630"); + script_version ("$"); + name["english"] = "FreeBSD Ports: acroread, acroread4, acroread5"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + acroread + acroread4 + acroread5 + +CVE-2004-0630 +The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for +Unix and Linux, and possibly other versions including those before +5.0.9, allows remote attackers to execute arbitrary code via shell +metacharacters ('`' or backtick) in the filename of the PDF file that +is provided to the uudecode command. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.idefense.com/application/poi/display?id=124&type=vulnerabilities +http://www.vuxml.org/freebsd/78348ea2-ec91-11d8-b913-000c41e2cdad.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: acroread, acroread4, acroread5"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"acroread"); +if(!isnull(bver) && revisions-lib(a:bver, b:"5.0.9")<0) { + security_note(0, data:"Package acroread version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"acroread4"); +if(!isnull(bver) && revisions-lib(a:bver, b:"5.0.9")<0) { + security_note(0, data:"Package acroread4 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"acroread5"); +if(!isnull(bver) && revisions-lib(a:bver, b:"5.0.9")<0) { + security_note(0, data:"Package acroread5 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_acroread1.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_acroread1.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_acroread1.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,105 @@ +# +#VID f74dc01b-0e83-11da-bc08-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(55088); + script_bugtraq_id(14603); + script_cve_id("CVE-2005-2470"); + script_version ("$"); + name["english"] = "FreeBSD Ports: acroread"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + acroread + acroread4 + acroread5 + acroread7 + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.adobe.com/support/techdocs/321644.html +http://www.vuxml.org/freebsd/f74dc01b-0e83-11da-bc08-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: acroread"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"acroread"); +if(!isnull(bver) && revisions-lib(a:bver, b:"7.0.1")<0) { + security_note(0, data:"Package acroread version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"5.*,1")>0 && ssvercheck(a:bver, b:"7.0.1,1")<0) { + security_note(0, data:"Package acroread version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"acroread4"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package acroread4 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"acroread5"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package acroread5 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"acroread7"); +if(!isnull(bver) && revisions-lib(a:bver, b:"7.0.1")<0) { + security_note(0, data:"Package acroread7 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_acroread4.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_acroread4.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_acroread4.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,101 @@ +# +#VID 107692a1-ee6c-11d9-8310-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(54181); + script_cve_id("CVE-2005-1912"); + script_version ("$"); + name["english"] = "FreeBSD Ports: acroread4, acroread5"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + acroread4 + acroread5 + acroread + +Please visit the referenced security advisory for +more information. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/secunia_research/2005-6/advisory/ +http://www.vuxml.org/freebsd/107692a1-ee6c-11d9-8310-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: acroread4, acroread5"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"acroread4"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package acroread4 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"acroread5"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package acroread5 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"acroread"); +if(!isnull(bver) && revisions-lib(a:bver, b:"7.0.0")<0) { + security_note(0, data:"Package acroread version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"5.*,1")>0 && ssvercheck(a:bver, b:"7.0.0,1")<0) { + security_note(0, data:"Package acroread version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_acroread40.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_acroread40.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_acroread40.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,104 @@ +# +#VID 70c59485-ee5a-11d9-8310-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(54184); + script_cve_id("CVE-2005-1625"); + script_version ("$"); + name["english"] = "FreeBSD Ports: acroread4, acroread5"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + acroread4 + acroread5 + acroread + +CVE-2005-1625 +Stack-based buffer overflow in the UnixAppOpenFilePerform function in +Adobe Reader 5.0.9 and 5.0.10 for Unix allows remote attackers to +execute arbitrary code via a PDF document with a long /Filespec tag. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.adobe.com/support/techdocs/329083.html +http://marc.theaimsgroup.com/?l=bugtraq&m=112059685332569 +http://www.vuxml.org/freebsd/70c59485-ee5a-11d9-8310-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: acroread4, acroread5"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"acroread4"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package acroread4 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"acroread5"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package acroread5 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"acroread"); +if(!isnull(bver) && revisions-lib(a:bver, b:"7.0.0")<0) { + security_note(0, data:"Package acroread version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"5.*,1")>0 && ssvercheck(a:bver, b:"7.0.0,1")<0) { + security_note(0, data:"Package acroread version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_acroread7.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_acroread7.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_acroread7.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,91 @@ +# +#VID 02bc9b7c-e019-11d9-a8bd-000cf18bbe54 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(53073); + script_bugtraq_id(13962); + script_cve_id("CVE-2005-1306"); + script_version ("$"); + name["english"] = "FreeBSD Ports: acroread7, ja-acroread"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + acroread7 + ja-acroread + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://shh.thathost.com/secadv/adobexxe/ +http://www.adobe.com/support/techdocs/331710.html +http://support.adobe.co.jp/faq/faq/qadoc.sv?226360+002+3 +http://www.vuxml.org/freebsd/02bc9b7c-e019-11d9-a8bd-000cf18bbe54.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: acroread7, ja-acroread"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"acroread7"); +if(!isnull(bver) && revisions-lib(a:bver, b:"7.0.0")>=0 && ssvercheck(a:bver, b:"7.0.2")<0) { + security_note(0, data:"Package acroread7 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ja-acroread"); +if(!isnull(bver) && revisions-lib(a:bver, b:"7.0.0")>=0 && ssvercheck(a:bver, b:"7.0.2")<0) { + security_note(0, data:"Package ja-acroread version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_agenda-snow-libs.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_agenda-snow-libs.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_agenda-snow-libs.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,162 @@ +# +#VID ef253f8b-0727-11d9-b45d-000c41e2cdad +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52386); + script_cve_id("CVE-2004-0687", "CVE-2004-0688"); + script_version ("$"); + name["english"] = "xpm -- image decoding vulnerabilities"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + agenda-snow-libs + linux_base + open-motif-devel + mupad + zh-cle_base + libXpm + XFree86-libraries + xorg-libraries + lesstif + xpm + linux-openmotif + open-motif + +CVE-2004-0687 +Multiple stack-based buffer overflows in (1) xpmParseColors in +parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in +parse.c for libXpm before 6.8.1 allow remote attackers to execute +arbitrary code via a malformed XPM image file. + +CVE-2004-0688 +Multiple integer overflows in (1) the xpmParseColors function in +parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) +ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may +allow remote attackers to execute arbitrary code via a malformed XPM +image file. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://freedesktop.org/pipermail/xorg/2004-September/003172.html +http://scary.beasts.org/security/CESA-2004-003.txt +http://www.vuxml.org/freebsd/ef253f8b-0727-11d9-b45d-000c41e2cdad.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "xpm -- image decoding vulnerabilities"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"agenda-snow-libs"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package agenda-snow-libs version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"linux_base"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package linux_base version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"open-motif-devel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package open-motif-devel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"mupad"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package mupad version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"zh-cle_base"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package zh-cle_base version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"libXpm"); +if(!isnull(bver) && revisions-lib(a:bver, b:"3.5.1_1")<0) { + security_note(0, data:"Package libXpm version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"XFree86-libraries"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.4.0_1")<0) { + security_note(0, data:"Package XFree86-libraries version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"xorg-libraries"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.7.0_2")<0) { + security_note(0, data:"Package xorg-libraries version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"lesstif"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.93.96,2")<0) { + security_note(0, data:"Package lesstif version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"xpm"); +if(!isnull(bver) && revisions-lib(a:bver, b:"3.4k_1")<0) { + security_note(0, data:"Package xpm version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"linux-openmotif"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.2.4")<0) { + security_note(0, data:"Package linux-openmotif version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"open-motif"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.2.3_1")<0) { + security_note(0, data:"Package open-motif version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_alsaplayer.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_alsaplayer.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_alsaplayer.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,81 @@ +# +#VID 9855ac8e-2aec-11db-a6e2-000e0c2e438a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57254); + script_bugtraq_id(19450); + script_version ("$"); + name["english"] = "FreeBSD Ports: alsaplayer"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: alsaplayer + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://aluigi.altervista.org/adv/alsapbof-adv.txt +http://www.vuxml.org/freebsd/9855ac8e-2aec-11db-a6e2-000e0c2e438a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: alsaplayer"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"alsaplayer"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>0) { + security_note(0, data:"Package alsaplayer version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_amaya.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_amaya.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_amaya.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,93 @@ +# +#VID dc930435-d59f-11da-8098-00123ffe8333 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56650); + script_bugtraq_id(17507); + script_cve_id("CVE-2006-1900"); + script_version ("$"); + name["english"] = "FreeBSD Ports: amaya"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: amaya + +CVE-2006-1900 +Multiple buffer overflows in World Wide Web Consortium (W3C) Amaya +9.4, and possibly other versions including 8.x before 8.8.5, allow +remote attackers to execute arbitrary code via a long value in (1) the +COMPACT attribute of the COLGROUP element, (2) the ROWS attribute of +the TEXTAREA element, and (3) the COLOR attribute of the LEGEND +element; and via other unspecified attack vectors consisting of +'dozens of possible snippets.' + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://morph3us.org/advisories/20060412-amaya-94.txt +http://morph3us.org/advisories/20060412-amaya-94-2.txt +http://secunia.com/advisories/19670/ +http://www.vuxml.org/freebsd/dc930435-d59f-11da-8098-00123ffe8333.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: amaya"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"amaya"); +if(!isnull(bver) && revisions-lib(a:bver, b:"9.5")<0) { + security_note(0, data:"Package amaya version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_anubis.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_anubis.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_anubis.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,94 @@ +# +#VID 8471bb85-6fb0-11d8-873f-0020ed76ef5a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52494); + script_cve_id("CVE-2004-0353", "CVE-2004-0354"); + script_bugtraq_id(9772); + script_version ("$"); + name["english"] = "FreeBSD Ports: anubis"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: anubis + +CVE-2004-0353 +Multiple buffer overflows in auth_ident() function in auth.c for GNU +Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers +to gain privileges via a long string. + +CVE-2004-0354 +Multiple format string vulnerabilities in GNU Anubis 3.6.0 through +3.6.2, 3.9.92 and 3.9.93 allow remote attackers to execute arbitrary +code via format string specifiers in strings passed to (1) the info +function in log.c, (2) the anubis_error function in errs.c, or (3) the +ssl_error function in ssl.c. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://lists.netsys.com/pipermail/full-disclosure/2004-March/018290.html +http://www.vuxml.org/freebsd/8471bb85-6fb0-11d8-873f-0020ed76ef5a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: anubis"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"anubis"); +if(!isnull(bver) && revisions-lib(a:bver, b:"3.6.2_1")<=0) { + security_note(0, data:"Package anubis version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_apache+mod_ssl.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_apache+mod_ssl.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_apache+mod_ssl.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,104 @@ +# +#VID 18974c8a-1fbd-11d9-814e-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52339); + script_cve_id("CVE-2004-0700"); + script_bugtraq_id(10736); + script_version ("$"); + name["english"] = "FreeBSD Ports: apache+mod_ssl"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + apache+mod_ssl + apache+mod_ssl+ipv6 + ru-apache+mod_ssl + +CVE-2004-0700 +Format string vulnerability in the mod_proxy hook functions function +in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 +may allow remote attackers to execute arbitrary messages via format +string specifiers in certain log messages for HTTPS that are handled +by the ssl_log function. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.openpkg.org/security/OpenPKG-SA-2004.032-apache.html +http://packetstormsecurity.org/0407-advisories/modsslFormat.txt +http://marc.theaimsgroup.com/?l=apache-modssl&m=109001100906749 +http://www.vuxml.org/freebsd/18974c8a-1fbd-11d9-814e-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: apache+mod_ssl"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"apache+mod_ssl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.31+2.8.19")<0) { + security_note(0, data:"Package apache+mod_ssl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.31+2.8.19")<0) { + security_note(0, data:"Package apache+mod_ssl+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ru-apache+mod_ssl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.31+30.20+2.8.19")<0) { + security_note(0, data:"Package ru-apache+mod_ssl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_apache+ssl.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_apache+ssl.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_apache+ssl.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,89 @@ +# +#VID 7557a2b1-5d63-11d8-80e3-0020ed76ef5a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52529); + script_version ("$"); + name["english"] = "FreeBSD Ports: apache+ssl"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: apache+ssl + +If configured with SSLVerifyClient set to 1 or 3 (client certificates +optional) and SSLFakeBasicAuth, Apache-SSL 1.3.28+1.52 and all earlier +versions would permit a client to use real basic authentication to +forge a client certificate. + +All the attacker needed is the 'one-line DN' of a valid user, as used +by faked basic auth in Apache-SSL, and the fixed password ('password' +by default). + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.apache-ssl.org/advisory-20040206.txt +http://www.vuxml.org/freebsd/7557a2b1-5d63-11d8-80e3-0020ed76ef5a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: apache+ssl"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"apache+ssl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.29.1.53")<0) { + security_note(0, data:"Package apache+ssl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_apache-tomcat.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_apache-tomcat.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_apache-tomcat.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,95 @@ +# +#VID ab2575d6-39f0-11dc-b8cc-000fea449b8a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58825); + script_cve_id("CVE-2007-1355"); + script_bugtraq_id(24058); + script_version ("$"); + name["english"] = "FreeBSD Ports: apache-tomcat"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + apache-tomcat + tomcat + jakarta-tomcat + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: apache-tomcat"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"apache-tomcat"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.0.0")>0 && ssvercheck(a:bver, b:"6.0.11")<0) { + security_note(0, data:"Package apache-tomcat version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"tomcat"); +if(!isnull(bver) && revisions-lib(a:bver, b:"5.0.0")>0 && ssvercheck(a:bver, b:"5.5.24")<0) { + security_note(0, data:"Package tomcat version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"jakarta-tomcat"); +if(!isnull(bver) && revisions-lib(a:bver, b:"5.0.0")>0 && ssvercheck(a:bver, b:"5.5.24")<0) { + security_note(0, data:"Package jakarta-tomcat version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_apache-tomcat0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_apache-tomcat0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_apache-tomcat0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,110 @@ +# +#VID 872623af-39ec-11dc-b8cc-000fea449b8a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58826); + script_cve_id("CVE-2005-2090", "CVE-2007-0450", "CVE-2007-1358"); + script_version ("$"); + name["english"] = "FreeBSD Ports: apache-tomcat"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + apache-tomcat + tomcat + jakarta-tomcat + +CVE-2005-2090 +Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) +allows remote attackers to poison the web cache, bypass web +application firewall protection, and conduct XSS attacks via an HTTP +request with both a 'Transfer-Encoding: chunked' header and a +Content-Length header, which causes Tomcat to incorrectly handle and +forward the body of the request in a way that causes the receiving +server to process it as a separate HTTP request, aka 'HTTP Request +Smuggling.' + +Solution: +Update your system with the appropriate patches or +software upgrades. + + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: apache-tomcat"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"apache-tomcat"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.1.0")>=0 && ssvercheck(a:bver, b:"4.1.36")<0) { + security_note(0, data:"Package apache-tomcat version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"6.0.0")>0 && ssvercheck(a:bver, b:"6.0.11")<0) { + security_note(0, data:"Package apache-tomcat version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"tomcat"); +if(!isnull(bver) && revisions-lib(a:bver, b:"5.0.0")>0 && ssvercheck(a:bver, b:"5.5.23")<0) { + security_note(0, data:"Package tomcat version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"jakarta-tomcat"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.0.0")>=0 && ssvercheck(a:bver, b:"4.1.0")<0) { + security_note(0, data:"Package jakarta-tomcat version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"5.0.0")>0 && ssvercheck(a:bver, b:"5.5.23")<0) { + security_note(0, data:"Package jakarta-tomcat version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_apache.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_apache.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_apache.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID 282dfea0-3378-11d9-b404-000c6e8f12ef +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52310); + script_bugtraq_id(11436); + script_cve_id("CVE-2004-0942"); + script_version ("$"); + name["english"] = "FreeBSD Ports: apache"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: apache + +CVE-2004-0942 +Apache webserver 2.0.52 and earlier allows remote attackers to cause a +denial of service (CPU consumption) via an HTTP GET request with a +MIME header containing multiple lines with a large number of space +characters. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://marc.theaimsgroup.com/?l=full-disclosure&m=109930632317208 +http://www.vuxml.org/freebsd/282dfea0-3378-11d9-b404-000c6e8f12ef.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: apache"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"apache"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2")>0 && ssvercheck(a:bver, b:"2.0.52_2")<=0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_apache0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_apache0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_apache0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,131 @@ +# +#VID 6e6a6b8a-2fde-11d9-b3a2-0050fc56d258 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52314); + script_bugtraq_id(11471); + script_cve_id("CVE-2004-0940"); + script_version ("$"); + name["english"] = "FreeBSD Ports: apache"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + apache + apache+mod_ssl + apache+mod_ssl+ipv6 + apache+mod_perl + apache+ipv6 + apache+ssl + ru-apache + ru-apache+mod_ssl + +CVE-2004-0940 +Buffer overflow in the get_tag function in mod_include for Apache +1.3.x to 1.3.32 allows local users who can create SSI documents to +execute arbitrary code as the apache user via SSI (XSSI) documents +that trigger a length calculation error. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.securitylab.ru/48807.html +http://www.vuxml.org/freebsd/6e6a6b8a-2fde-11d9-b3a2-0050fc56d258.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: apache"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"apache"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.33")<0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.32+2.8.21_1")<0) { + security_note(0, data:"Package apache+mod_ssl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.32+2.8.21_1")<0) { + security_note(0, data:"Package apache+mod_ssl+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_perl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.31")<=0) { + security_note(0, data:"Package apache+mod_perl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.33")<0) { + security_note(0, data:"Package apache+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+ssl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.29.1.55")<=0) { + security_note(0, data:"Package apache+ssl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ru-apache"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.33+30.21")<0) { + security_note(0, data:"Package ru-apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ru-apache+mod_ssl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.33+30.21+2.8.22")<0) { + security_note(0, data:"Package ru-apache+mod_ssl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_apache1.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_apache1.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_apache1.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,94 @@ +# +#VID 7b81fc47-239f-11d9-814e-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52331); + script_cve_id("CVE-2004-0748", "CVE-2004-0751"); + script_bugtraq_id(11094,11154); + script_version ("$"); + name["english"] = "FreeBSD Ports: apache"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: apache + +CVE-2004-0748 +mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause +a denial of service (CPU consumption) by aborting an SSL connection in +a way that causes an Apache child process to enter an infinite loop. + +CVE-2004-0751 +The char_buffer_read function in the mod_ssl module for Apache 2.x, +when using reverse proxying to an SSL server, allows remote attackers +to cause a denial of service (segmentation fault). + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://nagoya.apache.org/bugzilla/show_bug.cgi?id=29964 +http://nagoya.apache.org/bugzilla/show_bug.cgi?id=30134 +http://marc.theaimsgroup.com/?l=apache-httpd-announce&m=109527608022322 +http://www.vuxml.org/freebsd/7b81fc47-239f-11d9-814e-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: apache"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"apache"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.0")>0 && ssvercheck(a:bver, b:"2.0.51")<0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_apache10.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_apache10.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_apache10.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,221 @@ +# +#VID 9fff8dc8-7aa7-11da-bf72-00123f589060 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56067); + script_cve_id("CVE-2005-3352"); + script_bugtraq_id(15834); + script_version ("$"); + name["english"] = "FreeBSD Ports: apache"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + apache + apache+mod_perl + apache_fp + apache+ipv6 + ru-apache + ru-apache+mod_ssl + apache+ssl + apache+mod_ssl + apache+mod_ssl+ipv6 + apache+mod_ssl+mod_accel + apache+mod_ssl+mod_accel+ipv6 + apache+mod_ssl+mod_accel+mod_deflate + apache+mod_ssl+mod_accel+mod_deflate+ipv6 + apache+mod_ssl+mod_deflate + apache+mod_ssl+mod_deflate+ipv6 + apache+mod_ssl+mod_snmp + apache+mod_ssl+mod_snmp+mod_accel + apache+mod_ssl+mod_snmp+mod_accel+ipv6 + apache+mod_ssl+mod_snmp+mod_deflate + apache+mod_ssl+mod_snmp+mod_deflate+ipv6 + apache+mod_ssl+mod_snmp+mod_accel+mod_deflate+ipv6 + +CVE-2005-3352 +Cross-site scripting (XSS) vulnerability in the mod_imap module allows +remote attackers to inject arbitrary web script or HTML via the +Referer when using image maps. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.apacheweek.com/features/security-13 +http://www.apacheweek.com/features/security-20 +http://www.vuxml.org/freebsd/9fff8dc8-7aa7-11da-bf72-00123f589060.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: apache"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"apache"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3")>=0 && ssvercheck(a:bver, b:"1.3.34_3")<0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"2.0.35")>=0 && ssvercheck(a:bver, b:"2.0.55_2")<0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"2.1")>=0 && ssvercheck(a:bver, b:"2.1.9_3")<0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"2.2")>=0 && ssvercheck(a:bver, b:"2.2.0_3")<0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_perl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.34_1")<0) { + security_note(0, data:"Package apache+mod_perl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache_fp"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package apache_fp version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package apache+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ru-apache"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.34+30.22_1")<0) { + security_note(0, data:"Package ru-apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ru-apache+mod_ssl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.34+30.22+2.8.25_1")<0) { + security_note(0, data:"Package ru-apache+mod_ssl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+ssl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.0")>=0 && ssvercheck(a:bver, b:"1.3.33.1.55_2")<0) { + security_note(0, data:"Package apache+ssl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.34+2.8.25_1")<0) { + security_note(0, data:"Package apache+mod_ssl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.34+2.8.25_1")<0) { + security_note(0, data:"Package apache+mod_ssl+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_accel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.34+2.8.25_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_accel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_accel+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.34+2.8.25_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_accel+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_accel+mod_deflate"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.34+2.8.25_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_accel+mod_deflate version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_accel+mod_deflate+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.34+2.8.25_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_accel+mod_deflate+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_deflate"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.34+2.8.25_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_deflate version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_deflate+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.34+2.8.25_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_deflate+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_snmp"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.34+2.8.25_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_snmp version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_snmp+mod_accel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.34+2.8.25_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_snmp+mod_accel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_snmp+mod_accel+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.34+2.8.25_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_snmp+mod_accel+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_snmp+mod_deflate"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.34+2.8.25_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_snmp+mod_deflate version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_snmp+mod_deflate+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.34+2.8.25_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_snmp+mod_deflate+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_snmp+mod_accel+mod_deflate+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.34+2.8.25_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_snmp+mod_accel+mod_deflate+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_apache11.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_apache11.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_apache11.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,210 @@ +# +#VID dc8c08c7-1e7c-11db-88cf-000c6ec775d9 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57145); + script_cve_id("CVE-2006-3747"); + script_version ("$"); + name["english"] = "FreeBSD Ports: apache"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + apache + apache+mod_perl + apache+ipv6 + apache_fp + ru-apache + ru-apache+mod_ssl + apache+ssl + apache+mod_ssl + apache+mod_ssl+ipv6 + apache+mod_ssl+mod_accel + apache+mod_ssl+mod_accel+ipv6 + apache+mod_ssl+mod_accel+mod_deflate + apache+mod_ssl+mod_accel+mod_deflate+ipv6 + apache+mod_ssl+mod_deflate + apache+mod_ssl+mod_deflate+ipv6 + apache+mod_ssl+mod_snmp + apache+mod_ssl+mod_snmp+mod_accel + apache+mod_ssl+mod_snmp+mod_accel+ipv6 + apache+mod_ssl+mod_snmp+mod_deflate + apache+mod_ssl+mod_snmp+mod_deflate+ipv6 + apache+mod_ssl+mod_snmp+mod_accel+mod_deflate+ipv6 + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://marc.theaimsgroup.com/?l=apache-httpd-announce&m=115409818602955 +http://www.vuxml.org/freebsd/dc8c08c7-1e7c-11db-88cf-000c6ec775d9.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: apache"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"apache"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.28")>=0 && ssvercheck(a:bver, b:"1.3.36_1")<0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"2.0.46")>=0 && ssvercheck(a:bver, b:"2.0.58_2")<0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"2.2.0")>=0 && ssvercheck(a:bver, b:"2.2.2_1")<0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_perl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.28")>=0 && ssvercheck(a:bver, b:"1.3.36_1")<0) { + security_note(0, data:"Package apache+mod_perl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.28")>=0 && ssvercheck(a:bver, b:"1.3.37")<0) { + security_note(0, data:"Package apache+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache_fp"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package apache_fp version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ru-apache"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package ru-apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ru-apache+mod_ssl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package ru-apache+mod_ssl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+ssl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.28")>=0 && ssvercheck(a:bver, b:"1.3.34.1.57_2")<0) { + security_note(0, data:"Package apache+ssl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.28")>=0 && ssvercheck(a:bver, b:"1.3.36+2.8.27_1")<0) { + security_note(0, data:"Package apache+mod_ssl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.28")>=0 && ssvercheck(a:bver, b:"1.3.36+2.8.27_1")<0) { + security_note(0, data:"Package apache+mod_ssl+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_accel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.28")>=0 && ssvercheck(a:bver, b:"1.3.36+2.8.27_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_accel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_accel+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.28")>=0 && ssvercheck(a:bver, b:"1.3.36+2.8.27_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_accel+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_accel+mod_deflate"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.28")>=0 && ssvercheck(a:bver, b:"1.3.36+2.8.27_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_accel+mod_deflate version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_accel+mod_deflate+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.28")>=0 && ssvercheck(a:bver, b:"1.3.36+2.8.27_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_accel+mod_deflate+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_deflate"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.28")>=0 && ssvercheck(a:bver, b:"1.3.36+2.8.27_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_deflate version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_deflate+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.28")>=0 && ssvercheck(a:bver, b:"1.3.36+2.8.27_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_deflate+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_snmp"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.28")>=0 && ssvercheck(a:bver, b:"1.3.36+2.8.27_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_snmp version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_snmp+mod_accel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.28")>=0 && ssvercheck(a:bver, b:"1.3.36+2.8.27_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_snmp+mod_accel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_snmp+mod_accel+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.28")>=0 && ssvercheck(a:bver, b:"1.3.36+2.8.27_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_snmp+mod_accel+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_snmp+mod_deflate"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.28")>=0 && ssvercheck(a:bver, b:"1.3.36+2.8.27_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_snmp+mod_deflate version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_snmp+mod_deflate+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.28")>=0 && ssvercheck(a:bver, b:"1.3.36+2.8.27_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_snmp+mod_deflate+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+mod_snmp+mod_accel+mod_deflate+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.28")>=0 && ssvercheck(a:bver, b:"1.3.36+2.8.27_1")<0) { + security_note(0, data:"Package apache+mod_ssl+mod_snmp+mod_accel+mod_deflate+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_apache12.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_apache12.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_apache12.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,85 @@ +# +#VID c115271d-602b-11dc-898c-001921ab2fa4 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58804); + script_cve_id("CVE-2007-3847", "CVE-2007-1863", "CVE-2006-5752", "CVE-2007-3304"); + script_version ("$"); + name["english"] = "FreeBSD Ports: apache"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: apache + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: apache"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"apache"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.2.0")>0 && ssvercheck(a:bver, b:"2.2.6")<0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"2.0.0")>0 && ssvercheck(a:bver, b:"2.0.61")<0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_apache13.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_apache13.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_apache13.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,92 @@ +# +#VID c84dc9ad-41f7-11dd-a4f9-00163e000016 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(61185); + script_cve_id("CVE-2007-6420", "CVE-2008-2364"); + script_version ("$"); + name["english"] = "FreeBSD Ports: apache"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: apache + +CVE-2007-6420 +Cross-site request forgery (CSRF) vulnerability in the +balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x +allows remote attackers to gain privileges via unpsecified vectors. +CVE-2008-2364 +The ap_proxy_http_process_response function in mod_proxy_http.c in the +mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not +limit the number of forwarded interim responses, which allows remote +HTTP servers to cause a denial of service (memory consumption) via a +large number of interim responses. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.apache.org/dist/httpd/Announcement2.2.html +http://www.vuxml.org/freebsd/c84dc9ad-41f7-11dd-a4f9-00163e000016.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: apache"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"apache"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.2.0")>0 && ssvercheck(a:bver, b:"2.2.9")<0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_apache2.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_apache2.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_apache2.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,113 @@ +# +#VID ca6c8f35-0a5f-11d9-ad6f-00061bc2ad93 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52383); + script_cve_id("CVE-2004-0492"); + script_version ("$"); + name["english"] = "FreeBSD Ports: apache"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + apache + apache13-ssl + apache13-modssl + apache13+ipv6 + apache13-modperl + +CVE-2004-0492 +Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache +1.3.25 to 1.3.31 allows remote attackers to cause a denial of service +(process crash) and possibly execute arbitrary code via a negative +Content-Length HTTP header field, which causes a large amount of data +to be copied. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.guninski.com/modproxy1.html +http://www.vuxml.org/freebsd/ca6c8f35-0a5f-11d9-ad6f-00061bc2ad93.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: apache"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"apache"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.31_1")<0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache13-ssl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.29.1.53_2")<=0) { + security_note(0, data:"Package apache13-ssl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache13-modssl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.31+2.8.18_4")<0) { + security_note(0, data:"Package apache13-modssl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache13+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.29_2")<=0) { + security_note(0, data:"Package apache13+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache13-modperl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.31")<=0) { + security_note(0, data:"Package apache13-modperl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_apache3.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_apache3.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_apache3.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,87 @@ +# +#VID 762d1c6d-0722-11d9-b45d-000c41e2cdad +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52388); + script_cve_id("CVE-2004-0786"); + script_version ("$"); + name["english"] = "FreeBSD Ports: apache"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: apache + +CVE-2004-0786 +The IPv6 URI parsing routines in the apr-util library for Apache +2.0.50 and earlier allow remote attackers to cause a denial of service +(child process crash) via a certain URI, as demonstrated using the +Codenomicon HTTP Test Tool. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://httpd.apache.org +http://www.vuxml.org/freebsd/762d1c6d-0722-11d9-b45d-000c41e2cdad.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: apache"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"apache"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.0")>=0 && ssvercheck(a:bver, b:"2.0.50_3")<0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_apache4.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_apache4.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_apache4.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,94 @@ +# +#VID 013fa252-0724-11d9-b45d-000c41e2cdad +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52389); + script_cve_id("CVE-2004-0809"); + script_version ("$"); + name["english"] = "FreeBSD Ports: apache"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + apache + mod_dav + +CVE-2004-0809 +The mod_dav module in Apache 2.0.50 and earlier allows remote +attackers to cause a denial of service (child process crash) via a +certain sequence of LOCK requests for a location that allows WebDAV +authoring access. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://nagoya.apache.org/bugzilla/show_bug.cgi?id=31183 +http://www.vuxml.org/freebsd/013fa252-0724-11d9-b45d-000c41e2cdad.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: apache"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"apache"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.0")>=0 && ssvercheck(a:bver, b:"2.0.50_3")<0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"mod_dav"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.0.3_1")<=0) { + security_note(0, data:"Package mod_dav version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_apache5.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_apache5.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_apache5.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,86 @@ +# +#VID 4d49f4ba-071f-11d9-b45d-000c41e2cdad +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52390); + script_cve_id("CVE-2004-0747"); + script_version ("$"); + name["english"] = "FreeBSD Ports: apache"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: apache + +CVE-2004-0747 +Buffer overflow in Apache 2.0.50 and earlier allows local users to +gain apache privileges via a .htaccess file that causes the overflow +during expansion of environment variables. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://lists.netsys.com/pipermail/full-disclosure/2004-September/026463.html +http://www.vuxml.org/freebsd/4d49f4ba-071f-11d9-b45d-000c41e2cdad.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: apache"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"apache"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.0")>=0 && ssvercheck(a:bver, b:"2.0.50_3")<0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_apache6.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_apache6.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_apache6.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,91 @@ +# +#VID 492f8896-70fa-11d8-873f-0020ed76ef5a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52461); + script_cve_id("CVE-2004-0113"); + script_bugtraq_id(9826); + script_version ("$"); + name["english"] = "FreeBSD Ports: apache"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: apache + +CVE-2004-0113 +Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 +allows remote attackers to cause a denial of service (memory +consumption) via plain HTTP requests to the SSL port of an SSL-enabled +server. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.apacheweek.com/features/security-20 +http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_io.c?r1=1.100.2.11&r2=1.100.2.12 +http://nagoya.apache.org/bugzilla/show_bug.cgi?id=27106 +http://marc.theaimsgroup.com/?l=apache-cvs&m=107869699329638 +http://www.vuxml.org/freebsd/492f8896-70fa-11d8-873f-0020ed76ef5a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: apache"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"apache"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.0")>=0 && ssvercheck(a:bver, b:"2.0.48_3")<=0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_apache7.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_apache7.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_apache7.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,116 @@ +# +#VID 09d418db-70fd-11d8-873f-0020ed76ef5a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52501); + script_cve_id("CVE-2003-0993"); + script_bugtraq_id(9829); + script_version ("$"); + name["english"] = "FreeBSD Ports: apache"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + apache + apache+mod_ssl + apache+ssl + ru-apache + ru-apache+mod_ssl + +CVE-2003-0993 +mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit +platforms, does not properly parse Allow/Deny rules using IP addresses +without a netmask, which could allow remote attackers to bypass +intended access restrictions. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://cvs.apache.org/viewcvs.cgi/apache-1.3/src/modules/standard/mod_access.c?r1=1.46&r2=1.47 +http://www.apacheweek.com/features/security-13 +http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23850 +http://marc.theaimsgroup.com/?l=apache-cvs&m=107869603013722 +http://www.vuxml.org/freebsd/09d418db-70fd-11d8-873f-0020ed76ef5a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: apache"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"apache"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.29_2")<0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.29+2.8.16_1")<0) { + security_note(0, data:"Package apache+mod_ssl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+ssl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.29.1.53_1")<0) { + security_note(0, data:"Package apache+ssl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ru-apache"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.29+30.19_1")<0) { + security_note(0, data:"Package ru-apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ru-apache+mod_ssl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.29+30.19+2.8.16_1")<0) { + security_note(0, data:"Package ru-apache+mod_ssl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_apache8.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_apache8.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_apache8.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,144 @@ +# +#VID 651996e0-fe07-11d9-8329-000e0c2e438a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(54439); + script_cve_id("CVE-2005-2088"); + script_bugtraq_id(14106); + script_version ("$"); + name["english"] = "FreeBSD Ports: apache"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + apache + apache+ipv6 + apache_fp + apache+ssl + apache+mod_perl + apache+mod_ssl + apache+mod_ssl+ipv6 + ru-apache + ru-apache+mod_ssl + +CVE-2005-2088 +Apache 2.0.45 and 1.3.29, when acting as an HTTP proxy, allows remote +attackers to poison the web cache, bypass web application firewall +protection, and conduct XSS attacks via an HTTP request with both a +'Transfer-Encoding: chunked' header and a Content-Length header, which +causes Apache to incorrectly handle and forward the body of the +request in a way that causes the receiving server to process it as a +separate HTTP request, aka 'HTTP Request Smuggling.' + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf +http://www.vuxml.org/freebsd/651996e0-fe07-11d9-8329-000e0c2e438a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: apache"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"apache"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.0.54_1")<0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"2.1.6_1")<0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>0) { + security_note(0, data:"Package apache+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache_fp"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>0) { + security_note(0, data:"Package apache_fp version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+ssl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.33.1.55_1")<0) { + security_note(0, data:"Package apache+ssl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_perl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.33_3")<0) { + security_note(0, data:"Package apache+mod_perl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>0) { + security_note(0, data:"Package apache+mod_ssl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"apache+mod_ssl+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>0) { + security_note(0, data:"Package apache+mod_ssl+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ru-apache"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>0) { + security_note(0, data:"Package ru-apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ru-apache+mod_ssl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>0) { + security_note(0, data:"Package ru-apache+mod_ssl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_apache9.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_apache9.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_apache9.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,86 @@ +# +#VID e936d612-253f-11da-bc01-000e0c2e438a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(55355); + script_cve_id("CVE-2005-1268"); + script_bugtraq_id(14366); + script_version ("$"); + name["english"] = "FreeBSD Ports: apache"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: apache + +CVE-2005-1268 +Off-by-one error in the mod_ssl Certificate Revocation List (CRL) +verification callback in Apache, when configured to use a CRL, allows +remote attackers to cause a denial of service (child process crash) +via a CRL that causes a buffer overflow of one null byte. + +Solution: +Update your system with the appropriate patches or +software upgrades. + + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: apache"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"apache"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2")>0 && ssvercheck(a:bver, b:"2.0.54_1")<0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_asterisk.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_asterisk.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_asterisk.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID 8b683bea-d49c-11da-a672-000e0c2e438a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56653); + script_cve_id("CVE-2006-1827"); + script_bugtraq_id(17561); + script_version ("$"); + name["english"] = "FreeBSD Ports: asterisk"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: asterisk + +CVE-2006-1827 +Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and +earlier allows remote attackers to execute arbitrary code via a length +value that passes a length check as a negative number, but triggers a +buffer overflow when it is used as an unsigned length. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.cipher.org.uk/index.php?p=advisories/Asterisk_Codec_Integer_Overflow_07-04-2006.advisory +http://www.vuxml.org/freebsd/8b683bea-d49c-11da-a672-000e0c2e438a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: asterisk"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"asterisk"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.2.7")<0) { + security_note(0, data:"Package asterisk version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_asterisk0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_asterisk0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_asterisk0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID 1c0def84-5fb1-11db-b2e9-0008c79fa3d2 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57531); + script_version ("$"); + name["english"] = "FreeBSD Ports: asterisk, asterisk-bristuff"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + asterisk + asterisk-bristuff + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.security-assessment.com/files/advisories/Asterisk_remote_heap_overflow.pdf +http://marc.theaimsgroup.com/?l=bugtraq&m=116121567530170 +http://www.vuxml.org/freebsd/1c0def84-5fb1-11db-b2e9-0008c79fa3d2.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: asterisk, asterisk-bristuff"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"asterisk"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.2.13")<0) { + security_note(0, data:"Package asterisk version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"asterisk-bristuff"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.2.13")<0) { + security_note(0, data:"Package asterisk-bristuff version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_awstats.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_awstats.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_awstats.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,113 @@ +# +#VID fdad8a87-7f94-11d9-a9e7-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52186); + script_cve_id("CVE-2005-0362", "CVE-2005-0363", "CVE-2005-0435", "CVE-2005-0436", "CVE-2005-0437", "CVE-2005-0438"); + script_bugtraq_id(12543,12545); + script_version ("$"); + name["english"] = "FreeBSD Ports: awstats"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: awstats + +CVE-2005-0362 +awstats.pl in AWStats 6.2 allows remote attackers to execute arbitrary +commands via shell metacharacters in the (1) 'pluginmode', (2) +'loadplugin', or (3) 'noloadplugin' parameters. + +CVE-2005-0363 +awstats.pl in AWStats 4.0 and 6.2 allows remote attackers to execute +arbitrary commands via shell metacharacters in the config parameter. + +CVE-2005-0435 +awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to read +server web logs by setting the loadplugin and pluginmode parameters to +rawlog. + +CVE-2005-0436 +Direct code injection vulnerability in awstats.pl in AWStats 6.3 and +6.4 allows remote attackers to execute portions of Perl code via the +PluginMode parameter. + +CVE-2005-0437 +Directory traversal vulnerability in awstats.pl in AWStats 6.3 and 6.4 +allows remote attackers to include arbitrary Perl modules via .. (dot +dot) sequences in the loadplugin parameter. + +CVE-2005-0438 +awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to obtain +sensitive information by setting the debug parameter. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://awstats.sourceforge.net/docs/awstats_changelog.txt +http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=294488 +http://packetstormsecurity.nl/0501-exploits/AWStatsVulnAnalysis.pdf +http://marc.theaimsgroup.com/?l=bugtraq&m=110840530924124 +http://www.vuxml.org/freebsd/fdad8a87-7f94-11d9-a9e7-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: awstats"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"awstats"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.4")<0) { + security_note(0, data:"Package awstats version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_awstats0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_awstats0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_awstats0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,89 @@ +# +#VID 0f5a2b4d-694b-11d9-a9e7-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52229); + script_cve_id("CVE-2005-0116"); + script_bugtraq_id(12270); + script_version ("$"); + name["english"] = "FreeBSD Ports: awstats"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: awstats + +CVE-2005-0116 +AWStats 6.1, and other versions before 6.3, allows remote attackers to +execute arbitrary commands via shell metacharacters in the configdir +parameter. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://awstats.sourceforge.net/docs/awstats_changelog.txt +http://www.idefense.com/application/poi/display?id=185&type=vulnerabilities&flashstatus=false +http://marc.theaimsgroup.com/?l=full-disclosure&m=110600949323439 +http://www.vuxml.org/freebsd/0f5a2b4d-694b-11d9-a9e7-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: awstats"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"awstats"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.3")<0) { + security_note(0, data:"Package awstats version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_awstats1.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_awstats1.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_awstats1.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,83 @@ +# +#VID e86fbb5f-0d04-11da-bc08-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(55051); + script_bugtraq_id(14525); + script_cve_id("CVE-2005-1527"); + script_version ("$"); + name["english"] = "FreeBSD Ports: awstats"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: awstats + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.idefense.com/application/poi/display?id=290&type=vulnerabilities +http://marc.theaimsgroup.com/?l=full-disclosure&m=112377934108902 +http://www.vuxml.org/freebsd/e86fbb5f-0d04-11da-bc08-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: awstats"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"awstats"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.5")<0) { + security_note(0, data:"Package awstats version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_awstats2.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_awstats2.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_awstats2.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,82 @@ +# +#VID 2df297a2-dc74-11da-a22b-000c6ec775d9 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56715); + script_version ("$"); + name["english"] = "FreeBSD Ports: awstats"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: awstats + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://awstats.sourceforge.net/awstats_security_news.php +http://secunia.com/advisories/19969/ +http://www.osreviews.net/reviews/comm/awstats +http://www.vuxml.org/freebsd/2df297a2-dc74-11da-a22b-000c6ec775d9.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: awstats"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"awstats"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.6")<0) { + security_note(0, data:"Package awstats version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_axel.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_axel.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_axel.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,86 @@ +# +#VID 0163b498-af54-11d9-acd0-000854d03344 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52131); + script_cve_id("CVE-2005-0390"); + script_bugtraq_id(13059); + script_version ("$"); + name["english"] = "FreeBSD Ports: axel"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: axel + +CVE-2005-0390 +Buffer overflow in the HTTP redirection capability in conn.c for Axel +before 1.0b may allow remote attackers to execute arbitrary code. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.debian.org/security/2005/dsa-706 +http://www.vuxml.org/freebsd/0163b498-af54-11d9-acd0-000854d03344.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: axel"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"axel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.0a_4")<0) { + security_note(0, data:"Package axel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_base.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_base.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_base.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,82 @@ +# +#VID f38c87a5-4a3e-11da-8ba2-0004614cc33d +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(55780); + script_cve_id("CVE-2005-3325"); + script_bugtraq_id(15199); + script_version ("$"); + name["english"] = "FreeBSD Ports: base"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: base + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/17314/ +http://www.vuxml.org/freebsd/f38c87a5-4a3e-11da-8ba2-0004614cc33d.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: base"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"base"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.2.1")<0) { + security_note(0, data:"Package base version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_bidwatcher.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_bidwatcher.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_bidwatcher.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID 74c86a29-81ef-11d9-a9e7-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52181); + script_cve_id("CVE-2005-0158"); + script_bugtraq_id(12590); + script_version ("$"); + name["english"] = "FreeBSD Ports: bidwatcher"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: bidwatcher + +CVE-2005-0158 +Format string vulnerability in bidwatcher before 1.3.17 allows remote +malicious web servers from eBay, or a spoofed eBay server, to cause a +denial of service and possibly execute arbitrary code via certain +responses. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.debian.org/security/2005/dsa-687 +http://www.vuxml.org/freebsd/74c86a29-81ef-11d9-a9e7-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: bidwatcher"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"bidwatcher"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.17")<0) { + security_note(0, data:"Package bidwatcher version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_bind.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_bind.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_bind.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,89 @@ +# +#VID f04cc5cb-2d0b-11d8-beaf-000a95c4d922 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52471); + script_bugtraq_id(9114); + script_cve_id("CVE-2003-0914"); + script_version ("$"); + name["english"] = "FreeBSD Ports: bind"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: bind + +CVE-2003-0914 +ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote +attackers to poison the cache via a malicious name server that returns +negative responses with a large TTL (time-to-live) value. + +Solution: +Update your system with the appropriate patches or +software upgrades. + + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: bind"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"bind"); +if(!isnull(bver) && revisions-lib(a:bver, b:"8.3")>=0 && ssvercheck(a:bver, b:"8.3.7")<0) { + security_note(0, data:"Package bind version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"8.4")>=0 && ssvercheck(a:bver, b:"8.4.3")<0) { + security_note(0, data:"Package bind version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_bind0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_bind0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_bind0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,89 @@ +# +#VID 947f4b14-1c89-11da-bc01-000e0c2e438a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(55221); + script_bugtraq_id(12364); + script_cve_id("CVE-2005-0033"); + script_version ("$"); + name["english"] = "FreeBSD Ports: bind"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: bind + +CVE-2005-0033 +Buffer overflow in the code for recursion and glue fetching in BIND +8.4.4 and 8.4.5 allows remote attackers to cause a denial of service +(crash) via queries that trigger the overflow in the q_usedns array +that tracks nameservers and addresses. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.uniras.gov.uk/niscc/docs/al-20050125-00059.html?lang=en +http://www.isc.org/sw/bind/bind-security.php +http://www.vuxml.org/freebsd/947f4b14-1c89-11da-bc01-000e0c2e438a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: bind"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"bind"); +if(!isnull(bver) && revisions-lib(a:bver, b:"8.4.4")>=0 && ssvercheck(a:bver, b:"8.4.6")<0) { + security_note(0, data:"Package bind version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_bind9.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_bind9.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_bind9.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,89 @@ +# +#VID 30e4ed7b-1ca6-11da-bc01-000e0c2e438a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(55220); + script_bugtraq_id(12365); + script_cve_id("CVE-2005-0034"); + script_version ("$"); + name["english"] = "FreeBSD Ports: bind9"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: bind9 + +CVE-2005-0034 +An 'incorrect assumption' in the authvalidated validator function in +BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a +denial of service (named server exit) via crafted DNS packets that +cause an internal consistency test (self-check) to fail. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.uniras.gov.uk/niscc/docs/al-20050125-00060.html?lang=en +http://www.isc.org/sw/bind/bind9.3.php#security +http://www.vuxml.org/freebsd/30e4ed7b-1ca6-11da-bc01-000e0c2e438a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: bind9"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"bind9"); +if(!isnull(bver) && revisions-lib(a:bver, b:"9.3.0")==0) { + security_note(0, data:"Package bind9 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_bind90.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_bind90.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_bind90.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,90 @@ +# +#VID ef3306fc-8f9b-11db-ab33-000e0c2e438a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57727); + script_cve_id("CVE-2006-4095", "CVE-2006-4096"); + script_version ("$"); + name["english"] = "FreeBSD Ports: bind9"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: bind9 + +CVE-2006-4095 +BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers +to cause a denial of service (crash) via certain SIG queries, which +cause an assertion failure when multiple RRsets are returned. + +CVE-2006-4096 +BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to +cause a denial of service (crash) via a flood of recursive queries, which +cause an INSIST failure when the response is received after the recursion +queue is empty. + +Solution: +Update your system with the appropriate patches or +software upgrades. + + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: bind9"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"bind9"); +if(!isnull(bver) && revisions-lib(a:bver, b:"9.0")>0 && ssvercheck(a:bver, b:"9.3.2.1")<0) { + security_note(0, data:"Package bind9 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_bmon.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_bmon.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_bmon.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,83 @@ +# +#VID 938f357c-16dd-11d9-bc4a-000c41e2cdad +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52356); + script_version ("$"); + name["english"] = "FreeBSD Ports: bmon"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: bmon + +bmon is configured setuid root, and executes +commands using the PATH environment variable, +allowing a local user to gain root priviledges. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.vuxml.org/freebsd/938f357c-16dd-11d9-bc4a-000c41e2cdad.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: bmon"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"bmon"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.2.1_2")<0) { + security_note(0, data:"Package bmon version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_bnc.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_bnc.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_bnc.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,90 @@ +# +#VID 9be819c6-4633-11d9-a9e7-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52283); + script_bugtraq_id(11647); + script_cve_id("CVE-2004-1052"); + script_version ("$"); + name["english"] = "FreeBSD Ports: bnc"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: bnc + +CVE-2004-1052 +Buffer overflow in the getnickuserhost function in BNC 2.8.9, and +possibly other versions, allows remote IRC servers to execute +arbitrary code via an IRC server response that contains many (1) ! +(exclamation) or (2) @ (at sign) characters. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://security.lss.hr/en/index.php?page=details&ID=LSS-2004-11-03 +http://www.gotbnc.com/changes.html +http://marc.theaimsgroup.com/?l=bugtraq&m=110011817627839 +http://www.vuxml.org/freebsd/9be819c6-4633-11d9-a9e7-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: bnc"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"bnc"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.9.1")<0) { + security_note(0, data:"Package bnc version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_bogofilter.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_bogofilter.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_bogofilter.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,109 @@ +# +#VID f4428842-a583-4a4c-89b7-297c3459a1c3 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52321); + script_cve_id("CVE-2004-1007"); + script_version ("$"); + name["english"] = "FreeBSD Ports: bogofilter, bogofilter-qdbm, bogofilter-tdb, ru-bogofilter"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + bogofilter + bogofilter-qdbm + bogofilter-tdb + ru-bogofilter + +CVE-2004-1007 +The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows +remote attackers to cause a denial of service (application crash) via +mail headers that cause a line feed (LF) to be replaced by a null byte +that is written to an incorrect memory address. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://bugs.debian.org/275373 +http://bogofilter.sourceforge.net/security/bogofilter-SA-2004-01 +http://article.gmane.org/gmane.mail.bogofilter.devel/3308 +http://article.gmane.org/gmane.mail.bogofilter.devel/3317 +http://www.vuxml.org/freebsd/f4428842-a583-4a4c-89b7-297c3459a1c3.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: bogofilter, bogofilter-qdbm, bogofilter-tdb, ru-bogofilter"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"bogofilter"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.17.4")>=0 && ssvercheck(a:bver, b:"0.92.8")<0) { + security_note(0, data:"Package bogofilter version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"bogofilter-qdbm"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.17.4")>=0 && ssvercheck(a:bver, b:"0.92.8")<0) { + security_note(0, data:"Package bogofilter-qdbm version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"bogofilter-tdb"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.17.4")>=0 && ssvercheck(a:bver, b:"0.92.8")<0) { + security_note(0, data:"Package bogofilter-tdb version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ru-bogofilter"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.17.4")>=0 && ssvercheck(a:bver, b:"0.92.8")<0) { + security_note(0, data:"Package ru-bogofilter version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_bogofilter0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_bogofilter0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_bogofilter0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID b747b2a9-7be0-11da-8ec4-0002b3b60e4c +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56104); + script_bugtraq_id(16171); + script_cve_id("CVE-2005-4592"); + script_version ("$"); + name["english"] = "FreeBSD Ports: bogofilter"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: bogofilter + +CVE-2005-4592 +Heap-based buffer overflow in bogofilter and bogolexer 0.96.2 allows +remote attackers to cause a denial of service (crash) and possibly +execute arbitrary code via words that are longer than the input buffer +used by flex. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://bogofilter.sourceforge.net/security/bogofilter-SA-2005-02 +http://www.vuxml.org/freebsd/b747b2a9-7be0-11da-8ec4-0002b3b60e4c.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: bogofilter"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"bogofilter"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.96.2")>=0 && ssvercheck(a:bver, b:"0.96.3")<0) { + security_note(0, data:"Package bogofilter version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_bogofilter1.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_bogofilter1.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_bogofilter1.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,90 @@ +# +#VID 92140bc9-7bde-11da-8ec4-0002b3b60e4c +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56105); + script_bugtraq_id(16171); + script_cve_id("CVE-2005-4591"); + script_version ("$"); + name["english"] = "FreeBSD Ports: bogofilter"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: bogofilter + +CVE-2005-4591 +Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, +0.94.12, and other versions from 0.93.5 to 0.96.2, when using Unicode +databases, allows remote attackers to cause a denial of service +(crash) and possibly execute arbitrary code via 'invalid input +sequences' that lead to heap corruption when bogofilter or bogolexer +converts character sets. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://bogofilter.sourceforge.net/security/bogofilter-SA-2005-01 +http://www.vuxml.org/freebsd/92140bc9-7bde-11da-8ec4-0002b3b60e4c.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: bogofilter"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"bogofilter"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.93.5")>=0 && ssvercheck(a:bver, b:"0.96.3")<0) { + security_note(0, data:"Package bogofilter version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_bugzilla.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_bugzilla.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_bugzilla.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,103 @@ +# +#VID 97c3a452-6e36-11d9-8324-000a95bc6fae +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52209); + script_bugtraq_id(12154); + script_cve_id("CVE-2004-1061"); + script_version ("$"); + name["english"] = "FreeBSD Ports: bugzilla, ja-bugzilla"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + bugzilla + ja-bugzilla + +CVE-2004-1061 +Cross-site scripting (XSS) vulnerability in unknown versions of +Bugzilla allows remote attackers to inject arbitrary HTML and web +script via unknown attack vectors. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.bugzilla.org/security/2.16.7-nr/ +https://bugzilla.mozilla.org/show_bug.cgi?id=272620 +http://www.vuxml.org/freebsd/97c3a452-6e36-11d9-8324-000a95bc6fae.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: bugzilla, ja-bugzilla"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"bugzilla"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.16.8")<0) { + security_note(0, data:"Package bugzilla version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"2.17")>=0 && ssvercheck(a:bver, b:"2.18")<0) { + security_note(0, data:"Package bugzilla version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ja-bugzilla"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.16.8")<0) { + security_note(0, data:"Package ja-bugzilla version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"2.17")>=0 && ssvercheck(a:bver, b:"2.18")<0) { + security_note(0, data:"Package ja-bugzilla version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_bugzilla0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_bugzilla0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_bugzilla0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,89 @@ +# +#VID 6e33f4ab-efed-11d9-8310-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(54208); + script_version ("$"); + name["english"] = "FreeBSD Ports: bugzilla, ja-bugzilla"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + bugzilla + ja-bugzilla + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.bugzilla.org/security/2.18.1/ +https://bugzilla.mozilla.org/show_bug.cgi?id=292544 +https://bugzilla.mozilla.org/show_bug.cgi?id=293159 +http://www.vuxml.org/freebsd/6e33f4ab-efed-11d9-8310-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: bugzilla, ja-bugzilla"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"bugzilla"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.17.1")>=0 && ssvercheck(a:bver, b:"2.18.2")<0) { + security_note(0, data:"Package bugzilla version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ja-bugzilla"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.17.1")>=0 && ssvercheck(a:bver, b:"2.18.2")<0) { + security_note(0, data:"Package ja-bugzilla version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_bugzilla1.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_bugzilla1.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_bugzilla1.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,80 @@ +# +#VID 46f7b598-a781-11da-906a-fde5cdde365e +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56351); + script_version ("$"); + name["english"] = "FreeBSD Ports: bugzilla"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: bugzilla + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.bugzilla.org/security/2.18.4/ +http://www.vuxml.org/freebsd/46f7b598-a781-11da-906a-fde5cdde365e.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: bugzilla"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"bugzilla"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2")>=0 && ssvercheck(a:bver, b:"2.20.1")<0) { + security_note(0, data:"Package bugzilla version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_bugzilla2.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_bugzilla2.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_bugzilla2.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,108 @@ +# +#VID 6d68618a-7199-11db-a2ad-000c6ec775d9 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57578); + script_cve_id("CVE-2006-5453", "CVE-2006-5454", "CVE-2006-5455"); + script_version ("$"); + name["english"] = "FreeBSD Ports: bugzilla, ja-bugzilla"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + bugzilla + ja-bugzilla + +CVE-2006-5453 +Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.18.x +before 2.18.6, 2.20.x before 2.20.3, 2.22.x before 2.22.1, and 2.23.x +before 2.23.3 allow remote authenticated users to inject arbitrary web +script or HTML via (1) page headers using the H1, H2, and H3 HTML tags +in global/header.html.tmpl, (2) description fields of certain items in +various edit cgi scripts, and (3) the id parameter in +showdependencygraph.cgi. +CVE-2006-5454 +Bugzilla 2.18.x before 2.18.6, 2.20.x before 2.20.3, 2.22.x before +2.22.1, and 2.23.x before 2.23.3 allow remote attackers to obtain (1) +the description of arbitrary attachments by viewing the attachment in +'diff' mode in attachment.cgi, and (2) the deadline field by viewing +the XML format of the bug in show_bug.cgi. +CVE-2006-5455 +Cross-site request forgery (CSRF) vulnerability in editversions.cgi in +Bugzilla before 2.22.1 and 2.23.x before 2.23.3 allows user-assisted +remote attackers to create, modify, or delete arbitrary bug reports +via a crafted URL. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.bugzilla.org/security/2.18.5/ +http://www.vuxml.org/freebsd/6d68618a-7199-11db-a2ad-000c6ec775d9.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: bugzilla, ja-bugzilla"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"bugzilla"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2")>0 && ssvercheck(a:bver, b:"2.22.1")<0) { + security_note(0, data:"Package bugzilla version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ja-bugzilla"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2")>0 && ssvercheck(a:bver, b:"2.22.1")<0) { + security_note(0, data:"Package ja-bugzilla version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_bugzilla3.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_bugzilla3.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_bugzilla3.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,97 @@ +# +#VID 75231c63-f6a2-499d-8e27-787773bda284 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58794); + script_cve_id("CVE-2007-4538", "CVE-2007-4539", "CVE-2007-4543"); + script_bugtraq_id(25425); + script_version ("$"); + name["english"] = "FreeBSD Ports: bugzilla, ja-bugzilla"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + bugzilla + ja-bugzilla + bugzilla2 + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.bugzilla.org/security/2.20.4/ +http://www.vuxml.org/freebsd/75231c63-f6a2-499d-8e27-787773bda284.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: bugzilla, ja-bugzilla"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"bugzilla"); +if(!isnull(bver) && revisions-lib(a:bver, b:"3.0.1")<0) { + security_note(0, data:"Package bugzilla version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ja-bugzilla"); +if(!isnull(bver) && revisions-lib(a:bver, b:"3.0.1")<0) { + security_note(0, data:"Package ja-bugzilla version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"bugzilla2"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.22.3")<0) { + security_note(0, data:"Package bugzilla2 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_bugzilla4.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_bugzilla4.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_bugzilla4.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,82 @@ +# +#VID f8d3689e-6770-11dc-8be8-02e0185f8d72 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58798); + script_version ("$"); + name["english"] = "FreeBSD Ports: bugzilla"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: bugzilla + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.bugzilla.org/security/3.0.1/ +http://www.vuxml.org/freebsd/f8d3689e-6770-11dc-8be8-02e0185f8d72.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: bugzilla"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"bugzilla"); +if(!isnull(bver) && revisions-lib(a:bver, b:"3.0.2")<0) { + security_note(0, data:"Package bugzilla version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_bugzilla5.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_bugzilla5.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_bugzilla5.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,95 @@ +# +#VID 1d96305d-6ae6-11dd-91d5-000c29d47fd7 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(61454); + script_version ("$"); + name["english"] = "FreeBSD Ports: bugzilla, ja-bugzilla"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + bugzilla + ja-bugzilla + +Solution: +Update your system with the appropriate patches or +software upgrades. + +https://bugzilla.mozilla.org/show_bug.cgi?id=437169 +http://www.vuxml.org/freebsd/1d96305d-6ae6-11dd-91d5-000c29d47fd7.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: bugzilla, ja-bugzilla"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"bugzilla"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.22.1")>=0 && ssvercheck(a:bver, b:"2.22.4")<0) { + security_note(0, data:"Package bugzilla version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"3")>=0 && ssvercheck(a:bver, b:"3.0.4")<0) { + security_note(0, data:"Package bugzilla version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ja-bugzilla"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.22.1")>=0 && ssvercheck(a:bver, b:"2.22.4")<0) { + security_note(0, data:"Package ja-bugzilla version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"3")>=0 && ssvercheck(a:bver, b:"3.0.4")<0) { + security_note(0, data:"Package ja-bugzilla version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_bzip2.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_bzip2.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_bzip2.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,90 @@ +# +#VID 197f444f-e8ef-11d9-b875-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(53972); + script_cve_id("CVE-2005-0953", "CVE-2005-1260"); + script_version ("$"); + name["english"] = "FreeBSD Ports: bzip2"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: bzip2 + +CVE-2005-0953 +Race condition in bzip2 1.0.2 and earlier allows local users to modify +permissions of arbitrary files via a hard link attack on a file while +it is being decompressed, whose permissions are changed by bzip2 after +the decompression is complete. + +CVE-2005-1260 +bzip2 allows remote attackers to cause a denial of service (hard drive +consumption) via a crafted bzip2 file that causes an infinite loop +(a.k.a 'decompression bomb'). + +Solution: +Update your system with the appropriate patches or +software upgrades. + + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: bzip2"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"bzip2"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.0.3_1")<0) { + security_note(0, data:"Package bzip2 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_bzip20.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_bzip20.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_bzip20.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,89 @@ +# +#VID 063399fc-f6d6-11dc-bcee-001c2514716c +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(60632); + script_cve_id("CVE-2008-1372"); + script_bugtraq_id(28286); + script_version ("$"); + name["english"] = "FreeBSD Ports: bzip2"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: bzip2 + +CVE-2008-1372 +bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to +cause a denial of service (crash) via a crafted file that triggers a +buffer over-read, as demonstrated by the PROTOS GENOME test suite for +Archive Formats. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +https://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html +http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/ +http://www.vuxml.org/freebsd/063399fc-f6d6-11dc-bcee-001c2514716c.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: bzip2"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"bzip2"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.0.5")<0) { + security_note(0, data:"Package bzip2 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_c-ares.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_c-ares.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_c-ares.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,83 @@ +# +#VID 70ae62b0-16b0-11dc-b803-0016179b2dd5 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58842); + script_version ("$"); + name["english"] = "FreeBSD Ports: c-ares"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: c-ares + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/25579/ +http://cool.haxx.se/cvs.cgi/curl/ares/CHANGES?rev=HEAD&content-type=text/vnd.viewcvs-markup +http://www.vuxml.org/freebsd/70ae62b0-16b0-11dc-b803-0016179b2dd5.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: c-ares"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"c-ares"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.4.0")<0) { + security_note(0, data:"Package c-ares version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cabextract.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cabextract.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cabextract.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,87 @@ +# +#VID 61480a9a-22b2-11d9-814e-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52333); + script_bugtraq_id(11460); + script_cve_id("CVE-2004-0916"); + script_version ("$"); + name["english"] = "FreeBSD Ports: cabextract"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cabextract + +CVE-2004-0916 +Directory traversal vulnerability in cabextract before 1.1 allows +remote attackers to overwrite arbitrary files via a cabinet file +containing .. (dot dot) sequences in a filename. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.kyz.uklinux.net/cabextract.php#changes +http://www.vuxml.org/freebsd/61480a9a-22b2-11d9-814e-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cabextract"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cabextract"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.1")<0) { + security_note(0, data:"Package cabextract version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cacti.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cacti.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cacti.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID ca543e06-207a-11d9-814e-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52338); + script_bugtraq_id(10960); + script_cve_id("CVE-2004-1736", "CVE-2004-1737"); + script_version ("$"); + name["english"] = "FreeBSD Ports: cacti"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cacti + +Cacti is a frontend to RRDTool. It suffers from +a path disclosure as well as a SQL injection vulnerability. +By default, FreeBSD systems are not vulnerable to the +SQL injection vulnerability unless 'magic_quotes_gpc' is +enabled in the php.ini file. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://marc.theaimsgroup.com/?l=full-disclosure&m=109269427427368 +http://www.vuxml.org/freebsd/ca543e06-207a-11d9-814e-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cacti"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cacti"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.6")<0) { + security_note(0, data:"Package cacti version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cacti0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cacti0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cacti0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,80 @@ +# +#VID 96948a6a-e239-11d9-83cf-0010dc5df42d +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(53064); + script_version ("$"); + name["english"] = "FreeBSD Ports: cacti"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cacti + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.cacti.net/release_notes_0_8_6e.php +http://www.vuxml.org/freebsd/96948a6a-e239-11d9-83cf-0010dc5df42d.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cacti"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cacti"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.6d")<=0) { + security_note(0, data:"Package cacti version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cacti1.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cacti1.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cacti1.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,83 @@ +# +#VID 1cf00643-ed8a-11d9-8310-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(53999); + script_version ("$"); + name["english"] = "FreeBSD Ports: cacti"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cacti + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.hardened-php.net/advisory-032005.php +http://www.hardened-php.net/advisory-042005.php +http://www.hardened-php.net/advisory-052005.php +http://marc.theaimsgroup.com/?l=bugtraq&m=111954136315248 +http://www.vuxml.org/freebsd/1cf00643-ed8a-11d9-8310-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cacti"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cacti"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.6f")<0) { + security_note(0, data:"Package cacti version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cacti2.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cacti2.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cacti2.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,81 @@ +# +#VID 79c1154d-d5a5-11da-8098-00123ffe8333 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56649); + script_version ("$"); + name["english"] = "FreeBSD Ports: cacti"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cacti + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/18276/ +http://secunia.com/advisories/17418/ +http://www.vuxml.org/freebsd/79c1154d-d5a5-11da-8098-00123ffe8333.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cacti"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cacti"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.6h")<0) { + security_note(0, data:"Package cacti version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cacti3.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cacti3.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cacti3.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,81 @@ +# +#VID 41da2ba4-a24e-11db-bd24-000f3dcc6a5d +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57779); + script_version ("$"); + name["english"] = "FreeBSD Ports: cacti"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cacti + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/23528/ +http://forums.cacti.net/about18846-0-asc-0.html +http://www.vuxml.org/freebsd/41da2ba4-a24e-11db-bd24-000f3dcc6a5d.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cacti"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cacti"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.6i.4")<0) { + security_note(0, data:"Package cacti version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cacti4.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cacti4.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cacti4.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,80 @@ +# +#VID f951cf4a-a1fe-11db-98f9-0004aca3703d +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58112); + script_version ("$"); + name["english"] = "FreeBSD Ports: cacti"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cacti + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.cacti.net/download_patches.php?version=0.8.6i +http://www.vuxml.org/freebsd/f951cf4a-a1fe-11db-98f9-0004aca3703d.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cacti"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cacti"); +if(!isnull(bver) && revisions-lib(a:bver, b:"cacti-0.8.6i_1")<0) { + security_note(0, data:"Package cacti version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cacti5.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cacti5.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cacti5.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,80 @@ +# +#VID dea7df85-d96c-11dc-9bfc-000e0c092e7a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(60394); + script_version ("$"); + name["english"] = "FreeBSD Ports: cacti"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cacti + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://forums.cacti.net/about25749.html +http://www.vuxml.org/freebsd/dea7df85-d96c-11dc-9bfc-000e0c092e7a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cacti"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cacti"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.7b")<0) { + security_note(0, data:"Package cacti version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cdf3.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cdf3.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cdf3.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,80 @@ +# +#VID c4f31e16-6e33-11dd-8eb7-0011098ad87f +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(61449); + script_version ("$"); + name["english"] = "FreeBSD Ports: cdf3"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cdf3 + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://cdf.gsfc.nasa.gov/CDF32_buffer_overflow.html +http://www.vuxml.org/freebsd/c4f31e16-6e33-11dd-8eb7-0011098ad87f.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cdf3"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cdf3"); +if(!isnull(bver) && revisions-lib(a:bver, b:"3.2.1")<0) { + security_note(0, data:"Package cdf3 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cdrdao.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cdrdao.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cdrdao.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID d51a7e6e-c546-11d9-9aed-000e0c2e438a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52719); + script_version ("$"); + name["english"] = "FreeBSD Ports: cdrdao"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cdrdao + +A priviledge escalation attack in cdrdao allows a +local user to gain root access if cdrdao is setuid +root. The default configuration is not vulnerable, +since the default is to NOT have this software +installed as setuid root. + +Solution: +Update your system with the appropriate patches or +software upgrades, or ensure that cdrdao is not +setuid root. + +http://secunia.com/advisories/15354/ +http://sourceforge.net/forum/forum.php?forum_id=466399 +http://www.vuxml.org/freebsd/d51a7e6e-c546-11d9-9aed-000e0c2e438a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cdrdao"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cdrdao"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.2.0")<0) { + security_note(0, data:"Package cdrdao version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cfengine.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cfengine.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cfengine.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,83 @@ +# +#VID 8688d5cd-328c-11da-a263-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(55483); + script_bugtraq_id(14994); + script_cve_id("CVE-2005-2960"); + script_version ("$"); + name["english"] = "FreeBSD Ports: cfengine"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cfengine + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.debian.org/security/2005/dsa-835 +http://www.debian.org/security/2005/dsa-836 +http://www.vuxml.org/freebsd/8688d5cd-328c-11da-a263-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cfengine"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cfengine"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>0) { + security_note(0, data:"Package cfengine version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_clamav.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_clamav.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_clamav.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,93 @@ +# +#VID 70b62f5e-9e2e-11d9-a256-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52148); + script_cve_id("CVE-2005-0133"); + script_bugtraq_id(12408); + script_version ("$"); + name["english"] = "FreeBSD Ports: clamav"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + clamav + clamav-devel + +CVE-2005-0133 +ClamAV 0.80 and earlier allows remote attackers to cause a denial of +service (clamd daemon crash) via a Zip file with malformed headers. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://sourceforge.net/project/shownotes.php?release_id=300116 +http://www.vuxml.org/freebsd/70b62f5e-9e2e-11d9-a256-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: clamav"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"clamav"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.81")<0) { + security_note(0, data:"Package clamav version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"clamav-devel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"20050408")<0) { + security_note(0, data:"Package clamav-devel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_clamav0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_clamav0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_clamav0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,91 @@ +# +#VID 74a9541d-5d6c-11d8-80e3-0020ed76ef5a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52449); + script_cve_id("CVE-2004-0270"); + script_bugtraq_id(9610); + script_version ("$"); + name["english"] = "FreeBSD Ports: clamav"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: clamav + +CVE-2004-0270 +libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a +denial of service (crash) via a uuencoded e-mail message with an +invalid line length (e.g., a lowercase character), which causes an +assert error in clamd that terminates the calling program. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.osvdb.org/3894 +http://secunia.com/advisories/10826 +http://xforce.iss.net/xforce/xfdb/15077 +http://www.securityfocus.com/archive/1/353186 +http://www.vuxml.org/freebsd/74a9541d-5d6c-11d8-80e3-0020ed76ef5a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: clamav"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"clamav"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.65_7")<0) { + security_note(0, data:"Package clamav version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_clamav1.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_clamav1.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_clamav1.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,96 @@ +# +#VID d8e1aadd-ee68-11d9-8310-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(54182); + script_bugtraq_id(14089); + script_cve_id("CVE-2005-1923"); + script_version ("$"); + name["english"] = "FreeBSD Ports: clamav"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + clamav + clamav-devel + +CVE-2005-1923 +The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, +and other versions vefore 0.86, allows remote attackers to cause a +denial of service (CPU consumption by infinite loop) via a cabinet +(CAB) file with the cffile_FolderOffset field set to 0xff, which +causes a zero-length read. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://marc.theaimsgroup.com/?l=bugtraq&m=112006456809016 +http://www.vuxml.org/freebsd/d8e1aadd-ee68-11d9-8310-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: clamav"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"clamav"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.86")<0) { + security_note(0, data:"Package clamav version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"clamav-devel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"20050620")<0) { + security_note(0, data:"Package clamav-devel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_clamav10.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_clamav10.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_clamav10.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,87 @@ +# +#VID eb5124a4-8a20-11db-b033-00123ffe8333 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57708); + script_version ("$"); + name["english"] = "FreeBSD Ports: clamav"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + clamav clamav-devel + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/23347/ +http://www.quantenblog.net/security/virus-scanner-bypass +http://www.vuxml.org/freebsd/eb5124a4-8a20-11db-b033-00123ffe8333.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: clamav"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"clamav"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.88.7")<0) { + security_note(0, data:"Package clamav version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"clamav-devel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"20061029")<=0) { + security_note(0, data:"Package clamav-devel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_clamav11.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_clamav11.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_clamav11.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,82 @@ +# +#VID b6f6da57-680a-11dc-b350-001921ab2fa4 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58795); + script_cve_id("CVE-2007-4510"); + script_bugtraq_id(25398); + script_version ("$"); + name["english"] = "FreeBSD Ports: clamav"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: clamav + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: clamav"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"clamav"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.91.2")<0) { + security_note(0, data:"Package clamav version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_clamav12.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_clamav12.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_clamav12.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,83 @@ +# +#VID 903654bd-1927-11dc-b8a0-02e0185f8d72 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58839); + script_cve_id("CVE-2007-2650", "CVE-2007-3023", "CVE-2007-3024", "CVE-2007-3122", "CVE-2007-3123"); + script_version ("$"); + name["english"] = "FreeBSD Ports: clamav"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: clamav + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://news.gmane.org/gmane.comp.security.virus.clamav.devel/cutoff=2853 +http://www.vuxml.org/freebsd/903654bd-1927-11dc-b8a0-02e0185f8d72.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: clamav"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"clamav"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.90.3")<0) { + security_note(0, data:"Package clamav version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_clamav13.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_clamav13.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_clamav13.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID be4b0529-dbaf-11dc-9791-000ea6702141 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(60393); + script_cve_id("CVE-2008-0318"); + script_version ("$"); + name["english"] = "FreeBSD Ports: clamav"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: clamav + +CVE-2008-0318 +Integer overflow in libclamav in ClamAV before 0.92.1, as used in +clamd, allows remote attackers to cause a denial of service and +possibly execute arbitrary code via a crafted Petite packed PE file, +which triggers a heap-based buffer overflow. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=658 +http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog +http://www.vuxml.org/freebsd/be4b0529-dbaf-11dc-9791-000ea6702141.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: clamav"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"clamav"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.92")>=0 && ssvercheck(a:bver, b:"0.92.1")<0) { + security_note(0, data:"Package clamav version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_clamav14.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_clamav14.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_clamav14.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,98 @@ +# +#VID 589d8053-0b03-11dd-b4ef-00e07dc4ec84 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(60833); + script_cve_id("CVE-2008-1100", "CVE-2008-1387"); + script_version ("$"); + name["english"] = "FreeBSD Ports: clamav"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + clamav + clamav-devel + +CVE-2008-1100 +Buffer overflow in the cli_scanpe function in libclamav +(libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to +execute arbitrary code via a crafted Upack PE file. + +CVE-2008-1387 +ClamAV before 0.93 allows remote attackers to cause a denial of +service (CPU consumption) via a crafted ARJ archive, as demonstrated +by the PROTOS GENOME test suite for Archive Formats. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/29000 +http://www.vuxml.org/freebsd/589d8053-0b03-11dd-b4ef-00e07dc4ec84.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: clamav"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"clamav"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.93")<0) { + security_note(0, data:"Package clamav version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"clamav-devel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"20080415")<0) { + security_note(0, data:"Package clamav-devel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_clamav2.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_clamav2.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_clamav2.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,95 @@ +# +#VID 6d18fe19-ee67-11d9-8310-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(54183); + script_bugtraq_id(14090); + script_cve_id("CVE-2005-1922"); + script_version ("$"); + name["english"] = "FreeBSD Ports: clamav"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + clamav + clamav-devel + +CVE-2005-1922 +The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 +allows remote attackers to cause a denial of service (file descriptor +and memory consumption) via a crafted file that causes repeated errors +in the cli_msexpand function. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://marc.theaimsgroup.com/?l=bugtraq&m=112006402411598 +http://www.vuxml.org/freebsd/6d18fe19-ee67-11d9-8310-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: clamav"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"clamav"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.86")<0) { + security_note(0, data:"Package clamav version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"clamav-devel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"20050620")<0) { + security_note(0, data:"Package clamav-devel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_clamav3.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_clamav3.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_clamav3.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,86 @@ +# +#VID 1db7ecf5-fd24-11d9-b4d6-0007e900f87b +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(54431); + script_version ("$"); + name["english"] = "FreeBSD Ports: clamav"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: clamav clamav-devel + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.rem0te.com/public/images/clamav.pdf +http://secunia.com/advisories/16180/ +http://www.vuxml.org/freebsd/1db7ecf5-fd24-11d9-b4d6-0007e900f87b.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: clamav"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"clamav"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.86.2")<0) { + security_note(0, data:"Package clamav version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"clamav-devel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"20050704")<=0) { + security_note(0, data:"Package clamav-devel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_clamav4.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_clamav4.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_clamav4.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,98 @@ +# +#VID 271498a9-2cd4-11da-a263-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(55418); + script_cve_id("CVE-2005-2919", "CVE-2005-2920"); + script_version ("$"); + name["english"] = "FreeBSD Ports: clamav"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + clamav + clamav-devel + +CVE-2005-2919 +libclamav/fsg.c in Clam AntiVirus (ClamAV) before 0.87 allows remote +attackers to cause a denial of service (infinite loop) via a crafted +FSG packed executable. + +CVE-2005-2920 +Buffer overflow in libclamav/upx.c in Clam AntiVirus (ClamAV) before +0.87 allows remote attackers to execute arbitrary code via a crafted +UPX packed executable. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.gentoo.org/security/en/glsa/glsa-200509-13.xml +http://www.vuxml.org/freebsd/271498a9-2cd4-11da-a263-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: clamav"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"clamav"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.87")<0) { + security_note(0, data:"Package clamav version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"clamav-devel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"20050917")<0) { + security_note(0, data:"Package clamav-devel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_clamav5.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_clamav5.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_clamav5.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,86 @@ +# +#VID 612a34ec-81dc-11da-a043-0002a5c3d308 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56102); + script_version ("$"); + name["english"] = "FreeBSD Ports: clamav"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: clamav clamav-devel + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/18379/ +http://lurker.clamav.net/message/20060109.213247.a16ae8db.en.html +http://www.vuxml.org/freebsd/612a34ec-81dc-11da-a043-0002a5c3d308.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: clamav"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"clamav"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.88")<0) { + security_note(0, data:"Package clamav version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"clamav-devel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"20060110")<0) { + security_note(0, data:"Package clamav-devel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_clamav6.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_clamav6.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_clamav6.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,108 @@ +# +#VID 6a5174bd-c580-11da-9110-00123ffe8333 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56515); + script_cve_id("CVE-2006-1614", "CVE-2006-1615", "CVE-2006-1630"); + script_version ("$"); + name["english"] = "FreeBSD Ports: clamav"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + clamav + clamav-devel + +CVE-2006-1614 +Integer overflow in the cli_scanpe function in the PE header parser +(libclamav/pe.c) in Clam AntiVirus (ClamAV) before 0.88.1, when +ArchiveMaxFileSize is disabled, allows remote attackers to cause a +denial of service and possibly execute arbitrary code. + +CVE-2006-1615 +Multiple format string vulnerabilities in the logging code in Clam +AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to +execute arbitrary code. NOTE: as of 20060410, it is unclear whether +this is a vulnerability, as there is some evidence that the arguments +are actually being sanitized properly. + +CVE-2006-1630 +The cli_bitset_set function in libclamav/others.c in Clam AntiVirus +(ClamAV) before 0.88.1 allows remote attackers to cause a denial of +service via unspecified vectors that trigger an 'invalid memory +access.' + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/19534/ +http://www.us.debian.org/security/2006/dsa-1024 +http://www.vuxml.org/freebsd/6a5174bd-c580-11da-9110-00123ffe8333.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: clamav"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"clamav"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.88.1")<0) { + security_note(0, data:"Package clamav version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"clamav-devel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"20051104_1")<=0) { + security_note(0, data:"Package clamav-devel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_clamav7.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_clamav7.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_clamav7.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,95 @@ +# +#VID b088bf48-da3b-11da-93e0-00123ffe8333 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56647); + script_bugtraq_id(17754); + script_cve_id("CVE-2006-1989"); + script_version ("$"); + name["english"] = "FreeBSD Ports: clamav"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + clamav + clamav-devel + +CVE-2006-1989 +Buffer overflow in the get_database function in the HTTP client in +Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers +sites to execute arbitrary code via long HTTP headers. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.clamav.net/security/0.88.2.html +http://secunia.com/advisories/19880/ +http://www.vuxml.org/freebsd/b088bf48-da3b-11da-93e0-00123ffe8333.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: clamav"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"clamav"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.80")>=0 && ssvercheck(a:bver, b:"0.88.2")<0) { + security_note(0, data:"Package clamav version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"clamav-devel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"20040826")>=0 && ssvercheck(a:bver, b:"20060502")<0) { + security_note(0, data:"Package clamav-devel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_clamav8.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_clamav8.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_clamav8.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID 342d2e48-26db-11db-9275-000475abc56f +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57260); + script_cve_id("CVE-2006-4018"); + script_version ("$"); + name["english"] = "FreeBSD Ports: clamav"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + clamav + clamav-devel + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.clamav.net/security/0.88.4.html +http://www.vuxml.org/freebsd/342d2e48-26db-11db-9275-000475abc56f.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: clamav"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"clamav"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.88.1")>=0 && ssvercheck(a:bver, b:"0.88.4")<0) { + security_note(0, data:"Package clamav version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"clamav-devel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"20060808")<0) { + security_note(0, data:"Package clamav-devel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_clamav9.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_clamav9.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_clamav9.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,89 @@ +# +#VID 8012a79d-5d21-11db-bb8d-00123ffe8333 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57507); + script_version ("$"); + name["english"] = "FreeBSD Ports: clamav"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + clamav + clamav-devel + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/22370/ +http://lurker.clamav.net/message/20061016.015114.dc6a8930.en.html +http://sourceforge.net/project/shownotes.php?release_id=455799 +http://www.vuxml.org/freebsd/8012a79d-5d21-11db-bb8d-00123ffe8333.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: clamav"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"clamav"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.88.5")<0) { + security_note(0, data:"Package clamav version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"clamav-devel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"20060922")<=0) { + security_note(0, data:"Package clamav-devel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_claws-mail.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_claws-mail.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_claws-mail.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,96 @@ +# +#VID d9867f50-54d0-11dc-b80b-0016179b2dd5 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58810); + script_version ("$"); + name["english"] = "FreeBSD Ports: claws-mail, sylpheed-claws"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + claws-mail + sylpheed-claws + sylpheed2 + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/26550/ +http://secunia.com/secunia_research/2007-70/advisory/ +http://www.vuxml.org/freebsd/d9867f50-54d0-11dc-b80b-0016179b2dd5.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: claws-mail, sylpheed-claws"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"claws-mail"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.10.0_3")<0) { + security_note(0, data:"Package claws-mail version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"sylpheed-claws"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.10.0_3")<0) { + security_note(0, data:"Package sylpheed-claws version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"sylpheed2"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.4.4_1")<0) { + security_note(0, data:"Package sylpheed2 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_claws-mail0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_claws-mail0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_claws-mail0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,83 @@ +# +#VID c389d06d-ee57-11db-bd51-0016179b2dd5 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58860); + script_cve_id("CVE-2007-1558"); + script_version ("$"); + name["english"] = "FreeBSD Ports: claws-mail"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: claws-mail + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.claws-mail.org/news.php +http://www.vuxml.org/freebsd/c389d06d-ee57-11db-bd51-0016179b2dd5.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: claws-mail"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"claws-mail"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.9.0")<0) { + security_note(0, data:"Package claws-mail version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_claws-mail1.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_claws-mail1.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_claws-mail1.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,89 @@ +# +#VID a59afa47-c930-11dc-810c-0016179b2dd5 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(60228); + script_cve_id("CVE-2007-6208"); + script_bugtraq_id(26676); + script_version ("$"); + name["english"] = "FreeBSD Ports: claws-mail"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: claws-mail + +CVE-2007-6208 +sylprint.pl in claws mail tools (claws-mail-tools) allows local users +to overwrite arbitrary files via a symlink attack on the +sylprint.[USER].[PID] temporary file. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.gentoo.org/security/en/glsa/glsa-200801-03.xml +http://security.gentoo.org/glsa/glsa-200801-03.xml +http://secunia.com/advisories/27897 +http://www.vuxml.org/freebsd/a59afa47-c930-11dc-810c-0016179b2dd5.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: claws-mail"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"claws-mail"); +if(!isnull(bver) && revisions-lib(a:bver, b:"3.0.2")>0) { + security_note(0, data:"Package claws-mail version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_coppermine.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_coppermine.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_coppermine.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID 756db070-b9d4-11d9-ae81-000ae42e9b93 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52543); + script_cve_id("CVE-2005-1172"); + script_bugtraq_id(13218); + script_version ("$"); + name["english"] = "FreeBSD Ports: coppermine"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: coppermine + +CVE-2005-1172 +Cross-site scripting (XSS) vulnerability in init.inc.php in Coppermine +Photo Gallery 1.3.x allows remote attackers to inject arbitrary web +script or HTML via the X-Forwarded-For parameter. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://coppermine.sourceforge.net/board/index.php?topic=17134.0 +http://www.securityfocus.com/archive/1/396080 +http://www.vuxml.org/freebsd/756db070-b9d4-11d9-ae81-000ae42e9b93.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: coppermine"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"coppermine"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.2")<0) { + security_note(0, data:"Package coppermine version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_coppermine0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_coppermine0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_coppermine0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,81 @@ +# +#VID 0b628470-e9a6-11da-b9f4-00123ffe8333 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56771); + script_version ("$"); + name["english"] = "FreeBSD Ports: coppermine"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: coppermine + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://sourceforge.net/project/shownotes.php?group_id=89658&release_id=418266 +http://secunia.com/advisories/20211/ +http://www.vuxml.org/freebsd/0b628470-e9a6-11da-b9f4-00123ffe8333.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: coppermine"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"coppermine"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.4.6")<0) { + security_note(0, data:"Package coppermine version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_coppermine1.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_coppermine1.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_coppermine1.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,90 @@ +# +#VID 6738977b-e9a5-11da-b9f4-00123ffe8333 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56772); + script_bugtraq_id(17570); + script_cve_id("CVE-2006-1909"); + script_version ("$"); + name["english"] = "FreeBSD Ports: coppermine"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: coppermine + +CVE-2006-1909 +Directory traversal vulnerability in index.php in Coppermine 1.4.4 +allows remote attackers to read arbitrary files via a .//./ (modified +dot dot slash) in the file parameter, which causes a regular +expression to collapse the sequences into standard '../' sequences. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://coppermine-gallery.net/forum/index.php?topic=30655.0 +http://myimei.com/security/2006-04-14/copperminephotogallery144-plugininclusionsystemindexphp-remotefileinclusion-attack.html +http://secunia.com/advisories/19665/ +http://www.vuxml.org/freebsd/6738977b-e9a5-11da-b9f4-00123ffe8333.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: coppermine"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"coppermine"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.4.5")<0) { + security_note(0, data:"Package coppermine version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_coppermine2.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_coppermine2.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_coppermine2.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,94 @@ +# +#VID 77cceaef-e9a4-11da-b9f4-00123ffe8333 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56773); + script_cve_id("CVE-2006-0872", "CVE-2006-0873"); + script_version ("$"); + name["english"] = "FreeBSD Ports: coppermine"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: coppermine + +CVE-2006-0872 +Directory traversal vulnerability in init.inc.php in Coppermine Photo +Gallery 1.4.3 and earlier allows remote attackers to include arbitrary +files via a .. (dot dot) sequence and trailing NULL (%00) byte in the +lang parameter. + +CVE-2006-0873 +Absolute path traversal vulnerability in docs/showdocs.php in +Coppermine Photo Gallery 1.4.3 and earlier allows remote attackers to +include arbitrary files via the f parameter, and possibly remote files +using UNC share pathnames. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://retrogod.altervista.org/cpg_143_adv.html +http://secunia.com/advisories/18941/ +http://www.vuxml.org/freebsd/77cceaef-e9a4-11da-b9f4-00123ffe8333.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: coppermine"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"coppermine"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.4.4")<0) { + security_note(0, data:"Package coppermine version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_coppermine3.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_coppermine3.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_coppermine3.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,82 @@ +# +#VID 12488805-6773-11dc-8be8-02e0185f8d72 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58796); + script_version ("$"); + name["english"] = "FreeBSD Ports: coppermine"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: coppermine + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://coppermine-gallery.net/forum/index.php?topic=46847.0 +http://www.vuxml.org/freebsd/12488805-6773-11dc-8be8-02e0185f8d72.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: coppermine"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"coppermine"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.4.13")<0) { + security_note(0, data:"Package coppermine version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_coppermine4.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_coppermine4.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_coppermine4.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,104 @@ +# +#VID 9f581778-e3d4-11dc-bb89-000bcdc1757a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(60453); + script_cve_id("CVE-2008-0504", "CVE-2008-0505", "CVE-2008-0506"); + script_version ("$"); + name["english"] = "FreeBSD Ports: coppermine"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: coppermine + +CVE-2008-0504 +Multiple SQL injection vulnerabilities in Coppermine Photo Gallery +(CPG) before 1.4.15 allow remote attackers to execute arbitrary SQL +commands via unspecified parameters to (1) util.php and (2) +reviewcom.php. NOTE: some of these details are obtained from third +party information. + +CVE-2008-0505 +Multiple cross-site scripting (XSS) vulnerabilities in +docs/showdoc.php in Coppermine Photo Gallery (CPG) before 1.4.15 allow +remote attackers to inject arbitrary web script or HTML via the (1) h +and (2) t parameters. NOTE: some of these details are obtained from +third party information. + +CVE-2008-0506 +include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) +before 1.4.15, when the ImageMagick picture processing method is +configured, allows remote attackers to execute arbitrary commands via +shell metacharacters in the (1) quality, (2) angle, or (3) clipval +parameter to picEditor.php. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://coppermine-gallery.net/forum/index.php?topic=48106.0 +http://coppermine-gallery.net/forum/index.php?topic=50103.0 +http://secunia.com/advisories/28682/ +http://www.vuxml.org/freebsd/9f581778-e3d4-11dc-bb89-000bcdc1757a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: coppermine"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"coppermine"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.4.15")<0) { + security_note(0, data:"Package coppermine version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_courier-authlib.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_courier-authlib.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_courier-authlib.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,80 @@ +# +#VID 022baf71-38e6-11dd-8d34-00e0815b8da8 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(61192); + script_version ("$"); + name["english"] = "FreeBSD Ports: courier-authlib"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: courier-authlib + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/30591/ +http://www.vuxml.org/freebsd/022baf71-38e6-11dd-8d34-00e0815b8da8.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: courier-authlib"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"courier-authlib"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.60.6")<0) { + security_note(0, data:"Package courier-authlib version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_courier-imap.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_courier-imap.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_courier-imap.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID 616cf823-f48b-11d8-9837-000c41e2cdad +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52418); + script_cve_id("CVE-2004-0777"); + script_bugtraq_id(10976); + script_version ("$"); + name["english"] = "FreeBSD Ports: courier-imap"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: courier-imap + +CVE-2004-0777 +Format string vulnerability in the auth_debug function in Courier-IMAP +1.6.0 to 2.2.1, when login debugging (DEBUG_LOGIN) is enabled, allows +remote attackers to execute arbitrary code. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.idefense.com/application/poi/display?id=131&type=vulnerabilities&flashstatus=false +http://lists.netsys.com/pipermail/full-disclosure/2004-August/025478.html +http://www.vuxml.org/freebsd/616cf823-f48b-11d8-9837-000c41e2cdad.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: courier-imap"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"courier-imap"); +if(!isnull(bver) && revisions-lib(a:bver, b:"3.0.7,1")<0) { + security_note(0, data:"Package courier-imap version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_courier.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_courier.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_courier.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,105 @@ +# +#VID 98bd69c3-834b-11d8-a41f-0020ed76ef5a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52431); + script_cve_id("CVE-2004-0224"); + script_bugtraq_id(9845); + script_version ("$"); + name["english"] = "FreeBSD Ports: courier"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + courier + courier-imap + sqwebmail + +CVE-2004-0224 +Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for +Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before +4.0.0 may allow remote attackers to execute arbitrary code 'when +Unicode character is out of BMP range.' + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://cvs.sourceforge.net/viewcvs.py/courier/libs/unicode/iso2022jp.c?rev=1.10&view=markup +http://cvs.sourceforge.net/viewcvs.py/courier/libs/unicode/shiftjis.c?rev=1.6&view=markup +http://secunia.com/advisories/11087 +http://www.osvdb.org/4194 +http://www.osvdb.org/6927 +http://www.vuxml.org/freebsd/98bd69c3-834b-11d8-a41f-0020ed76ef5a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: courier"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"courier"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.45")<0) { + security_note(0, data:"Package courier version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"courier-imap"); +if(!isnull(bver) && revisions-lib(a:bver, b:"3.0,1")<0) { + security_note(0, data:"Package courier-imap version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"sqwebmail"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.0")<0) { + security_note(0, data:"Package sqwebmail version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_crossfire-server.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_crossfire-server.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_crossfire-server.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID 86cc5c6f-d2b4-11da-a672-000e0c2e438a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56655); + script_cve_id("CVE-2006-1010"); + script_bugtraq_id(16883); + script_version ("$"); + name["english"] = "FreeBSD Ports: crossfire-server"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: crossfire-server + +CVE-2006-1010 +Buffer overflow in socket/request.c in CrossFire before 1.9.0, when +oldsocketmode is enabled, allows remote attackers to cause a denial of +service (segmentation fault) and possibly execute code by sending the +server a large request. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.frsirt.com/english/advisories/2006/0760 +http://www.vuxml.org/freebsd/86cc5c6f-d2b4-11da-a672-000e0c2e438a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: crossfire-server"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"crossfire-server"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.9.0")<0) { + security_note(0, data:"Package crossfire-server version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cscope.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cscope.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cscope.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,89 @@ +# +#VID a7bfd423-484f-11d9-a9e7-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52282); + script_cve_id("CVE-2004-0996"); + script_bugtraq_id(11697); + script_version ("$"); + name["english"] = "FreeBSD Ports: cscope"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cscope + +CVE-2004-0996 +main.c in cscope 15-4 and 15-5 creates temporary files with +predictable filenames, which allows local users to overwrite arbitrary +files via a symlink attack. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://sourceforge.net/tracker/index.php?func=detail&aid=1062807&group_id=4664&atid=104664 +http://marc.theaimsgroup.com/?l=bugtraq&m=110133485519690 +http://marc.theaimsgroup.com/?l=bugtraq&m=110072752707293 +http://www.vuxml.org/freebsd/a7bfd423-484f-11d9-a9e7-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cscope"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cscope"); +if(!isnull(bver) && revisions-lib(a:bver, b:"15.5_1")<0) { + security_note(0, data:"Package cscope version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cscope0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cscope0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cscope0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID 72d8df84-ea6d-11da-8a53-00123ffe8333 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56770); + script_bugtraq_id(11697); + script_cve_id("CVE-2004-2541"); + script_version ("$"); + name["english"] = "FreeBSD Ports: cscope"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cscope + +CVE-2004-2541 +Buffer overflow in Cscope 15.5, and possibly multiple overflows, +allows remote attackers to execute arbitrary code via a C file with a +long #include line that is later browsed by the target. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://sourceforge.net/tracker/index.php?func=detail&aid=1064875&group_id=4664&atid=104664 +http://secunia.com/advisories/13237 +http://www.vuxml.org/freebsd/72d8df84-ea6d-11da-8a53-00123ffe8333.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cscope"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cscope"); +if(!isnull(bver) && revisions-lib(a:bver, b:"15.5_2")<0) { + security_note(0, data:"Package cscope version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cscope1.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cscope1.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cscope1.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,84 @@ +# +#VID 74ff10f6-520f-11db-8f1a-000a48049292 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57466); + script_cve_id("CVE-2006-4262"); + script_bugtraq_id(19686,19687); + script_version ("$"); + name["english"] = "FreeBSD Ports: cscope"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cscope + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/21601 +http://sourceforge.net/mailarchive/forum.php?thread_id=30266760&forum_id=33500 +http://sourceforge.net/mailarchive/forum.php?thread_id=30266761&forum_id=33500 +http://www.vuxml.org/freebsd/74ff10f6-520f-11db-8f1a-000a48049292.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cscope"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cscope"); +if(!isnull(bver) && revisions-lib(a:bver, b:"15.6")<=0) { + security_note(0, data:"Package cscope version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cups-base.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cups-base.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cups-base.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,85 @@ +# +#VID 990cf07e-6988-11d9-a9e7-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52225); + script_bugtraq_id(12200); + script_version ("$"); + name["english"] = "FreeBSD Ports: cups-base"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cups-base + +The cups server is vulnerable to a denial of +service error when processing a URL containing +'/..' + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.cups.org/str.php?L1042 +http://www.vuxml.org/freebsd/990cf07e-6988-11d9-a9e7-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cups-base"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cups-base"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.1.21")>=0 && ssvercheck(a:bver, b:"1.1.23")<0) { + security_note(0, data:"Package cups-base version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cups-base0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cups-base0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cups-base0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,95 @@ +# +#VID 40a3bca2-6809-11d9-a9e7-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52232); + script_cve_id("CVE-2004-1267"); + script_bugtraq_id(11968); + script_version ("$"); + name["english"] = "FreeBSD Ports: cups-base, fr-cups-base"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + cups-base + fr-cups-base + +CVE-2004-1267 +Buffer overflow in the ParseCommand function in hpgl-input.c in the +hpgltops program for CUPS 1.1.22 allows remote attackers to execute +arbitrary code via a crafted HPGL file. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://tigger.uic.edu/~jlongs2/holes/cups.txt +http://www.cups.org/str.php?L1024 +http://www.vuxml.org/freebsd/40a3bca2-6809-11d9-a9e7-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cups-base, fr-cups-base"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cups-base"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.1.22.0_2")<0) { + security_note(0, data:"Package cups-base version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"fr-cups-base"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.1.22.0_2")<0) { + security_note(0, data:"Package fr-cups-base version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cups-base1.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cups-base1.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cups-base1.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,89 @@ +# +#VID 30cea6be-1d0c-11d9-814e-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52347); + script_bugtraq_id(11324); + script_cve_id("CVE-2004-0923"); + script_version ("$"); + name["english"] = "FreeBSD Ports: cups-base"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cups-base + +CVE-2004-0923 +CUPS 1.1.20 and earlier records authentication information for a +device URI in the error_log file, which allows local users to obtain +user names and passwords. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://docs.info.apple.com/article.html?artnum=61798 +http://secunia.com/advisories/12690/ +http://www.cups.org/str.php?L920 +http://www.vuxml.org/freebsd/30cea6be-1d0c-11d9-814e-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cups-base"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cups-base"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.1.22")<0) { + security_note(0, data:"Package cups-base version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cups-base2.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cups-base2.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cups-base2.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,87 @@ +# +#VID 05dcf751-0733-11d9-b45d-000c41e2cdad +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52387); + script_bugtraq_id(11183); + script_cve_id("CVE-2004-0558"); + script_version ("$"); + name["english"] = "FreeBSD Ports: cups-base"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cups-base + +CVE-2004-0558 +The Internet Printing Protocol (IPP) implementation in CUPS before +1.1.21 allows remote attackers to cause a denial of service (service +hang) via a certain UDP packet to the IPP port. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.cups.org/str.php?L863 +http://www.vuxml.org/freebsd/05dcf751-0733-11d9-b45d-000c41e2cdad.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cups-base"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cups-base"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.1.21")<0) { + security_note(0, data:"Package cups-base version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cups-base3.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cups-base3.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cups-base3.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,113 @@ +# +#VID 2747fc39-915b-11dc-9239-001c2514716c +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58763); + script_cve_id("CVE-2007-4352", "CVE-2007-5392", "CVE-2007-5393"); + script_bugtraq_id(26367); + script_version ("$"); + name["english"] = "FreeBSD Ports: cups-base"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + cups-base + gpdf + kdegraphics + koffice + poppler + xpdf + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cups-base"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cups-base"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.3_2")<0) { + security_note(0, data:"Package cups-base version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"gpdf"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>0) { + security_note(0, data:"Package gpdf version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"kdegraphics"); +if(!isnull(bver) && revisions-lib(a:bver, b:"3.5.8_1")<0) { + security_note(0, data:"Package kdegraphics version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"koffice"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.6.3_3,2")<0) { + security_note(0, data:"Package koffice version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"poppler"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.6")<0) { + security_note(0, data:"Package poppler version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"xpdf"); +if(!isnull(bver) && revisions-lib(a:bver, b:"3.02_5")<0) { + security_note(0, data:"Package xpdf version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cups-base4.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cups-base4.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cups-base4.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,83 @@ +# +#VID 8dd9722c-8e97-11dc-b8f6-001c2514716c +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58768); + script_cve_id("CVE-2007-4351"); + script_version ("$"); + name["english"] = "FreeBSD Ports: cups-base"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cups-base + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/secunia_research/2007-76/ +http://www.vuxml.org/freebsd/8dd9722c-8e97-11dc-b8f6-001c2514716c.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cups-base"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cups-base"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.3.3_1")<0) { + security_note(0, data:"Package cups-base version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cups-base5.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cups-base5.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cups-base5.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,84 @@ +# +#VID 39988ee8-1918-11dc-b6bd-0016179b2dd5 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58841); + script_cve_id("CVE-2007-0720"); + script_version ("$"); + name["english"] = "FreeBSD Ports: cups-base"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cups-base + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/24517/ +http://security.gentoo.org/glsa/glsa-200703-28.xml +http://www.vuxml.org/freebsd/39988ee8-1918-11dc-b6bd-0016179b2dd5.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cups-base"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cups-base"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.2.11")<0) { + security_note(0, data:"Package cups-base version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cups-lpr.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cups-lpr.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cups-lpr.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,107 @@ +# +#VID 7850a238-680a-11d9-a9e7-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52231); + script_cve_id("CVE-2004-1268", "CVE-2004-1269", "CVE-2004-1270"); + script_bugtraq_id(12007,12004); + script_version ("$"); + name["english"] = "FreeBSD Ports: cups-lpr, fr-cups-lpr"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + cups-lpr + fr-cups-lpr + +CVE-2004-1268 +lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS +passwd file, which allows local users to corrupt the file by filling +the associated file system and triggering the write errors. + +CVE-2004-1269 +lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it +encounters a file-size resource limit while writing to passwd.new, +which causes subsequent invocations of lppasswd to fail. + +CVE-2004-1270 +lppasswd in CUPS 1.1.22, when run in environments that do not ensure +that file descriptors 0, 1, and 2 are open when lppasswd is called, +does not verify that the passwd.new file is different from STDERR, +which allows local users to control output to passwd.new via certain +user input that triggers an error message. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.cups.org/str.php?L1023 +http://tigger.uic.edu/~jlongs2/holes/cups2.txt +http://www.vuxml.org/freebsd/7850a238-680a-11d9-a9e7-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cups-lpr, fr-cups-lpr"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cups-lpr"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.1.23")<0) { + security_note(0, data:"Package cups-lpr version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"fr-cups-lpr"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.1.23")<0) { + security_note(0, data:"Package fr-cups-lpr version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_curl.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_curl.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_curl.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,92 @@ +# +#VID 96df5fd0-8900-11d9-aa18-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52171); + script_cve_id("CVE-2005-0490"); + script_bugtraq_id(12615,12616); + script_version ("$"); + name["english"] = "FreeBSD Ports: curl"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: curl + +CVE-2005-0490 +Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and +possibly other versions, allow remote malicious web servers to execute +arbitrary code via base64 encoded replies that exceed the intended +buffer lengths when decoded, which is not properly handled by (1) the +Curl_input_ntlm function in http_ntlm.c during NTLM authentication or +(2) the Curl_krb_kauth and krb4_auth functions in krb4.c during +Kerberos authentication. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://marc.theaimsgroup.com/?l=bugtraq&m=110902850731457 +http://marc.theaimsgroup.com/?l=bugtraq&m=110902601221592 +http://www.vuxml.org/freebsd/96df5fd0-8900-11d9-aa18-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: curl"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"curl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"7.13.1")<0) { + security_note(0, data:"Package curl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_curl0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_curl0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_curl0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,84 @@ +# +#VID 9b4facec-6761-11da-99f6-00123ffe8333 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(55966); + script_cve_id("CVE-2005-4077"); + script_bugtraq_id(15756); + script_version ("$"); + name["english"] = "FreeBSD Ports: curl"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: curl + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://curl.haxx.se/docs/adv_20051207.html +http://www.hardened-php.net/advisory_242005.109.html +http://secunia.com/advisories/17907/ +http://www.vuxml.org/freebsd/9b4facec-6761-11da-99f6-00123ffe8333.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: curl"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"curl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"7.11.2")>=0 && ssvercheck(a:bver, b:"7.15.0")<0) { + security_note(0, data:"Package curl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_curl1.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_curl1.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_curl1.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,87 @@ +# +#VID b8e361b8-b7ff-11da-8414-0013d4a4a40e +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56451); + script_bugtraq_id(17154); + script_cve_id("CVE-2006-1061"); + script_version ("$"); + name["english"] = "FreeBSD Ports: curl"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: curl + +CVE-2006-1061 +Heap-based buffer overflow in cURL and libcURL 7.15.0 through 7.15.2 +allows remote attackers to execute arbitrary commands via a TFTP URL +(tftp://) with a valid hostname and a long path. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://curl.haxx.se/docs/adv_20060320.html +http://www.vuxml.org/freebsd/b8e361b8-b7ff-11da-8414-0013d4a4a40e.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: curl"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"curl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"7.15.0")>=0 && ssvercheck(a:bver, b:"7.15.3")<0) { + security_note(0, data:"Package curl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cvs+ipv6.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cvs+ipv6.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cvs+ipv6.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,123 @@ +# +#VID d2102505-f03d-11d8-81b0-000347a4fa7d +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52384); + script_cve_id("CVE-2004-0414", "CVE-2004-0416", "CVE-2004-0417", "CVE-2004-0418", "CVE-2004-0778"); + script_bugtraq_id(10499); + script_version ("$"); + name["english"] = "FreeBSD Ports: cvs+ipv6"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cvs+ipv6 + +CVE-2004-0414 +CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not +properly handle malformed 'Entry' lines, which prevents a NULL +terminator from being used and may lead to a denial of service +(crash), modification of critical program data, or arbitrary code +execution. + +CVE-2004-0416 +Double-free vulnerability for the error_prog_name string in CVS 1.12.x +through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers +to execute arbitrary code. + +CVE-2004-0417 +Integer overflow in the 'Max-dotdot' CVS protocol command +(serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through +1.11.16, may allow remote attackers to cause a server crash, which +could cause temporary data to remain undeleted and consume disk space. + +CVE-2004-0418 +serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, +does not properly handle empty data lines, which may allow remote +attackers to perform an 'out-of-bounds' write for a single byte to +execute arbitrary code or modify critical program data. + +CVE-2004-0778 +CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote +attackers to determine the existence of arbitrary files and +directories via the -X command for an alternate history file, which +causes different error messages to be returned. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/11817 +http://secunia.com/advisories/12309 +http://security.e-matters.de/advisories/092004.html +http://www.idefense.com/application/poi/display?id=130&type=vulnerabilities&flashstatus=false +https://ccvs.cvshome.org/source/browse/ccvs/NEWS?rev=1.116.2.104 +http://www.osvdb.org/6830 +http://www.osvdb.org/6831 +http://www.osvdb.org/6832 +http://www.osvdb.org/6833 +http://www.osvdb.org/6834 +http://www.osvdb.org/6835 +http://www.osvdb.org/6836 +http://www.vuxml.org/freebsd/d2102505-f03d-11d8-81b0-000347a4fa7d.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cvs+ipv6"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cvs+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.11.17")<0) { + security_note(0, data:"Package cvs+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cvs+ipv60.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cvs+ipv60.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cvs+ipv60.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,92 @@ +# +#VID 0792e7a7-8e37-11d8-90d1-0020ed76ef5a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52469); + script_cve_id("CVE-2004-0180", "CVE-2004-0405"); + script_version ("$"); + name["english"] = "FreeBSD Ports: cvs+ipv6"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cvs+ipv6 + +CVE-2004-0180 +The client for CVS before 1.11 allows a remote malicious CVS server to +create arbitrary files using certain RCS diff files that use absolute +pathnames during checkouts or updates, a different vulnerability than +CVE-2004-0405. + +CVE-2004-0405 +CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot +dot) sequences in filenames via CVS client requests, a different +vulnerability than CVE-2004-0180. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://ccvs.cvshome.org/servlets/NewsItemView?newsID=102 +http://www.vuxml.org/freebsd/0792e7a7-8e37-11d8-90d1-0020ed76ef5a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cvs+ipv6"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cvs+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.11.5_1")<=0) { + security_note(0, data:"Package cvs+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cvs+ipv61.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cvs+ipv61.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cvs+ipv61.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,84 @@ +# +#VID c5c17ead-8f23-11da-8c1d-000e0c2e438a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57561); + script_cve_id("CAN-2005-2693"); + script_version ("$"); + name["english"] = "FreeBSD Ports: cvs+ipv6"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cvs+ipv6 + +CAN-2005-2693 +cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely, +which allows local users to overwrite arbitrary files and execute +arbitrary code via a symlink attack. + +Solution: +Update your system with the appropriate patches or +software upgrades. + + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cvs+ipv6"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cvs+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.11.17_1")<0) { + security_note(0, data:"Package cvs+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cyrus-imapd.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cyrus-imapd.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cyrus-imapd.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,93 @@ +# +#VID b2d248ad-88f6-11d9-aa18-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52172); + script_cve_id("CVE-2005-0546"); + script_bugtraq_id(12636); + script_version ("$"); + name["english"] = "FreeBSD Ports: cyrus-imapd"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cyrus-imapd + +CVE-2005-0546 +Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow +attackers to execute arbitrary code via (1) an off-by-one error in the +imapd annotate extension, (2) an off-by-one error in 'cached header +handling,' (3) a stack-based buffer overflow in fetchnews, or (4) a +stack-based buffer overflow in imapd. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://asg.web.cmu.edu/cyrus/download/imapd/changes.html +http://www.vuxml.org/freebsd/b2d248ad-88f6-11d9-aa18-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cyrus-imapd"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cyrus-imapd"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.1.18")<0) { + security_note(0, data:"Package cyrus-imapd version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"2.2")>0 && ssvercheck(a:bver, b:"2.2.11")<0) { + security_note(0, data:"Package cyrus-imapd version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cyrus-imapd0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cyrus-imapd0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cyrus-imapd0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,86 @@ +# +#VID 31952117-3d17-11d9-8818-008088034841 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52294); + script_bugtraq_id(11729); + script_cve_id("CVE-2004-1011", "CVE-2004-1012", "CVE-2004-1013"); + script_version ("$"); + name["english"] = "FreeBSD Ports: cyrus-imapd"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cyrus-imapd + +The installed version of cyrus-imapd suffers from +remote code execution vulnerabilities that may allow +an attacker to execute arbitrary code on the system. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://security.e-matters.de/advisories/152004.html +http://www.vuxml.org/freebsd/31952117-3d17-11d9-8818-008088034841.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cyrus-imapd"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cyrus-imapd"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.2.7")>=0 && ssvercheck(a:bver, b:"2.2.8")<=0) { + security_note(0, data:"Package cyrus-imapd version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cyrus-imapd1.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cyrus-imapd1.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cyrus-imapd1.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,93 @@ +# +#VID c0a269d5-3d16-11d9-8818-008088034841 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52295); + script_bugtraq_id(11729); + script_cve_id("CVE-2004-1013"); + script_version ("$"); + name["english"] = "FreeBSD Ports: cyrus-imapd"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cyrus-imapd + +CVE-2004-1013 +The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x +through 2.2.8 allows remote authenticated users to execute arbitrary +code via certain commands such as (1) 'body[p', (2) 'binary[p', or (3) +'binary[p') that cause an index increment error that leads to an +out-of-bounds memory corruption. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://security.e-matters.de/advisories/152004.html +http://www.vuxml.org/freebsd/c0a269d5-3d16-11d9-8818-008088034841.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cyrus-imapd"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cyrus-imapd"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.1.17")<0) { + security_note(0, data:"Package cyrus-imapd version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"2.2")>=0 && ssvercheck(a:bver, b:"2.2.8")<=0) { + security_note(0, data:"Package cyrus-imapd version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cyrus-imapd2.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cyrus-imapd2.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cyrus-imapd2.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,92 @@ +# +#VID 114d70f3-3d16-11d9-8818-008088034841 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52296); + script_cve_id("CVE-2004-1012"); + script_version ("$"); + name["english"] = "FreeBSD Ports: cyrus-imapd"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cyrus-imapd + +CVE-2004-1012 +The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 +and earlier allows remote authenticated users to execute arbitrary +code via a certain command ('body[p') that is treated as a different +command ('body.peek') and causes an index increment error that leads +to an out-of-bounds memory corruption. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://security.e-matters.de/advisories/152004.html +http://www.vuxml.org/freebsd/114d70f3-3d16-11d9-8818-008088034841.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cyrus-imapd"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cyrus-imapd"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.1.17")<0) { + security_note(0, data:"Package cyrus-imapd version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"2.2")>=0 && ssvercheck(a:bver, b:"2.2.6")<=0) { + security_note(0, data:"Package cyrus-imapd version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cyrus-imapd3.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cyrus-imapd3.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cyrus-imapd3.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,87 @@ +# +#VID 816fdd8b-3d14-11d9-8818-008088034841 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52297); + script_cve_id("CVE-2004-1011"); + script_version ("$"); + name["english"] = "FreeBSD Ports: cyrus-imapd"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cyrus-imapd + +CVE-2004-1011 +Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, +with the imapmagicplus option enabled, allows remote attackers to +execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a +different vulnerability than CVE-2004-1015. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://security.e-matters.de/advisories/152004.html +http://www.vuxml.org/freebsd/816fdd8b-3d14-11d9-8818-008088034841.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cyrus-imapd"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cyrus-imapd"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.2.4")>=0 && ssvercheck(a:bver, b:"2.2.8")<=0) { + security_note(0, data:"Package cyrus-imapd version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cyrus-imspd.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cyrus-imspd.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cyrus-imspd.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,83 @@ +# +#VID 700d43b4-a42a-11d8-9c6d-0020ed76ef5a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52445); + script_version ("$"); + name["english"] = "FreeBSD Ports: cyrus-imspd"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cyrus-imspd + +The remote version of cyrus-imspd is vulnerable to +one or more remotely exploitable buffer overflows. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=25 +http://www.vuxml.org/freebsd/700d43b4-a42a-11d8-9c6d-0020ed76ef5a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cyrus-imspd"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cyrus-imspd"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.6a5")<0) { + security_note(0, data:"Package cyrus-imspd version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cyrus-sasl.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cyrus-sasl.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cyrus-sasl.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,85 @@ +# +#VID 0c592c4a-1bcc-11d9-a3ec-00061bd2d56f +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52353); + script_bugtraq_id(11347); + script_cve_id("CVE-2004-0884", "CVE-2005-0373"); + script_version ("$"); + name["english"] = "FreeBSD Ports: cyrus-sasl"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cyrus-sasl + +The Cyrus SASL DIGEST-MD5 plugin contains a potential +buffer overflow when quoting is required in the output. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c#rev1.171 +http://www.vuxml.org/freebsd/0c592c4a-1bcc-11d9-a3ec-00061bd2d56f.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cyrus-sasl"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cyrus-sasl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2")>=0 && ssvercheck(a:bver, b:"2.1.19")<0) { + security_note(0, data:"Package cyrus-sasl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cyrus-sasl0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cyrus-sasl0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cyrus-sasl0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,92 @@ +# +#VID 92268205-1947-11d9-bc4a-000c41e2cdad +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52354); + script_bugtraq_id(11347); + script_cve_id("CVE-2004-0884"); + script_version ("$"); + name["english"] = "FreeBSD Ports: cyrus-sasl"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cyrus-sasl + +CVE-2004-0884 +The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18 and +earlier trust the SASL_PATH environment variable to find all +available SASL plug-ins, which allows local users to execute arbitrary +code by modifying the SASL_PATH to point to malicious programs. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/lib/common.c#rev1.104 +http://www.vuxml.org/freebsd/92268205-1947-11d9-bc4a-000c41e2cdad.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cyrus-sasl"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cyrus-sasl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.5.28_3")<=0) { + security_note(0, data:"Package cyrus-sasl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"2")>=0 && ssvercheck(a:bver, b:"2.1.19")<=0) { + security_note(0, data:"Package cyrus-sasl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cyrus-sasl1.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cyrus-sasl1.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cyrus-sasl1.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,86 @@ +# +#VID 408f6ebf-d152-11da-962f-000b972eb521 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56620); + script_bugtraq_id(17446); + script_cve_id("CVE-2006-1721"); + script_version ("$"); + name["english"] = "FreeBSD Ports: cyrus-sasl"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cyrus-sasl + +CVE-2006-1721 +Unspecified vulnerability in digestmd5.c in the CMU Cyrus Simple +Authentication and Security Layer (SASL) library 2.1.18, and possibly +other versions before 2.1.21, has unknown impact and remote +unauthenticated attack vectors, related to DIGEST-MD5 negotiation. + +Solution: +Update your system with the appropriate patches or +software upgrades. + + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cyrus-sasl"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cyrus-sasl"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2")>=0 && ssvercheck(a:bver, b:"2.1.21")<0) { + security_note(0, data:"Package cyrus-sasl version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_cyrus.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_cyrus.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_cyrus.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,93 @@ +# +#VID 35f6fdf8-a425-11d8-9c6d-0020ed76ef5a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52444); + script_cve_id("CVE-2002-1580"); + script_bugtraq_id(6298); + script_version ("$"); + name["english"] = "FreeBSD Ports: cyrus"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: cyrus + +CVE-2002-1580 +Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 +allows remote attackers to execute arbitrary code via a large length +value that facilitates a buffer overflow attack, a different +vulnerability than CVE-2002-1347. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://marc.theaimsgroup.com/?l=bugtraq&m=103886607825605 +http://asg.web.cmu.edu/archive/message.php?mailbox=archive.info-cyrus&msg=19349 +http://www.vuxml.org/freebsd/35f6fdf8-a425-11d8-9c6d-0020ed76ef5a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: cyrus"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"cyrus"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.0.17")<0) { + security_note(0, data:"Package cyrus version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"2.1")>=0 && ssvercheck(a:bver, b:"2.1.11")<0) { + security_note(0, data:"Package cyrus version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_dbus.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_dbus.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_dbus.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,83 @@ +# +#VID 5b47b70d-8ba9-11db-81d5-00123ffe8333 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57730); + script_cve_id("CVE-2006-6107"); + script_version ("$"); + name["english"] = "FreeBSD Ports: dbus"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: dbus + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.freedesktop.org/wiki/Software/dbus +https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=218055 +http://secunia.com/advisories/23373/ +http://www.vuxml.org/freebsd/5b47b70d-8ba9-11db-81d5-00123ffe8333.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: dbus"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"dbus"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.0.2")<0) { + security_note(0, data:"Package dbus version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_de-netscape7.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_de-netscape7.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_de-netscape7.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,187 @@ +# +#VID 3fbf9db2-658b-11d9-abad-000a95bc6fae +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52235); + script_bugtraq_id(12131); + script_cve_id("CVE-2004-1316"); + script_version ("$"); + name["english"] = "mozilla -- heap overflow in NNTP handler"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + de-netscape7 + fr-netscape7 + ja-netscape7 + netscape7 + pt_BR-netscape7 + mozilla-gtk1 + linux-mozilla + linux-mozilla-devel + mozilla + de-linux-netscape + fr-linux-netscape + ja-linux-netscape + linux-netscape + mozilla+ipv6 + mozilla-embedded + mozilla-gtk2 + mozilla-gtk + +CVE-2004-1316 +Heap-based buffer overflow in MSG_UnEscapeSearchUrl in +nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote +attackers to cause a denial of service (application crash) via an NNTP +URL (news:) with a trailing '\' (backslash) character, which prevents +a string from being NULL terminated. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://isec.pl/vulnerabilities/isec-0020-mozilla.txt +http://marc.theaimsgroup.com/?l=bugtraq&m=110436284718949 +http://www.vuxml.org/freebsd/3fbf9db2-658b-11d9-abad-000a95bc6fae.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "mozilla -- heap overflow in NNTP handler"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"de-netscape7"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>0) { + security_note(0, data:"Package de-netscape7 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"fr-netscape7"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>0) { + security_note(0, data:"Package fr-netscape7 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ja-netscape7"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>0) { + security_note(0, data:"Package ja-netscape7 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"netscape7"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>0) { + security_note(0, data:"Package netscape7 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"pt_BR-netscape7"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>0) { + security_note(0, data:"Package pt_BR-netscape7 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"mozilla-gtk1"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.7.5")<0) { + security_note(0, data:"Package mozilla-gtk1 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"linux-mozilla"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.7.5")<0) { + security_note(0, data:"Package linux-mozilla version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"linux-mozilla-devel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.7.5")<0) { + security_note(0, data:"Package linux-mozilla-devel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"mozilla"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.7.5,2")<0) { + security_note(0, data:"Package mozilla version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"de-linux-netscape"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package de-linux-netscape version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"fr-linux-netscape"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package fr-linux-netscape version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ja-linux-netscape"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package ja-linux-netscape version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"linux-netscape"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package linux-netscape version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"mozilla+ipv6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package mozilla+ipv6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"mozilla-embedded"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package mozilla-embedded version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"mozilla-gtk2"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package mozilla-gtk2 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"mozilla-gtk"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>=0) { + security_note(0, data:"Package mozilla-gtk version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_dia.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_dia.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_dia.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,96 @@ +# +#VID b5fc63ad-c4c3-11da-9699-00123ffe8333 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56520); + script_bugtraq_id(17310); + script_cve_id("CVE-2006-1550"); + script_version ("$"); + name["english"] = "FreeBSD Ports: dia, dia-gnome"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + dia + dia-gnome + +CVE-2006-1550 +Multiple buffer overflows in the xfig import code (xfig-import.c) in +Dia 0.87 and later before 0.95-pre6 allow user-complicit attackers to +have an unknown impact via a crafted xfig file, possibly involving an +invalid (1) color index, (2) number of points, or (3) depth. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/19469/ +http://mail.gnome.org/archives/dia-list/2006-March/msg00149.html +http://www.vuxml.org/freebsd/b5fc63ad-c4c3-11da-9699-00123ffe8333.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: dia, dia-gnome"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"dia"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.86_1")>0 && ssvercheck(a:bver, b:"0.94_6,1")<0) { + security_note(0, data:"Package dia version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"dia-gnome"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.86_1")>0 && ssvercheck(a:bver, b:"0.94_6,1")<0) { + security_note(0, data:"Package dia-gnome version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_dillo.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_dillo.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_dillo.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,87 @@ +# +#VID 28ab7ddf-61ab-11d9-a9e7-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52246); + script_bugtraq_id(12203); + script_cve_id("CVE-2005-0012"); + script_version ("$"); + name["english"] = "FreeBSD Ports: dillo"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: dillo + +CVE-2005-0012 +Format string vulnerability in the a_Interface_msg function in Dillo +before 0.8.3-r4 allows remote attackers to execute arbitrary code via +format string specifiers in a web page. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://bugs.gentoo.org/show_bug.cgi?id=76665 +http://www.vuxml.org/freebsd/28ab7ddf-61ab-11d9-a9e7-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: dillo"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"dillo"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.3_1")<0) { + security_note(0, data:"Package dillo version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_dirproxy.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_dirproxy.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_dirproxy.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,91 @@ +# +#VID a1ef3fc0-8ad0-11dc-9490-0016179b2dd5 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58773); + script_cve_id("CVE-2007-5226"); + script_version ("$"); + name["english"] = "FreeBSD Ports: dirproxy"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + dirproxy + dirproxy-devel + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://dircproxy.securiweb.net/ticket/89 +https://bugzilla.redhat.com/show_bug.cgi?id=319301 +http://www.vuxml.org/freebsd/a1ef3fc0-8ad0-11dc-9490-0016179b2dd5.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: dirproxy"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"dirproxy"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.0.5_1")<0) { + security_note(0, data:"Package dirproxy version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"dirproxy-devel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.2.0.b2_1")<0) { + security_note(0, data:"Package dirproxy-devel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_distcc.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_distcc.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_distcc.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,87 @@ +# +#VID e8d4800f-1547-11d9-90a3-00010327614a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52363); + script_bugtraq_id(11319); + script_cve_id("CVE-2004-0601"); + script_version ("$"); + name["english"] = "FreeBSD Ports: distcc"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: distcc + +CVE-2004-0601 +distcc before 2.16, when running on 64-bit platforms, does not +interpret IP-based access control rules correctly, which could allow +remote attackers to bypass intended restrictions. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://distcc.samba.org/ftp/distcc/distcc-2.16.NEWS +http://www.vuxml.org/freebsd/e8d4800f-1547-11d9-90a3-00010327614a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: distcc"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"distcc"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.16")<0) { + security_note(0, data:"Package distcc version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_dnrd.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_dnrd.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_dnrd.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,79 @@ +# +#VID e72fd82b-fa01-11d9-bc08-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(54409); + script_cve_id("CVE-2005-2315", "CVE-2005-2316"); + script_version ("$"); + name["english"] = "FreeBSD Ports: dnrd"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: dnrd + +Solution: +Update your system with the appropriate patches or +software upgrades. + + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: dnrd"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"dnrd"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.19.1")<0) { + security_note(0, data:"Package dnrd version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_dokuwiki.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_dokuwiki.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_dokuwiki.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,82 @@ +# +#VID af8dba15-f4cc-11da-87a1-000c6ec775d9 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56888); + script_version ("$"); + name["english"] = "FreeBSD Ports: dokuwiki"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: dokuwiki + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.hardened-php.net/advisory_042006.119.html +http://bugs.splitbrain.org/index.php?do=details&id=823 +http://secunia.com/advisories/20429/ +http://www.vuxml.org/freebsd/af8dba15-f4cc-11da-87a1-000c6ec775d9.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: dokuwiki"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"dokuwiki"); +if(!isnull(bver) && revisions-lib(a:bver, b:"20060309_1")<0) { + security_note(0, data:"Package dokuwiki version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_dokuwiki0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_dokuwiki0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_dokuwiki0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,82 @@ +# +#VID 23573650-f99a-11da-994e-00142a5f241c +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56932); + script_version ("$"); + name["english"] = "FreeBSD Ports: dokuwiki"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: dokuwiki + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://bugs.splitbrain.org/index.php?do=details&id=820 +http://bugs.splitbrain.org/index.php?do=details&id=823 +http://bugs.splitbrain.org/index.php?do=details&id=825 +http://www.vuxml.org/freebsd/23573650-f99a-11da-994e-00142a5f241c.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: dokuwiki"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"dokuwiki"); +if(!isnull(bver) && revisions-lib(a:bver, b:"20060309_2")<0) { + security_note(0, data:"Package dokuwiki version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_dokuwiki1.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_dokuwiki1.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_dokuwiki1.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,89 @@ +# +#VID fcba5764-506a-11db-a5ae-00508d6a62df +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57471); + script_cve_id("CVE-2006-4674", "CVE-2006-4675", "CVE-2006-4679"); + script_bugtraq_id(19911); + script_version ("$"); + name["english"] = "FreeBSD Ports: dokuwiki"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + dokuwiki dokuwiki-devel + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/21819/ +http://bugs.splitbrain.org/index.php?do=details&id=906 +http://www.vuxml.org/freebsd/fcba5764-506a-11db-a5ae-00508d6a62df.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: dokuwiki"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"dokuwiki"); +if(!isnull(bver) && revisions-lib(a:bver, b:"20060309c")<0) { + security_note(0, data:"Package dokuwiki version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"dokuwiki-devel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"20060909")<0) { + security_note(0, data:"Package dokuwiki-devel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_dokuwiki2.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_dokuwiki2.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_dokuwiki2.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,90 @@ +# +#VID 450b76ee-5068-11db-a5ae-00508d6a62df +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57472); + script_cve_id("CVE-2006-5098", "CVE-2006-5099"); + script_version ("$"); + name["english"] = "FreeBSD Ports: dokuwiki"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + dokuwiki dokuwiki-devel + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/22192/ +http://secunia.com/advisories/22199/ +http://bugs.splitbrain.org/?do=details&id=924 +http://bugs.splitbrain.org/?do=details&id=926 +http://www.vuxml.org/freebsd/450b76ee-5068-11db-a5ae-00508d6a62df.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: dokuwiki"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"dokuwiki"); +if(!isnull(bver) && revisions-lib(a:bver, b:"20060309_5")<0) { + security_note(0, data:"Package dokuwiki version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"dokuwiki-devel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"20060609_2")<0) { + security_note(0, data:"Package dokuwiki-devel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_dokuwiki3.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_dokuwiki3.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_dokuwiki3.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,90 @@ +# +#VID cddde37a-39b5-11dc-b3da-001921ab2fa4 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58827); + script_cve_id("CVE-2007-3930"); + script_version ("$"); + name["english"] = "FreeBSD Ports: dokuwiki"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + dokuwiki + dokuwiki-devel + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://xforce.iss.net/xforce/xfdb/35501 +http://www.vuxml.org/freebsd/cddde37a-39b5-11dc-b3da-001921ab2fa4.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: dokuwiki"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"dokuwiki"); +if(!isnull(bver) && revisions-lib(a:bver, b:"20070626_1")<0) { + security_note(0, data:"Package dokuwiki version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"dokuwiki-devel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"20070524_1")<0) { + security_note(0, data:"Package dokuwiki-devel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_dovecot.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_dovecot.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_dovecot.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,80 @@ +# +#VID cf484358-b5d6-11dc-8de0-001c2514716c +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(60089); + script_version ("$"); + name["english"] = "FreeBSD Ports: dovecot"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: dovecot + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.dovecot.org/list/dovecot-news/2007-December/000057.html +http://www.vuxml.org/freebsd/cf484358-b5d6-11dc-8de0-001c2514716c.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: dovecot"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"dovecot"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.0.10")<0) { + security_note(0, data:"Package dovecot version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_dovecot0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_dovecot0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_dovecot0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,81 @@ +# +#VID b39bdc06-ee42-11dc-8678-00a0cce0781e +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(60528); + script_version ("$"); + name["english"] = "FreeBSD Ports: dovecot"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: dovecot + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://dovecot.org/list/dovecot-news/2008-March/000065.html +http://secunia.com/advisories/29295/ +http://www.vuxml.org/freebsd/b39bdc06-ee42-11dc-8678-00a0cce0781e.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: dovecot"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"dovecot"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.0.13")<0) { + security_note(0, data:"Package dovecot version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_drupal-pubcookie.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_drupal-pubcookie.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_drupal-pubcookie.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,80 @@ +# +#VID c0fd7890-4346-11db-89cc-000ae42e9b93 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57376); + script_version ("$"); + name["english"] = "FreeBSD Ports: drupal-pubcookie"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: drupal-pubcookie + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://drupal.org/node/83064 +http://www.vuxml.org/freebsd/c0fd7890-4346-11db-89cc-000ae42e9b93.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: drupal-pubcookie"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"drupal-pubcookie"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.6.0_20060210")<=0) { + security_note(0, data:"Package drupal-pubcookie version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_drupal.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_drupal.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_drupal.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,93 @@ +# +#VID f241641e-f5ea-11d9-a6db-000d608ed240 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(54366); + script_cve_id("CVE-2005-1921", "CVE-2005-2106"); + script_version ("$"); + name["english"] = "FreeBSD Ports: drupal"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: drupal + +CVE-2005-1921 +PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc), as used in +products such as WordPress, Serendipity, Drupal, egroupware, and +others, allows remote attackers to execute arbitrary PHP code via an +XML file, which is not properly sanitized before being used in an eval +statement. + +CVE-2005-2106 +Unknown vulnerability in Drupal 4.5.0 through 4.5.3, 4.6.0, and 4.6.1 +allows remote attackers to execute arbitrary PHP code via a public +comment or posting. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://drupal.org/files/sa-2005-002/advisory.txt +http://www.vuxml.org/freebsd/f241641e-f5ea-11d9-a6db-000d608ed240.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: drupal"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"drupal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.6.2")<0) { + security_note(0, data:"Package drupal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_drupal0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_drupal0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_drupal0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,83 @@ +# +#VID faca0843-6281-11da-8630-00123ffe8333 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(55937); + script_version ("$"); + name["english"] = "FreeBSD Ports: drupal"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: drupal + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://drupal.org/files/sa-2005-007/advisory.txt +http://drupal.org/files/sa-2005-008/advisory.txt +http://drupal.org/files/sa-2005-009/advisory.txt +http://secunia.com/advisories/17824/ +http://www.vuxml.org/freebsd/faca0843-6281-11da-8630-00123ffe8333.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: drupal"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"drupal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.6.4")<0) { + security_note(0, data:"Package drupal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_drupal1.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_drupal1.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_drupal1.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,83 @@ +# +#VID 6779e82f-b60b-11da-913d-000ae42e9b93 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56452); + script_version ("$"); + name["english"] = "FreeBSD Ports: drupal"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: drupal + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://drupal.org/node/53806 +http://drupal.org/node/53805 +http://drupal.org/node/53803 +http://drupal.org/node/53796 +http://www.vuxml.org/freebsd/6779e82f-b60b-11da-913d-000ae42e9b93.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: drupal"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"drupal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"3.6.6")<0) { + security_note(0, data:"Package drupal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_drupal2.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_drupal2.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_drupal2.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,94 @@ +# +#VID 40a0185f-ec32-11da-be02-000c6ec775d9 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56889); + script_cve_id("CVE-2006-2742", "CVE-2006-2743"); + script_version ("$"); + name["english"] = "FreeBSD Ports: drupal"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: drupal + +CVE-2006-2742 +SQL injection vulnerability in Drupal 4.6.x before 4.6.7 and 4.7.0 +allows remote attackers to execute arbitrary SQL commands via the (1) +count and (2) from variables to (a) database.mysql.inc, (b) +database.pgsql.inc, and (c) database.mysqli.inc. + +CVE-2006-2743 +Drupal 4.6.x before 4.6.7 and 4.7.0, when running on Apache with +mod_mime, does not properly handle files with multiple extensions, +which allows remote attackers to upload, modify, or execute arbitrary +files in the files directory. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://drupal.org/node/65357 +http://drupal.org/node/65409 +http://www.vuxml.org/freebsd/40a0185f-ec32-11da-be02-000c6ec775d9.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: drupal"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"drupal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.6.7")<0) { + security_note(0, data:"Package drupal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_drupal3.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_drupal3.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_drupal3.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,87 @@ +# +#VID 6da7344b-128a-11db-b25f-00e00c69a70d +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57104); + script_cve_id("CVE-2006-2833"); + script_version ("$"); + name["english"] = "FreeBSD Ports: drupal"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: drupal + +CVE-2006-2833 +Cross-site scripting (XSS) vulnerability in the taxonomy module in +Drupal 4.6.8 and 4.7.2 allows remote attackers to inject arbitrary web +script or HTML via inputs that are not properly validated when the +page title is output, possibly involving the $names variable. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://drupal.org/node/66767 +http://www.vuxml.org/freebsd/6da7344b-128a-11db-b25f-00e00c69a70d.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: drupal"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"drupal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.6.8")<0) { + security_note(0, data:"Package drupal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_drupal4.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_drupal4.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_drupal4.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,80 @@ +# +#VID c905298c-2274-11db-896e-000ae42e9b93 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57197); + script_version ("$"); + name["english"] = "FreeBSD Ports: drupal"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: drupal + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://drupal.org/files/sa-2006-011/advisory.txt +http://www.vuxml.org/freebsd/c905298c-2274-11db-896e-000ae42e9b93.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: drupal"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"drupal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.6.9")<0) { + security_note(0, data:"Package drupal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_drupal40.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_drupal40.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_drupal40.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,99 @@ +# +#VID 9c00d446-8208-11dc-9283-0016179b2dd5 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58778); + script_cve_id("CVE-2007-5597", "CVE-2007-5596", "CVE-2007-5595", "CVE-2007-5594", "CVE-2007-5593"); + script_version ("$"); + name["english"] = "FreeBSD Ports: drupal4"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + drupal4 + drupal5 + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://drupal.org/node/184315 +http://drupal.org/node/184316 +http://drupal.org/node/184348 +http://drupal.org/node/184354 +http://drupal.org/node/184320 +http://secunia.com/advisories/27292 +http://secunia.com/advisories/27292 +http://secunia.com/advisories/27292 +http://secunia.com/advisories/27290 +http://secunia.com/advisories/27290 +http://www.vuxml.org/freebsd/9c00d446-8208-11dc-9283-0016179b2dd5.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: drupal4"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"drupal4"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.7.8")<0) { + security_note(0, data:"Package drupal4 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"drupal5"); +if(!isnull(bver) && revisions-lib(a:bver, b:"5.3")<0) { + security_note(0, data:"Package drupal5 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_drupal41.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_drupal41.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_drupal41.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,90 @@ +# +#VID 1f5b711b-3d0e-11dc-b3d3-0016179b2dd5 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58822); + script_version ("$"); + name["english"] = "FreeBSD Ports: drupal4"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + drupal4 + drupal5 + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://drupal.org/node/162361 +http://secunia.com/advisories/26224/ +http://www.vuxml.org/freebsd/1f5b711b-3d0e-11dc-b3d3-0016179b2dd5.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: drupal4"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"drupal4"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.7.7")<0) { + security_note(0, data:"Package drupal4 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"drupal5"); +if(!isnull(bver) && revisions-lib(a:bver, b:"5.2")<0) { + security_note(0, data:"Package drupal5 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_drupal5.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_drupal5.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_drupal5.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,81 @@ +# +#VID 19207592-5f17-11db-ae08-0008743bf21a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57533); + script_version ("$"); + name["english"] = "FreeBSD Ports: drupal"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: drupal + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://drupal.org/files/sa-2006-026/advisory.txt +http://drupal.org/drupal-4.7.4 +http://www.vuxml.org/freebsd/19207592-5f17-11db-ae08-0008743bf21a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: drupal"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"drupal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.6.10")<0) { + security_note(0, data:"Package drupal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_drupal50.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_drupal50.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_drupal50.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,83 @@ +# +#VID 98dd7788-3d13-11dc-b3d3-0016179b2dd5 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58821); + script_version ("$"); + name["english"] = "FreeBSD Ports: drupal5"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: drupal5 + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://drupal.org/node/162360 +http://secunia.com/advisories/26224/ +http://www.vuxml.org/freebsd/98dd7788-3d13-11dc-b3d3-0016179b2dd5.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: drupal5"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"drupal5"); +if(!isnull(bver) && revisions-lib(a:bver, b:"5.2")<0) { + security_note(0, data:"Package drupal5 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_drupal51.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_drupal51.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_drupal51.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,96 @@ +# +#VID fa708908-a8c7-11dc-b41d-000fb5066b20 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(60022); + script_cve_id("CVE-2007-6299"); + script_version ("$"); + name["english"] = "FreeBSD Ports: drupal5"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + drupal5 + drupal4 + +CVE-2007-6299 +Multiple SQL injection vulnerabilities in Drupal and vbDrupal 4.7.x +before 4.7.9 and 5.x before 5.4 allow remote attackers to execute +arbitrary SQL commands via modules that pass input to the +taxonomy_select_nodes function, as demonstrated by the (1) +taxonomy_menu, (2) ajaxLoader, and (3) ubrowser contributed modules. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://drupal.org/node/198162 +http://secunia.com/advisories/27932/ +http://www.vuxml.org/freebsd/fa708908-a8c7-11dc-b41d-000fb5066b20.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: drupal5"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"drupal5"); +if(!isnull(bver) && revisions-lib(a:bver, b:"5.4")<0) { + security_note(0, data:"Package drupal5 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"drupal4"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.7.9")<0) { + security_note(0, data:"Package drupal4 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_drupal52.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_drupal52.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_drupal52.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID 4451a4c9-c05e-11dc-982e-001372fd0af2 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(60160); + script_version ("$"); + name["english"] = "FreeBSD Ports: drupal5"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + drupal5 + drupal4 + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://drupal.org/node/208562 +http://secunia.com/advisories/28422/ +http://www.vuxml.org/freebsd/4451a4c9-c05e-11dc-982e-001372fd0af2.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: drupal5"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"drupal5"); +if(!isnull(bver) && revisions-lib(a:bver, b:"5.6")<0) { + security_note(0, data:"Package drupal5 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"drupal4"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.7.11")<0) { + security_note(0, data:"Package drupal4 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_drupal53.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_drupal53.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_drupal53.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID 6f736456-c060-11dc-982e-001372fd0af2 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(60161); + script_version ("$"); + name["english"] = "FreeBSD Ports: drupal5"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + drupal5 + drupal4 + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://drupal.org/node/208564 +http://secunia.com/advisories/28422/ +http://www.vuxml.org/freebsd/6f736456-c060-11dc-982e-001372fd0af2.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: drupal5"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"drupal5"); +if(!isnull(bver) && revisions-lib(a:bver, b:"5.6")<0) { + security_note(0, data:"Package drupal5 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"drupal4"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.7.11")<0) { + security_note(0, data:"Package drupal4 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_drupal54.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_drupal54.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_drupal54.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID f0fa19dd-c060-11dc-982e-001372fd0af2 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(60162); + script_version ("$"); + name["english"] = "FreeBSD Ports: drupal5"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + drupal5 + drupal4 + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://drupal.org/node/208565 +http://secunia.com/advisories/28422/ +http://www.vuxml.org/freebsd/f0fa19dd-c060-11dc-982e-001372fd0af2.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: drupal5"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"drupal5"); +if(!isnull(bver) && revisions-lib(a:bver, b:"5.6")<0) { + security_note(0, data:"Package drupal5 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"drupal4"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.7.11")<0) { + security_note(0, data:"Package drupal4 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_drupal55.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_drupal55.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_drupal55.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID ecedde1c-5128-11dd-a4e1-0030843d3802 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(61285); + script_version ("$"); + name["english"] = "FreeBSD Ports: drupal5"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + drupal5 + drupal6 + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://drupal.org/node/280571 +http://secunia.com/advisories/31028/ +http://www.vuxml.org/freebsd/ecedde1c-5128-11dd-a4e1-0030843d3802.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: drupal5"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"drupal5"); +if(!isnull(bver) && revisions-lib(a:bver, b:"5.8")<0) { + security_note(0, data:"Package drupal5 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"drupal6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.3")<0) { + security_note(0, data:"Package drupal6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_drupal56.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_drupal56.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_drupal56.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID 070b5b22-6d74-11dd-aa18-0030843d3802 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(61450); + script_version ("$"); + name["english"] = "FreeBSD Ports: drupal5"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + drupal5 + drupal6 + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://drupal.org/node/295053 +http://secunia.com/advisories/31462/ +http://www.vuxml.org/freebsd/070b5b22-6d74-11dd-aa18-0030843d3802.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: drupal5"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"drupal5"); +if(!isnull(bver) && revisions-lib(a:bver, b:"5.10")<0) { + security_note(0, data:"Package drupal5 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"drupal6"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.4")<0) { + security_note(0, data:"Package drupal6 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_drupal6.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_drupal6.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_drupal6.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,81 @@ +# +#VID 937d5911-5f16-11db-ae08-0008743bf21a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57534); + script_version ("$"); + name["english"] = "FreeBSD Ports: drupal"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: drupal + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://drupal.org/files/sa-2006-025/advisory.txt +http://drupal.org/drupal-4.7.4 +http://www.vuxml.org/freebsd/937d5911-5f16-11db-ae08-0008743bf21a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: drupal"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"drupal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.6.10")<0) { + security_note(0, data:"Package drupal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_drupal7.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_drupal7.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_drupal7.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,81 @@ +# +#VID b2383758-5f15-11db-ae08-0008743bf21a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57535); + script_version ("$"); + name["english"] = "FreeBSD Ports: drupal"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: drupal + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://drupal.org/files/sa-2006-024/advisory.txt +http://drupal.org/drupal-4.7.4 +http://www.vuxml.org/freebsd/b2383758-5f15-11db-ae08-0008743bf21a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: drupal"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"drupal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.6.10")<0) { + security_note(0, data:"Package drupal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_drupal8.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_drupal8.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_drupal8.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,85 @@ +# +#VID 3d8d3548-9d02-11db-a541-000ae42e9b93 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57784); + script_version ("$"); + name["english"] = "FreeBSD Ports: drupal"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: drupal + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://drupal.org/files/sa-2007-001/advisory.txt +http://drupal.org/files/sa-2007-002/advisory.txt +http://www.vuxml.org/freebsd/3d8d3548-9d02-11db-a541-000ae42e9b93.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: drupal"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"drupal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.7")>0 && ssvercheck(a:bver, b:"4.7.5")<0) { + security_note(0, data:"Package drupal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"4.6.11")<0) { + security_note(0, data:"Package drupal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_e2fsprogs.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_e2fsprogs.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_e2fsprogs.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID 299e3f81-aee7-11dc-b781-0016179b2dd5 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(60091); + script_cve_id("CVE-2007-5497"); + script_bugtraq_id(26772); + script_version ("$"); + name["english"] = "FreeBSD Ports: e2fsprogs"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: e2fsprogs + +CVE-2007-5497 +Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 +allow user-assisted remote attackers to execute arbitrary code via a +crafted filesystem image. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/27889/ +http://sourceforge.net/project/shownotes.php?group_id=2406&release_id=560230 +http://www.vuxml.org/freebsd/299e3f81-aee7-11dc-b781-0016179b2dd5.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: e2fsprogs"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"e2fsprogs"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.40.3")<0) { + security_note(0, data:"Package e2fsprogs version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_eGroupWare.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_eGroupWare.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_eGroupWare.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,85 @@ +# +#VID 39953788-6bbb-11d9-8bc9-000a95bc6fae +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52221); + script_bugtraq_id(11625); + script_version ("$"); + name["english"] = "FreeBSD Ports: eGroupWare"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: eGroupWare + +The JiNN component has a vulnerability which +allows an attacker to download arbitrary files. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://cvs.sourceforge.net/viewcvs.py/egroupware/jinn/CHANGELOG#rev1.24 +http://sourceforge.net/mailarchive/forum.php?thread_id=5915445&forum_id=35178 +http://www.vuxml.org/freebsd/39953788-6bbb-11d9-8bc9-000a95bc6fae.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: eGroupWare"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"eGroupWare"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.0.0.006")<0) { + security_note(0, data:"Package eGroupWare version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ecartis.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ecartis.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_ecartis.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,89 @@ +# +#VID be543d74-539a-11d9-a9e7-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52265); + script_bugtraq_id(11487); + script_cve_id("CVE-2004-0913"); + script_version ("$"); + name["english"] = "FreeBSD Ports: ecartis"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: ecartis + +CVE-2004-0913 +Unknown vulnerability in ecartis 0.x before +0.129a+1.0.0-snap20020514-1.3 and 1.x before 1.0.0+cvs.20030911-8 +allows attackers in the same domain to gain administrator privileges +and modify configuration. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.debian.org/security/2004/dsa-572 +http://secunia.com/advisories/12918/ +http://www.vuxml.org/freebsd/be543d74-539a-11d9-a9e7-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ecartis"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ecartis"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.0.0.s20031228_2,1")<0) { + security_note(0, data:"Package ecartis version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ecartis0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ecartis0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_ecartis0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,90 @@ +# +#VID 3e9be8c4-8192-11d8-9645-0020ed76ef5a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52447); + script_cve_id("CVE-2003-0781", "CVE-2003-0782"); + script_version ("$"); + name["english"] = "FreeBSD Ports: ecartis"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: ecartis + +CVE-2003-0781 +Unknown vulnerability in ecartis before 1.0.0 does not properly +validate user input, which allows attackers to obtain mailing list +passwords. + +CVE-2003-0782 +Multiple buffer overflows in ecartis before 1.0.0 allow attackers to +cause a denial of service and possibly execute arbitrary code. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.securiteam.com/unixfocus/5YP0H2AAUY.html +http://www.vuxml.org/freebsd/3e9be8c4-8192-11d8-9645-0020ed76ef5a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ecartis"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ecartis"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.0.0.s20030814,1")<0) { + security_note(0, data:"Package ecartis version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_egroupware.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_egroupware.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_egroupware.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,92 @@ +# +#VID b4892b5b-fb1c-11d9-96ba-00909925db3e +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(54425); + script_cve_id("CVE-2005-1202", "CVE-2005-1203"); + script_version ("$"); + name["english"] = "FreeBSD Ports: egroupware"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: egroupware + +CVE-2005-1202 +Multiple cross-site scripting (XSS) vulnerabilities in eGroupware +before 1.0.0.007 allow remote attackers to inject arbitrary web script +or HTML via the (1) ab_id, (2) page, (3) type, or (4) lang parameter +to index.php or (5) category_id parameter. + +CVE-2005-1203 +Multiple SQL injection vulnerabilities in index.php in eGroupware +before 1.0.0.007 allow remote attackers to execute arbitrary SQL +commands via the (1) filter or (2) cats_app parameter. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://sourceforge.net/project/shownotes.php?release_id=320768 +http://www.vuxml.org/freebsd/b4892b5b-fb1c-11d9-96ba-00909925db3e.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: egroupware"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"egroupware"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.0.0.007")<0) { + security_note(0, data:"Package egroupware version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_elm.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_elm.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_elm.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,80 @@ +# +#VID f66e011d-13ff-11da-af41-0004614cc33d +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(55123); + script_version ("$"); + name["english"] = "FreeBSD Ports: elm"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: elm + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0688.html +http://www.vuxml.org/freebsd/f66e011d-13ff-11da-af41-0004614cc33d.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: elm"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"elm"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.5.8")<0) { + security_note(0, data:"Package elm version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_emil.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_emil.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_emil.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,93 @@ +# +#VID ce46b93a-80f2-11d8-9645-0020ed76ef5a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52498); + script_cve_id("CVE-2004-0152", "CVE-2004-0153"); + script_version ("$"); + name["english"] = "FreeBSD Ports: emil"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: emil + +CVE-2004-0152 +Multiple stack-based buffer overflows in (1) the encode_mime function, +(2) the encode_uuencode function, (3) or the decode_uuencode function +for emil 2.1.0 and earlier allow remote attackers to execute arbitrary +code via e-mail messages containing attachments with filenames. + +CVE-2004-0153 +Multiple format string vulnerabilities in emil 2.1.0 and earlier may +allow remote attackers to execute arbitrary code by triggering certain +error messages. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.debian.org/security/2004/dsa-468 +http://lists.netsys.com/pipermail/full-disclosure/2004-March/019325.html +http://www.vuxml.org/freebsd/ce46b93a-80f2-11d8-9645-0020ed76ef5a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: emil"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"emil"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.1b9")<=0) { + security_note(0, data:"Package emil version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_enscript-a4.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_enscript-a4.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_enscript-a4.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,107 @@ +# +#VID 72da8af6-7c75-11d9-8cc5-000854d03344 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52193); + script_cve_id("CVE-2004-1184", "CVE-2004-1185", "CVE-2004-1186"); + script_version ("$"); + name["english"] = "FreeBSD Ports: enscript-a4, enscript-letter, enscript-letterdj"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + enscript-a4 + enscript-letter + enscript-letterdj + +CVE-2004-1184 +The EPSF pipe support in enscript 1.6.3 allows remote attackers or +local users to execute arbitrary commands via shell metacharacters. + +CVE-2004-1185 +Enscript 1.6.3 does not sanitize filenames, which allows remote +attackers or local users to execute arbitrary commands via crafted +filenames. + +CVE-2004-1186 +Multiple buffer overflows in enscript 1.6.3 allow remote attackers or +local users to cause a denial of service (application crash). + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml +http://www.vuxml.org/freebsd/72da8af6-7c75-11d9-8cc5-000854d03344.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: enscript-a4, enscript-letter, enscript-letterdj"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"enscript-a4"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.6.4_1")<0) { + security_note(0, data:"Package enscript-a4 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"enscript-letter"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.6.4_1")<0) { + security_note(0, data:"Package enscript-letter version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"enscript-letterdj"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.6.4_1")<0) { + security_note(0, data:"Package enscript-letterdj version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ethereal.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ethereal.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_ethereal.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,123 @@ +# +#VID cb470368-94d2-11d9-a9e0-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52156); + script_cve_id("CVE-2005-0699", "CVE-2005-0704", "CVE-2005-0705", "CVE-2005-0739"); + script_version ("$"); + name["english"] = "FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + ethereal + ethereal-lite + tethereal + tethereal-lite + +CVE-2005-0699 +Multiple buffer overflows in the dissect_a11_radius function in the +CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and +earlier allow remote attackers to execute arbitrary code via RADIUS +authentication packets with large length values. + +CVE-2005-0704 +Buffer overflow in the Etheric dissector in Ethereal 0.10.7 through +0.10.9 allows remote attackers to cause a denial of service +(application crash) and possibly execute arbitrary code. + +CVE-2005-0705 +The GPRS-LLC dissector in Ethereal 0.10.7 through 0.10.9, with the +'ignore cipher bit' option enabled. allows remote attackers to cause a +denial of service (application crash). + +CVE-2005-0739 +The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does +not properly use certain routines for formatting strings, which could +leave it vulnerable to buffer overflows, as demonstrated using +modified length values that are not properly handled by the the +dissect_pdus and pduval_to_str functions. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.ethereal.com/appnotes/enpa-sa-00018.html +http://www.vuxml.org/freebsd/cb470368-94d2-11d9-a9e0-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ethereal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.9.1")>=0 && ssvercheck(a:bver, b:"0.10.10")<0) { + security_note(0, data:"Package ethereal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ethereal-lite"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.9.1")>=0 && ssvercheck(a:bver, b:"0.10.10")<0) { + security_note(0, data:"Package ethereal-lite version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"tethereal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.9.1")>=0 && ssvercheck(a:bver, b:"0.10.10")<0) { + security_note(0, data:"Package tethereal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"tethereal-lite"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.9.1")>=0 && ssvercheck(a:bver, b:"0.10.10")<0) { + security_note(0, data:"Package tethereal-lite version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ethereal0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ethereal0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_ethereal0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,129 @@ +# +#VID 831a6a66-79fa-11d9-a9e7-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52195); + script_cve_id("CVE-2005-0006", "CVE-2005-0007", "CVE-2005-0008", "CVE-2005-0009", "CVE-2005-0010", "CVE-2005-0084"); + script_bugtraq_id(12326); + script_version ("$"); + name["english"] = "FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + ethereal + ethereal-lite + tethereal + tethereal-lite + +CVE-2005-0006 +The COPS dissector in Ethereal 0.10.6 through 0.10.8 allows remote +attackers to cause a denial of service (infinite loop). + +CVE-2005-0007 +Unknown vulnerability in the DLSw dissector in Ethereal 0.10.6 through +0.10.8 allows remote attackers to cause a denial of service +(application crash from assertion). + +CVE-2005-0008 +Unknown vulnerability in the DNP dissector in Ethereal 0.10.5 through +0.10.8 allows remote attackers to cause 'memory corruption.' + +CVE-2005-0009 +Unknown vulnerability in the Gnutella dissector in Ethereal 0.10.6 +through 0.10.8 allows remote attackers to cause a denial of service +(application crash). + +CVE-2005-0010 +Unknown vulnerability in the MMSE dissector in Ethereal 0.10.4 through +0.10.8 allows remote attackers to cause a denial of service by +triggering a free of statically allocated memory. + +CVE-2005-0084 +Buffer overflow in the X11 dissector in Ethereal 0.8.10 through 0.10.8 +allows remote attackers to execute arbitrary code via a crafted +packet. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.ethereal.com/appnotes/enpa-sa-00017.html +http://www.vuxml.org/freebsd/831a6a66-79fa-11d9-a9e7-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ethereal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.10")>=0 && ssvercheck(a:bver, b:"0.10.9")<0) { + security_note(0, data:"Package ethereal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ethereal-lite"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.10")>=0 && ssvercheck(a:bver, b:"0.10.9")<0) { + security_note(0, data:"Package ethereal-lite version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"tethereal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.10")>=0 && ssvercheck(a:bver, b:"0.10.9")<0) { + security_note(0, data:"Package tethereal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"tethereal-lite"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.10")>=0 && ssvercheck(a:bver, b:"0.10.9")<0) { + security_note(0, data:"Package tethereal-lite version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ethereal1.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ethereal1.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_ethereal1.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,121 @@ +# +#VID efa1344b-5477-11d9-a9e7-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52262); + script_cve_id("CVE-2004-1139", "CVE-2004-1140", "CVE-2004-1141", "CVE-2004-1142"); + script_version ("$"); + name["english"] = "FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + ethereal + ethereal-lite + tethereal + tethereal-lite + +CVE-2004-1139 +Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 +through 0.10.7 allows remote attackers to cause a denial of service +(application crash). + +CVE-2004-1140 +Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a +denial of service (application hang) and possibly fill available disk +space via an invalid RTP timestamp. + +CVE-2004-1141 +The HTTP dissector in Ethereal 0.10.1 through 0.10.7 allows remote +attackers to cause a denial of service (application crash) via a +certain packet that causes the dissector to access previously-freed +memory. + +CVE-2004-1142 +Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a +denial of service (CPU consumption) via a certain malformed SMB +packet. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.ethereal.com/appnotes/enpa-sa-00016.html +http://www.vuxml.org/freebsd/efa1344b-5477-11d9-a9e7-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ethereal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.10.8")<0) { + security_note(0, data:"Package ethereal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ethereal-lite"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.10.8")<0) { + security_note(0, data:"Package ethereal-lite version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"tethereal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.10.8")<0) { + security_note(0, data:"Package tethereal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"tethereal-lite"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.10.8")<0) { + security_note(0, data:"Package tethereal-lite version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ethereal2.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ethereal2.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_ethereal2.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,110 @@ +# +#VID cdf18ed9-7f4a-11d8-9645-0020ed76ef5a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52432); + script_cve_id("CVE-2004-0176", "CVE-2004-0365", "CVE-2004-0367"); + script_bugtraq_id(9952); + script_version ("$"); + name["english"] = "FreeBSD Ports: ethereal, tethereal"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + ethereal + tethereal + +CVE-2004-0176 +Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote +attackers to cause a denial of service and possibly execute arbitrary +code via the (1) NetFlow, (2) IGAP, (3) EIGRP, (4) PGM, (5) IrDA, (6) +BGP, (7) ISUP, or (8) TCAP dissectors. + +CVE-2004-0365 +The dissect_attribute_value_pairs function in packet-radius.c for +Ethereal 0.8.13 to 0.10.2 allows remote attackers to cause a denial of +service (crash) via a malformed RADIUS packet that triggers a null +dereference. + +CVE-2004-0367 +Ethereal 0.10.1 to 0.10.2 allows remote attackers to cause a denial of +service (crash) via a zero-length Presentation protocol selector. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.ethereal.com/appnotes/enpa-sa-00013.html +http://security.e-matters.de/advisories/032004.html +http://secunia.com/advisories/11185 +http://www.osvdb.org/4462 +http://www.osvdb.org/4463 +http://www.osvdb.org/4464 +http://www.vuxml.org/freebsd/cdf18ed9-7f4a-11d8-9645-0020ed76ef5a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ethereal, tethereal"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ethereal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.10.3")<0) { + security_note(0, data:"Package ethereal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"tethereal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.10.3")<0) { + security_note(0, data:"Package tethereal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ethereal3.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ethereal3.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_ethereal3.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,124 @@ +# +#VID 74d06b67-d2cf-11d8-b479-02e0185c0b53 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52433); + script_cve_id("CVE-2004-0504", "CVE-2004-0505", "CVE-2004-0506", "CVE-2004-0507"); + script_bugtraq_id(10347); + script_version ("$"); + name["english"] = "FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + ethereal + ethereal-lite + tethereal + tethereal-lite + +CVE-2004-0504 +Ethereal 0.10.3 allows remote attackers to cause a denial of service +(crash) via certain SIP messages between Hotsip servers and clients. + +CVE-2004-0505 +The AIM dissector in Ethereal 0.10.3 allows remote attackers to cause +a denial of service (assert error) via unknown attack vectors. + +CVE-2004-0506 +The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote +attackers to cause a denial of service (crash) via unknown attack +vectors that cause a null pointer dereference. + +CVE-2004-0507 +Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 +allows remote attackers to cause a denial of service and possibly +execute arbitrary code. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.ethereal.com/appnotes/enpa-sa-00014.html +http://secunia.com/advisories/11608 +http://www.osvdb.org/6131 +http://www.osvdb.org/6132 +http://www.osvdb.org/6133 +http://www.osvdb.org/6134 +http://www.vuxml.org/freebsd/74d06b67-d2cf-11d8-b479-02e0185c0b53.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ethereal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.10.4")<0) { + security_note(0, data:"Package ethereal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ethereal-lite"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.10.4")<0) { + security_note(0, data:"Package ethereal-lite version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"tethereal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.10.4")<0) { + security_note(0, data:"Package tethereal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"tethereal-lite"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.10.4")<0) { + security_note(0, data:"Package tethereal-lite version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ethereal4.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ethereal4.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_ethereal4.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,121 @@ +# +#VID 265c8b00-d2d0-11d8-b479-02e0185c0b53 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52434); + script_cve_id("CVE-2004-0633", "CVE-2004-0634", "CVE-2004-0635"); + script_bugtraq_id(10672); + script_version ("$"); + name["english"] = "FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + ethereal + ethereal-lite + tethereal + tethereal-lite + +CVE-2004-0633 +The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote +attackers to cause a denial of service (process abort) via an integer +overflow. + +CVE-2004-0634 +The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows +remote attackers to cause a denial of service (process crash) via a +handle without a policy name, which causes a null dereference. + +CVE-2004-0635 +The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote +attackers to cause a denial of service (process crash) via a (1) +malformed or (2) missing community string, which causes an +out-of-bounds read. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.ethereal.com/appnotes/enpa-sa-00015.html +http://secunia.com/advisories/12024 +http://www.osvdb.org/7536 +http://www.osvdb.org/7537 +http://www.osvdb.org/7538 +http://www.vuxml.org/freebsd/265c8b00-d2d0-11d8-b479-02e0185c0b53.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ethereal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.10.5")<0) { + security_note(0, data:"Package ethereal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ethereal-lite"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.10.5")<0) { + security_note(0, data:"Package ethereal-lite version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"tethereal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.10.5")<0) { + security_note(0, data:"Package tethereal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"tethereal-lite"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.10.5")<0) { + security_note(0, data:"Package tethereal-lite version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ethereal5.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ethereal5.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_ethereal5.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,109 @@ +# +#VID 76adaab0-e4e3-11d9-b875-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(53098); + if(NASL_LEVEL>=2191) { + script_cve_id("CVE-2005-1281", "CVE-2005-1456", "CVE-2005-1457", "CVE-2005-1458", "CVE-2005-1459", "CVE-2005-1460", "CVE-2005-1461", "CVE-2005-1462", "CVE-2005-1463", "CVE-2005-1464", "CVE-2005-1465", "CVE-2005-1466", "CVE-2005-1467", "CVE-2005-1468", "CVE-2005-1469", "CVE-2005-1470"); + } else { + script_cve_id("CVE-2005-1281", "CVE-2005-1456", "CVE-2005-1457", "CVE-2005-1458", "CVE-2005-1459", "CVE-2005-1460", "CVE-2005-1461", "CVE-2005-1462"); + } + script_bugtraq_id(13391,13504,13567); + script_version ("$"); + name["english"] = "FreeBSD Ports: ethereal*, tethereal*"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + ethereal + ethereal-lite + tethereal + tethereal-lite + +For a more detailed description of the problems existing with the +version of software you are running, please visit the referenced +security advisories. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.ethereal.com/appnotes/enpa-sa-00019.html +http://www.vuxml.org/freebsd/76adaab0-e4e3-11d9-b875-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ethereal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.14")>=0 && ssvercheck(a:bver, b:"0.10.11")<0) { + security_note(0, data:"Package ethereal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ethereal-lite"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.14")>=0 && ssvercheck(a:bver, b:"0.10.11")<0) { + security_note(0, data:"Package ethereal-lite version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"tethereal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.14")>=0 && ssvercheck(a:bver, b:"0.10.11")<0) { + security_note(0, data:"Package tethereal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"tethereal-lite"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.14")>=0 && ssvercheck(a:bver, b:"0.10.11")<0) { + security_note(0, data:"Package tethereal-lite version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ethereal6.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ethereal6.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_ethereal6.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,99 @@ +# +#VID 5d51d245-00ca-11da-bc08-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(54468); + script_version ("$"); + name["english"] = "FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + ethereal + ethereal-lite + tethereal + tethereal-lite + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.ethereal.com/appnotes/enpa-sa-00020.html +http://www.vuxml.org/freebsd/5d51d245-00ca-11da-bc08-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ethereal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.5")>=0 && ssvercheck(a:bver, b:"0.10.12")<0) { + security_note(0, data:"Package ethereal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ethereal-lite"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.5")>=0 && ssvercheck(a:bver, b:"0.10.12")<0) { + security_note(0, data:"Package ethereal-lite version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"tethereal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.5")>=0 && ssvercheck(a:bver, b:"0.10.12")<0) { + security_note(0, data:"Package tethereal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"tethereal-lite"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.5")>=0 && ssvercheck(a:bver, b:"0.10.12")<0) { + security_note(0, data:"Package tethereal-lite version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ethereal7.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ethereal7.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_ethereal7.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,153 @@ +# +#VID 21c223f2-d596-11da-8098-00123ffe8333 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56652); + if(NASL_LEVEL>=2191) { + script_cve_id("CVE-2006-1932", "CVE-2006-1933", "CVE-2006-1934", "CVE-2006-1935", "CVE-2006-1936", "CVE-2006-1937", "CVE-2006-1938", "CVE-2006-1939", "CVE-2006-1940"); + } else { + script_cve_id("CVE-2006-1932", "CVE-2006-1933", "CVE-2006-1934", "CVE-2006-1935", "CVE-2006-1936", "CVE-2006-1937", "CVE-2006-1938", "CVE-2006-1939"); + } + script_version ("$"); + name["english"] = "FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + ethereal + ethereal-lite + tethereal + tethereal-lite + +CVE-2006-1932 +Off-by-one error in the OID printing routine in Ethereal 0.10.x up to +0.10.14 has unknown impact and remote attack vectors. + +CVE-2006-1933 +Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 +allow remote attackers to cause a denial of service (large or infinite +loops) viarafted packets to the (1) UMA and (2) BER dissectors. + +CVE-2006-1934 +Multiple buffer overflows in Ethereal 0.10.x up to 0.10.14 allow +remote attackers to cause a denial of service (crash) and possibly +execute arbitrary code via the (1) ALCAP dissector, (2) Network +Instruments file code, or (3) NetXray/Windows Sniffer file code. + +CVE-2006-1935 +Buffer overflow in Ethereal 0.9.15 up to 0.10.14 allows remote +attackers to cause a denial of service (crash) and possibly execute +arbitrary code via the COPS dissector. + +CVE-2006-1936 +Buffer overflow in Ethereal 0.8.5 up to 0.10.14 allows remote +attackers to execute arbitrary code via the telnet dissector. + +CVE-2006-1937 +Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 +allow remote attackers to cause a denial of service (crash from null +dereference) via the (1) H.248, (2) X.509if, (3) SRVLOC, (4) H.245, +(5) AIM, and (6) general packet dissectors; and (7) the statistics +counter. + +CVE-2006-1938 +Multiple unspecified vulnerabilities in Ethereal 0.8.x up to 0.10.14 +allow remote attackers to cause a denial of service (crash from null +dereference) via the (1) Sniffer capture or (2) SMB PIPE dissector. + +CVE-2006-1939 +Multiple unspecified vulnerabilities in Ethereal 0.9.x up to 0.10.14 +allow remote attackers to cause a denial of service (crash from null +dereference) via (1) an invalid display filter, or the (2) GSM SMS, +(3) ASN.1-based, (4) DCERPC NT, (5) PER, (6) RPC, (7) DCERPC, and (8) +ASN.1 dissectors. + +CVE-2006-1940 +Unspecified vulnerability in Ethereal 0.10.4 up to 0.10.14 allows +remote attackers to cause a denial of service (abort) via the SNDCP +dissector. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.ethereal.com/appnotes/enpa-sa-00023.html +http://secunia.com/advisories/19769/ +http://www.vuxml.org/freebsd/21c223f2-d596-11da-8098-00123ffe8333.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ethereal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.5")>=0 && ssvercheck(a:bver, b:"0.99.0")<0) { + security_note(0, data:"Package ethereal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ethereal-lite"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.5")>=0 && ssvercheck(a:bver, b:"0.99.0")<0) { + security_note(0, data:"Package ethereal-lite version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"tethereal"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.5")>=0 && ssvercheck(a:bver, b:"0.99.0")<0) { + security_note(0, data:"Package tethereal version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"tethereal-lite"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.8.5")>=0 && ssvercheck(a:bver, b:"0.99.0")<0) { + security_note(0, data:"Package tethereal-lite version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_evince.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_evince.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_evince.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,81 @@ +# +#VID 779a2d55-8ba8-11db-81d5-00123ffe8333 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57731); + script_cve_id("CVE-2006-5864"); + script_version ("$"); + name["english"] = "FreeBSD Ports: evince"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: evince + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/23111/ +http://www.vuxml.org/freebsd/779a2d55-8ba8-11db-81d5-00123ffe8333.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: evince"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"evince"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.6.1_1")<0) { + security_note(0, data:"Package evince version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_evolution-data-server.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_evolution-data-server.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_evolution-data-server.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID b1b5c125-2308-11dc-b91a-001921ab2fa4 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58837); + script_cve_id("CVE-2007-3257"); + script_version ("$"); + name["english"] = "FreeBSD Ports: evolution-data-server"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: evolution-data-server + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/25766/ +http://bugzilla.gnome.org/show_bug.cgi?id=447414 +http://www.vuxml.org/freebsd/b1b5c125-2308-11dc-b91a-001921ab2fa4.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: evolution-data-server"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"evolution-data-server"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.10.2_1")<0) { + security_note(0, data:"Package evolution-data-server version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +if(!isnull(bver) && revisions-lib(a:bver, b:"1.11")>0 && ssvercheck(a:bver, b:"1.11.4")<0) { + security_note(0, data:"Package evolution-data-server version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_evolution.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_evolution.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_evolution.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID b8943e61-6e68-11d9-a9e7-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52206); + script_cve_id("CVE-2005-0102"); + script_bugtraq_id(12354); + script_version ("$"); + name["english"] = "FreeBSD Ports: evolution"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: evolution + +CVE-2005-0102 +Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier +allows local users or remote malicious POP3 servers to execute +arbitrary code via a length value of -1, which leads to a zero byte +memory allocation and a buffer overflow. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://cvs.gnome.org/viewcvs/evolution/camel/camel-lock-helper.c?rev=1.7&view=log#rev1.5.74.1 +http://www.vuxml.org/freebsd/b8943e61-6e68-11d9-a9e7-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: evolution"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"evolution"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.0.3_1")<0) { + security_note(0, data:"Package evolution version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_evolution0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_evolution0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_evolution0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,95 @@ +# +#VID e5afdf63-1746-11da-978e-0001020eed82 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(55177); + script_cve_id("CVE-2005-2549", "CVE-2005-2550"); + script_version ("$"); + name["english"] = "FreeBSD Ports: evolution"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: evolution + +CVE-2005-2549 +Multiple format string vulnerabilities in Evolution 1.5 through +2.3.6.1 allow remote attackers to cause a denial of service (crash) +and possibly execute arbitrary code via (1) full vCard data, (2) +contact data from remote LDAP servers, or (3) task list data from +remote servers. + +CVE-2005-2550 +Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows +remote attackers to cause a denial of service (crash) and possibly +execute arbitrary code via the calendar entries such as task lists, +which are not properly handled when the user selects the Calendars +tab. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.sitic.se/eng/advisories_and_recommendations/sa05-001.html +http://www.vuxml.org/freebsd/e5afdf63-1746-11da-978e-0001020eed82.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: evolution"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"evolution"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.5")>0 && ssvercheck(a:bver, b:"2.3.7")<0) { + security_note(0, data:"Package evolution version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_exim.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_exim.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_exim.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,128 @@ +# +#VID ca9ce879-5ebb-11d9-a01c-0050569f0001 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52252); + script_cve_id("CVE-2005-0021", "CVE-2005-0022"); + script_bugtraq_id(12185,12188,12268); + script_version ("$"); + name["english"] = "exim -- two buffer overflow vulnerabilities"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + exim + exim-ldap + exim-ldap2 + exim-mysql + exim-postgresql + exim-sa-exim + +CVE-2005-0021 +Multiple buffer overflows in Exim before 4.43 may allow attackers to +execute arbitrary code via (1) an IPv6 address with more than 8 +components, as demonstrated using the -be command line option, which +triggers an overflow in the host_aton function, or (2) the -bh command +line option or dnsdb PTR lookup, which triggers an overflow in the +dns_build_reverse function. + +CVE-2005-0022 +Buffer overflow in the spa_base64_to_bits function in Exim before +4.43, as originally obtained from Samba code, and as called by the +auth_spa_client function, may allow attackers to execute arbitrary +code during SPA authentication. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.exim.org/mail-archives/exim-announce/2005/msg00000.html +http://marc.theaimsgroup.com/?l=bugtraq&m=110573573800377 +http://www.vuxml.org/freebsd/ca9ce879-5ebb-11d9-a01c-0050569f0001.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "exim -- two buffer overflow vulnerabilities"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"exim"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.43+28_1")<0) { + security_note(0, data:"Package exim version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"exim-ldap"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.43+28_1")<0) { + security_note(0, data:"Package exim-ldap version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"exim-ldap2"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.43+28_1")<0) { + security_note(0, data:"Package exim-ldap2 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"exim-mysql"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.43+28_1")<0) { + security_note(0, data:"Package exim-mysql version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"exim-postgresql"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.43+28_1")<0) { + security_note(0, data:"Package exim-postgresql version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"exim-sa-exim"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.43+28_1")<0) { + security_note(0, data:"Package exim-sa-exim version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_exim0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_exim0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_exim0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,106 @@ +# +#VID 5f29c2e4-9f6a-11d8-abbc-00e08110b673 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52466); + script_cve_id("CVE-2004-0400"); + script_version ("$"); + name["english"] = "FreeBSD Ports: exim, exim-ldap2, exim-mysql, exim-postgresql"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + exim + exim-ldap2 + exim-mysql + exim-postgresql + +CVE-2004-0400 +Stack-based buffer overflow in Exim 4 before 4.33, when the +headers_check_syntax option is enabled, allows remote attackers to +cause a denial of service and possibly execute arbitrary code during +the header check. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.guninski.com/exim1.html +http://www.vuxml.org/freebsd/5f29c2e4-9f6a-11d8-abbc-00e08110b673.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: exim, exim-ldap2, exim-mysql, exim-postgresql"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"exim"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.33+20_1")<0) { + security_note(0, data:"Package exim version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"exim-ldap2"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.33+20_1")<0) { + security_note(0, data:"Package exim-ldap2 version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"exim-mysql"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.33+20_1")<0) { + security_note(0, data:"Package exim-mysql version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"exim-postgresql"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.33+20_1")<0) { + security_note(0, data:"Package exim-postgresql version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_extman.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_extman.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_extman.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,80 @@ +# +#VID 44c8694a-12f9-11dd-9b26-001c2514716c +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(60882); + script_version ("$"); + name["english"] = "FreeBSD Ports: extman"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: extman + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.extmail.org/forum/thread-7260-1-1.html +http://www.vuxml.org/freebsd/44c8694a-12f9-11dd-9b26-001c2514716c.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: extman"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"extman"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.2.4")>=0 && ssvercheck(a:bver, b:"0.2.4_1")<0) { + security_note(0, data:"Package extman version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_eyeOS.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_eyeOS.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_eyeOS.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,80 @@ +# +#VID d3527663-4ccb-11db-b48d-00508d6a62df +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57402); + script_version ("$"); + name["english"] = "FreeBSD Ports: eyeOS"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: eyeOS + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://eyeos.blogspot.com/2006/09/eyeos-091-released.html +http://www.vuxml.org/freebsd/d3527663-4ccb-11db-b48d-00508d6a62df.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: eyeOS"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"eyeOS"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.9.1")<0) { + security_note(0, data:"Package eyeOS version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ez-ipupdate.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ez-ipupdate.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_ez-ipupdate.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,87 @@ +# +#VID e69ba632-326f-11d9-b5b7-000854d03344 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52308); + script_bugtraq_id(11657); + script_cve_id("CVE-2004-0980"); + script_version ("$"); + name["english"] = "FreeBSD Ports: ez-ipupdate"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: ez-ipupdate + +CVE-2004-0980 +Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 +through 3.0.11b8, when running in daemon mode with certain service +types in use, allows remote servers to execute arbitrary code. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://lists.netsys.com/pipermail/full-disclosure/2004-November/028590.html +http://www.vuxml.org/freebsd/e69ba632-326f-11d9-b5b7-000854d03344.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ez-ipupdate"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ez-ipupdate"); +if(!isnull(bver) && revisions-lib(a:bver, b:"3.0.11b8_2")<0) { + security_note(0, data:"Package ez-ipupdate version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ezbounce.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ezbounce.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_ezbounce.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,86 @@ +# +#VID c480eb5e-7f00-11d8-868e-000347dd607f +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52491); + script_cve_id("CVE-2003-0510"); + script_bugtraq_id(8071); + script_version ("$"); + name["english"] = "FreeBSD Ports: ezbounce"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: ezbounce + +CVE-2003-0510 +Format string vulnerability in ezbounce 1.0 through 1.50 allows remote +attackers to execute arbitrary code via the 'sessions' command. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://ezbounce.dc-team.com/ +http://www.vuxml.org/freebsd/c480eb5e-7f00-11d8-868e-000347dd607f.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ezbounce"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ezbounce"); +if(!isnull(bver) && revisions-lib(a:bver, b:"1.04.a_1")<0) { + security_note(0, data:"Package ezbounce version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_f2c.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_f2c.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_f2c.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID 43cb40b3-c8c2-11da-a672-000e0c2e438a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56509); + script_cve_id("CVE-2005-0017", "CVE-2005-0018"); + script_bugtraq_id(1280); + script_version ("$"); + name["english"] = "FreeBSD Ports: f2c"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: f2c + +CVE-2005-0017 +The f2c translator in the f2c package 3.1 allows local users to read +arbitrary files via a symlink attack on temporary files. + +CVE-2005-0018 +The f2 shell script in the f2c package 3.1 allows local users to read +arbitrary files via a symlink attack on temporary files. + +Solution: +Update your system with the appropriate patches or +software upgrades. + + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: f2c"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"f2c"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0")>0) { + security_note(0, data:"Package f2c version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_fcron.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_fcron.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_fcron.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,108 @@ +# +#VID e480ccb2-6bc8-11d9-8dbe-000a95bc6fae +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52218); + script_cve_id("CVE-2004-1030", "CVE-2004-1031", "CVE-2004-1032", "CVE-2004-1033"); + script_version ("$"); + name["english"] = "FreeBSD Ports: fcron"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: fcron + +CVE-2004-1030 +fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions +allows local users to gain sensitive information by calling +fcronsighup with an arbitrary file, which reveals the contents of the +file that can not be parsed in an error message. + +CVE-2004-1031 +fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions +allows local users to bypass access restrictions and load an arbitrary +configuration file by starting an suid process and pointing the +fcronsighup configuration file to a /proc entry that is owned by root +but modifiable by the user, such as /proc/self/cmdline or +/proc/self/environ. + +CVE-2004-1032 +fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions +allows local users to delete arbitrary files or create arbitrary empty +files via a target filename with a large number of leading slash (/) +characters such that fcronsighup does not properly append the intended +fcrontab.sig to the resulting string. + +CVE-2004-1033 +Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file +descriptors of open files, which allows local users to bypass access +restrictions and read fcron.allow and fcron.deny via the EDITOR +environment variable. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.idefense.com/application/poi/display?id=157&type=vulnerabilities&flashstatus=false +http://www.vuxml.org/freebsd/e480ccb2-6bc8-11d9-8dbe-000a95bc6fae.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: fcron"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"fcron"); +if(!isnull(bver) && revisions-lib(a:bver, b:"2.9.5.1")<0) { + security_note(0, data:"Package fcron version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_fetchmail.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_fetchmail.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_fetchmail.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID ac4b9d18-67a9-11d8-80e3-0020ed76ef5a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52504); + script_cve_id("CVE-2003-0792"); + script_bugtraq_id(8843); + script_version ("$"); + name["english"] = "FreeBSD Ports: fetchmail"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: fetchmail + +CVE-2003-0792 +Fetchmail 6.2.4 and earlier does not properly allocate memory for long +lines, which allows remote attackers to cause a denial of service +(crash) via a certain email. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://xforce.iss.net/xforce/xfdb/13450 +http://www.openbsd.org/cgi-bin/cvsweb/ports/mail/fetchmail/patches/Attic/patch-rfc822_c?rev=1.1 +http://www.vuxml.org/freebsd/ac4b9d18-67a9-11d8-80e3-0020ed76ef5a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: fetchmail"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"fetchmail"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.2.5")<0) { + security_note(0, data:"Package fetchmail version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_fetchmail0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_fetchmail0.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_fetchmail0.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,80 @@ +# +#VID af0296be-2455-11d8-82e5-0020ed76ef5a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52537); + script_version ("$"); + name["english"] = "FreeBSD Ports: fetchmail"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: fetchmail + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://security.e-matters.de/advisories/052002.html +http://www.vuxml.org/freebsd/af0296be-2455-11d8-82e5-0020ed76ef5a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: fetchmail"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"fetchmail"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.2.0")<=0) { + security_note(0, data:"Package fetchmail version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_fetchmail1.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_fetchmail1.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_fetchmail1.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,80 @@ +# +#VID 3497d7be-2fef-45f4-8162-9063751b573a +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(54381); + script_version ("$"); + name["english"] = "FreeBSD Ports: fetchmail"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: fetchmail + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=212762 +http://www.vuxml.org/freebsd/3497d7be-2fef-45f4-8162-9063751b573a.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: fetchmail"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"fetchmail"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.2.5.1")<0) { + security_note(0, data:"Package fetchmail version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_fetchmail10.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_fetchmail10.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_fetchmail10.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,87 @@ +# +#VID 168190df-3e9a-11dd-87bc-000ea69a5213 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(61189); + script_cve_id("CVE-2008-2711"); + script_version ("$"); + name["english"] = "FreeBSD Ports: fetchmail"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: fetchmail + +CVE-2008-2711 +fetchmail 6.3.8 and earlier, when running in -v -v mode, allows remote +attackers to cause a denial of service (crash and persistent mail +failure) via a malformed mail message with long headers, which is not +properly handled when using vsnprintf to format log messages. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://fetchmail.berlios.de/fetchmail-SA-2008-01.txt +http://www.vuxml.org/freebsd/168190df-3e9a-11dd-87bc-000ea69a5213.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: fetchmail"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"fetchmail"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.3.8_6")<0) { + security_note(0, data:"Package fetchmail version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_fetchmail11.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_fetchmail11.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_fetchmail11.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,87 @@ +# +#VID 1e8e63c0-478a-11dd-a88d-000ea69a5213 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(61220); + script_cve_id("CVE-2008-2711"); + script_version ("$"); + name["english"] = "FreeBSD Ports: fetchmail"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: fetchmail + +CVE-2008-2711 +fetchmail 6.3.8 and earlier, when running in -v -v mode, allows remote +attackers to cause a denial of service (crash and persistent mail +failure) via a malformed mail message with long headers, which is not +properly handled when using vsnprintf to format log messages. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://fetchmail.berlios.de/fetchmail-SA-2008-01.txt +http://www.vuxml.org/freebsd/1e8e63c0-478a-11dd-a88d-000ea69a5213.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: fetchmail"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"fetchmail"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.3.8_7")<0) { + security_note(0, data:"Package fetchmail version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_fetchmail2.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_fetchmail2.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_fetchmail2.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,81 @@ +# +#VID 3f4ac724-fa8b-11d9-afcf-0060084a00e5 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(54408); + script_version ("$"); + name["english"] = "FreeBSD Ports: fetchmail"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: fetchmail + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt +http://lists.berlios.de/pipermail/fetchmail-devel/2005-July/000397.html +http://www.vuxml.org/freebsd/3f4ac724-fa8b-11d9-afcf-0060084a00e5.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: fetchmail"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"fetchmail"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.2.5.1")==0) { + security_note(0, data:"Package fetchmail version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_fetchmail3.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_fetchmail3.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_fetchmail3.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,82 @@ +# +#VID baf74e0b-497a-11da-a4f4-0060084a00e5 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(55742); + script_bugtraq_id(15179); + script_cve_id("CVE-2005-3088"); + script_version ("$"); + name["english"] = "FreeBSD Ports: fetchmail"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: fetchmail + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://fetchmail.berlios.de/fetchmail-SA-2005-02.txt +http://www.vuxml.org/freebsd/baf74e0b-497a-11da-a4f4-0060084a00e5.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: fetchmail"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"fetchmail"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.2.5.2_1")<0) { + security_note(0, data:"Package fetchmail version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_fetchmail4.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_fetchmail4.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_fetchmail4.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,84 @@ +# +#VID f7eb0b23-7099-11da-a15c-0060084a00e5 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56050); + script_bugtraq_id(15987); + script_cve_id("CVE-2005-4348"); + script_version ("$"); + name["english"] = "FreeBSD Ports: fetchmail"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: fetchmail + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://fetchmail.berlios.de/fetchmail-SA-2005-03.txt +http://article.gmane.org/gmane.mail.fetchmail.user/7573 +http://bugs.debian.org/343836 +http://www.vuxml.org/freebsd/f7eb0b23-7099-11da-a15c-0060084a00e5.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: fetchmail"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"fetchmail"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.3.1")<0) { + security_note(0, data:"Package fetchmail version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_fetchmail5.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_fetchmail5.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_fetchmail5.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,89 @@ +# +#VID f11d3b22-88c6-11da-a7b2-0060084a00e5 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(56200); + script_bugtraq_id(16365); + script_cve_id("CVE-2006-0321"); + script_version ("$"); + name["english"] = "FreeBSD Ports: fetchmail"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: fetchmail + +CVE-2006-0321 +fetchmail 6.3.0 and other versions before 6.3.2 allows remote +attackers to cause a denial of service (crash) via crafted e-mail +messages that cause a free of an invalid pointer when fetchmail +bounces the message to the originator or local postmaster. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://fetchmail.berlios.de/fetchmail-SA-2006-01.txt +http://bugs.debian.org/348747 +http://www.vuxml.org/freebsd/f11d3b22-88c6-11da-a7b2-0060084a00e5.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: fetchmail"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"fetchmail"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.3.0")>=0 && ssvercheck(a:bver, b:"6.3.2")<0) { + security_note(0, data:"Package fetchmail version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_fetchmail6.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_fetchmail6.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_fetchmail6.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,81 @@ +# +#VID 37e30313-9d8c-11db-858b-0060084a00e5 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57781); + script_cve_id("CVE-2006-5974"); + script_version ("$"); + name["english"] = "FreeBSD Ports: fetchmail"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: fetchmail + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://fetchmail.berlios.de/fetchmail-SA-2006-03.txt +http://www.vuxml.org/freebsd/37e30313-9d8c-11db-858b-0060084a00e5.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: fetchmail"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"fetchmail"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.3.5")>=0 && ssvercheck(a:bver, b:"6.3.6")<0) { + security_note(0, data:"Package fetchmail version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_fetchmail7.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_fetchmail7.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_fetchmail7.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,81 @@ +# +#VID 5238ac45-9d8c-11db-858b-0060084a00e5 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(57782); + script_cve_id("CVE-2006-5867"); + script_version ("$"); + name["english"] = "FreeBSD Ports: fetchmail"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: fetchmail + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://fetchmail.berlios.de/fetchmail-SA-2006-02.txt +http://www.vuxml.org/freebsd/5238ac45-9d8c-11db-858b-0060084a00e5.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: fetchmail"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"fetchmail"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.3.6")<0) { + security_note(0, data:"Package fetchmail version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_fetchmail8.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_fetchmail8.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_fetchmail8.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,83 @@ +# +#VID 45500f74-5947-11dc-87c1-000e2e5785ad +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58808); + script_cve_id("CVE-2007-4565"); + script_version ("$"); + name["english"] = "FreeBSD Ports: fetchmail"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: fetchmail + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.fetchmail.info/fetchmail-SA-2007-02.txt +http://www.vuxml.org/freebsd/45500f74-5947-11dc-87c1-000e2e5785ad.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: fetchmail"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"fetchmail"); +if(!isnull(bver) && revisions-lib(a:bver, b:"4.6.8")>=0 && ssvercheck(a:bver, b:"6.3.8_4")<0) { + security_note(0, data:"Package fetchmail version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_fetchmail9.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_fetchmail9.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_fetchmail9.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,83 @@ +# +#VID f1c4d133-e6d3-11db-99ea-0060084a00e5 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(58864); + script_cve_id("CVE-2007-1558"); + script_version ("$"); + name["english"] = "FreeBSD Ports: fetchmail"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: fetchmail + +===== + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://fetchmail.berlios.de/fetchmail-SA-2007-01.txt +http://www.vuxml.org/freebsd/f1c4d133-e6d3-11db-99ea-0060084a00e5.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: fetchmail"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"fetchmail"); +if(!isnull(bver) && revisions-lib(a:bver, b:"6.3.8")<0) { + security_note(0, data:"Package fetchmail version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ffmpeg.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ffmpeg.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_ffmpeg.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,86 @@ +# +#VID 964161cd-6715-11da-99f6-00123ffe8333 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(55969); + script_version ("$"); + name["english"] = "FreeBSD Ports: ffmpeg"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: ffmpeg ffmpeg-devel + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://article.gmane.org/gmane.comp.video.ffmpeg.devel/26558 +http://secunia.com/advisories/17892/ +http://www.vuxml.org/freebsd/964161cd-6715-11da-99f6-00123ffe8333.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ffmpeg"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ffmpeg"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.4.9.p1_4")<0) { + security_note(0, data:"Package ffmpeg version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ffmpeg-devel"); +if(!isnull(bver) && revisions-lib(a:bver, b:"0.4.9.c.2005120600")<0) { + security_note(0, data:"Package ffmpeg-devel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_fidogate.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_fidogate.nasl 2008-09-04 15:00:42 UTC (rev 1281) +++ trunk/openvas-plugins/scripts/freebsd_fidogate.nasl 2008-09-04 18:41:11 UTC (rev 1282) @@ -0,0 +1,88 @@ +# +#VID 3243e839-f489-11d8-9837-000c41e2cdad +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from vuxml or freebsd advisories +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +if(description) +{ + script_id(52415); + script_bugtraq_id(11005); + script_version ("$"); + name["english"] = "FreeBSD Ports: fidogate"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + fidogate + fidogate-ds + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://cvs.sourceforge.net/viewcvs.py/fidogate/fidogate/ChangeLog?rev=4.320&view=markup +http://www.vuxml.org/freebsd/3243e839-f489-11d8-9837-000c41e2cdad.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: fidogate"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pk