[Openvas-commits] r1422 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Wed Sep 24 21:15:17 CEST 2008


Author: reinke
Date: 2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)
New Revision: 1422

Added:
   trunk/openvas-plugins/scripts/glsa_200310_03.nasl
   trunk/openvas-plugins/scripts/glsa_200310_04.nasl
   trunk/openvas-plugins/scripts/glsa_200311_01.nasl
   trunk/openvas-plugins/scripts/glsa_200311_02.nasl
   trunk/openvas-plugins/scripts/glsa_200311_03.nasl
   trunk/openvas-plugins/scripts/glsa_200311_04.nasl
   trunk/openvas-plugins/scripts/glsa_200311_05.nasl
   trunk/openvas-plugins/scripts/glsa_200311_06.nasl
   trunk/openvas-plugins/scripts/glsa_200311_07.nasl
   trunk/openvas-plugins/scripts/glsa_200311_08.nasl
   trunk/openvas-plugins/scripts/glsa_200312_02.nasl
   trunk/openvas-plugins/scripts/glsa_200312_03.nasl
   trunk/openvas-plugins/scripts/glsa_200312_04.nasl
   trunk/openvas-plugins/scripts/glsa_200312_05.nasl
   trunk/openvas-plugins/scripts/glsa_200312_06.nasl
   trunk/openvas-plugins/scripts/glsa_200312_07.nasl
   trunk/openvas-plugins/scripts/glsa_200312_08.nasl
   trunk/openvas-plugins/scripts/glsa_200401_01.nasl
   trunk/openvas-plugins/scripts/glsa_200401_02.nasl
   trunk/openvas-plugins/scripts/glsa_200401_03.nasl
   trunk/openvas-plugins/scripts/glsa_200401_04.nasl
   trunk/openvas-plugins/scripts/glsa_200402_01.nasl
   trunk/openvas-plugins/scripts/glsa_200402_02.nasl
   trunk/openvas-plugins/scripts/glsa_200402_03.nasl
   trunk/openvas-plugins/scripts/glsa_200402_04.nasl
   trunk/openvas-plugins/scripts/glsa_200402_05.nasl
   trunk/openvas-plugins/scripts/glsa_200402_06.nasl
   trunk/openvas-plugins/scripts/glsa_200402_07.nasl
   trunk/openvas-plugins/scripts/glsa_200403_01.nasl
   trunk/openvas-plugins/scripts/glsa_200403_02.nasl
   trunk/openvas-plugins/scripts/glsa_200403_03.nasl
   trunk/openvas-plugins/scripts/glsa_200403_04.nasl
   trunk/openvas-plugins/scripts/glsa_200403_05.nasl
   trunk/openvas-plugins/scripts/glsa_200403_06.nasl
   trunk/openvas-plugins/scripts/glsa_200403_07.nasl
   trunk/openvas-plugins/scripts/glsa_200403_08.nasl
   trunk/openvas-plugins/scripts/glsa_200403_09.nasl
   trunk/openvas-plugins/scripts/glsa_200403_10.nasl
   trunk/openvas-plugins/scripts/glsa_200403_11.nasl
   trunk/openvas-plugins/scripts/glsa_200403_12.nasl
   trunk/openvas-plugins/scripts/glsa_200403_13.nasl
   trunk/openvas-plugins/scripts/glsa_200403_14.nasl
   trunk/openvas-plugins/scripts/glsa_200404_01.nasl
   trunk/openvas-plugins/scripts/glsa_200404_02.nasl
   trunk/openvas-plugins/scripts/glsa_200404_03.nasl
   trunk/openvas-plugins/scripts/glsa_200404_04.nasl
   trunk/openvas-plugins/scripts/glsa_200404_05.nasl
   trunk/openvas-plugins/scripts/glsa_200404_06.nasl
   trunk/openvas-plugins/scripts/glsa_200404_07.nasl
   trunk/openvas-plugins/scripts/glsa_200404_08.nasl
   trunk/openvas-plugins/scripts/glsa_200404_09.nasl
   trunk/openvas-plugins/scripts/glsa_200404_10.nasl
   trunk/openvas-plugins/scripts/glsa_200404_11.nasl
   trunk/openvas-plugins/scripts/glsa_200404_12.nasl
   trunk/openvas-plugins/scripts/glsa_200404_13.nasl
   trunk/openvas-plugins/scripts/glsa_200404_14.nasl
   trunk/openvas-plugins/scripts/glsa_200404_15.nasl
   trunk/openvas-plugins/scripts/glsa_200404_16.nasl
   trunk/openvas-plugins/scripts/glsa_200404_17.nasl
   trunk/openvas-plugins/scripts/glsa_200404_18.nasl
   trunk/openvas-plugins/scripts/glsa_200404_19.nasl
   trunk/openvas-plugins/scripts/glsa_200404_20.nasl
   trunk/openvas-plugins/scripts/glsa_200404_21.nasl
   trunk/openvas-plugins/scripts/glsa_200405_01.nasl
   trunk/openvas-plugins/scripts/glsa_200405_02.nasl
   trunk/openvas-plugins/scripts/glsa_200405_03.nasl
   trunk/openvas-plugins/scripts/glsa_200405_04.nasl
   trunk/openvas-plugins/scripts/glsa_200405_05.nasl
   trunk/openvas-plugins/scripts/glsa_200405_06.nasl
   trunk/openvas-plugins/scripts/glsa_200405_07.nasl
   trunk/openvas-plugins/scripts/glsa_200405_08.nasl
   trunk/openvas-plugins/scripts/glsa_200405_09.nasl
   trunk/openvas-plugins/scripts/glsa_200405_10.nasl
   trunk/openvas-plugins/scripts/glsa_200405_11.nasl
   trunk/openvas-plugins/scripts/glsa_200405_12.nasl
   trunk/openvas-plugins/scripts/glsa_200405_13.nasl
   trunk/openvas-plugins/scripts/glsa_200405_14.nasl
   trunk/openvas-plugins/scripts/glsa_200405_15.nasl
   trunk/openvas-plugins/scripts/glsa_200405_16.nasl
   trunk/openvas-plugins/scripts/glsa_200405_17.nasl
   trunk/openvas-plugins/scripts/glsa_200405_18.nasl
   trunk/openvas-plugins/scripts/glsa_200405_19.nasl
   trunk/openvas-plugins/scripts/glsa_200405_20.nasl
   trunk/openvas-plugins/scripts/glsa_200405_21.nasl
   trunk/openvas-plugins/scripts/glsa_200405_22.nasl
   trunk/openvas-plugins/scripts/glsa_200405_23.nasl
   trunk/openvas-plugins/scripts/glsa_200405_24.nasl
   trunk/openvas-plugins/scripts/glsa_200405_25.nasl
   trunk/openvas-plugins/scripts/glsa_200406_01.nasl
   trunk/openvas-plugins/scripts/glsa_200406_02.nasl
   trunk/openvas-plugins/scripts/glsa_200406_03.nasl
   trunk/openvas-plugins/scripts/glsa_200406_04.nasl
   trunk/openvas-plugins/scripts/glsa_200406_05.nasl
   trunk/openvas-plugins/scripts/glsa_200406_06.nasl
   trunk/openvas-plugins/scripts/glsa_200406_07.nasl
   trunk/openvas-plugins/scripts/glsa_200406_08.nasl
   trunk/openvas-plugins/scripts/glsa_200406_09.nasl
   trunk/openvas-plugins/scripts/glsa_200406_10.nasl
   trunk/openvas-plugins/scripts/glsa_200406_11.nasl
   trunk/openvas-plugins/scripts/glsa_200406_12.nasl
   trunk/openvas-plugins/scripts/glsa_200406_13.nasl
   trunk/openvas-plugins/scripts/glsa_200406_14.nasl
   trunk/openvas-plugins/scripts/glsa_200406_15.nasl
   trunk/openvas-plugins/scripts/glsa_200406_16.nasl
   trunk/openvas-plugins/scripts/glsa_200406_17.nasl
   trunk/openvas-plugins/scripts/glsa_200406_18.nasl
   trunk/openvas-plugins/scripts/glsa_200406_19.nasl
   trunk/openvas-plugins/scripts/glsa_200406_20.nasl
   trunk/openvas-plugins/scripts/glsa_200406_21.nasl
   trunk/openvas-plugins/scripts/glsa_200406_22.nasl
   trunk/openvas-plugins/scripts/glsa_200407_01.nasl
   trunk/openvas-plugins/scripts/glsa_200407_02.nasl
   trunk/openvas-plugins/scripts/glsa_200407_03.nasl
   trunk/openvas-plugins/scripts/glsa_200407_04.nasl
   trunk/openvas-plugins/scripts/glsa_200407_05.nasl
   trunk/openvas-plugins/scripts/glsa_200407_06.nasl
   trunk/openvas-plugins/scripts/glsa_200407_07.nasl
   trunk/openvas-plugins/scripts/glsa_200407_08.nasl
   trunk/openvas-plugins/scripts/glsa_200407_09.nasl
   trunk/openvas-plugins/scripts/glsa_200407_10.nasl
   trunk/openvas-plugins/scripts/glsa_200407_11.nasl
   trunk/openvas-plugins/scripts/glsa_200407_12.nasl
   trunk/openvas-plugins/scripts/glsa_200407_13.nasl
   trunk/openvas-plugins/scripts/glsa_200407_14.nasl
   trunk/openvas-plugins/scripts/glsa_200407_15.nasl
   trunk/openvas-plugins/scripts/glsa_200407_16.nasl
   trunk/openvas-plugins/scripts/glsa_200407_17.nasl
   trunk/openvas-plugins/scripts/glsa_200407_18.nasl
   trunk/openvas-plugins/scripts/glsa_200407_19.nasl
   trunk/openvas-plugins/scripts/glsa_200407_20.nasl
   trunk/openvas-plugins/scripts/glsa_200407_21.nasl
   trunk/openvas-plugins/scripts/glsa_200407_22.nasl
   trunk/openvas-plugins/scripts/glsa_200407_23.nasl
   trunk/openvas-plugins/scripts/glsa_200408_01.nasl
   trunk/openvas-plugins/scripts/glsa_200408_02.nasl
   trunk/openvas-plugins/scripts/glsa_200408_03.nasl
   trunk/openvas-plugins/scripts/glsa_200408_04.nasl
   trunk/openvas-plugins/scripts/glsa_200408_05.nasl
   trunk/openvas-plugins/scripts/glsa_200408_06.nasl
   trunk/openvas-plugins/scripts/glsa_200408_07.nasl
   trunk/openvas-plugins/scripts/glsa_200408_08.nasl
   trunk/openvas-plugins/scripts/glsa_200408_09.nasl
   trunk/openvas-plugins/scripts/glsa_200408_10.nasl
   trunk/openvas-plugins/scripts/glsa_200408_11.nasl
   trunk/openvas-plugins/scripts/glsa_200408_12.nasl
   trunk/openvas-plugins/scripts/glsa_200408_13.nasl
   trunk/openvas-plugins/scripts/glsa_200408_14.nasl
   trunk/openvas-plugins/scripts/glsa_200408_15.nasl
   trunk/openvas-plugins/scripts/glsa_200408_16.nasl
   trunk/openvas-plugins/scripts/glsa_200408_17.nasl
   trunk/openvas-plugins/scripts/glsa_200408_18.nasl
   trunk/openvas-plugins/scripts/glsa_200408_19.nasl
   trunk/openvas-plugins/scripts/glsa_200408_20.nasl
   trunk/openvas-plugins/scripts/glsa_200408_21.nasl
   trunk/openvas-plugins/scripts/glsa_200408_22.nasl
   trunk/openvas-plugins/scripts/glsa_200408_23.nasl
   trunk/openvas-plugins/scripts/glsa_200408_24.nasl
   trunk/openvas-plugins/scripts/glsa_200408_25.nasl
   trunk/openvas-plugins/scripts/glsa_200408_26.nasl
   trunk/openvas-plugins/scripts/glsa_200408_27.nasl
   trunk/openvas-plugins/scripts/glsa_200409_01.nasl
   trunk/openvas-plugins/scripts/glsa_200409_02.nasl
   trunk/openvas-plugins/scripts/glsa_200409_03.nasl
   trunk/openvas-plugins/scripts/glsa_200409_04.nasl
   trunk/openvas-plugins/scripts/glsa_200409_05.nasl
   trunk/openvas-plugins/scripts/glsa_200409_06.nasl
   trunk/openvas-plugins/scripts/glsa_200409_07.nasl
   trunk/openvas-plugins/scripts/glsa_200409_08.nasl
   trunk/openvas-plugins/scripts/glsa_200409_09.nasl
   trunk/openvas-plugins/scripts/glsa_200409_10.nasl
   trunk/openvas-plugins/scripts/glsa_200409_11.nasl
   trunk/openvas-plugins/scripts/glsa_200409_12.nasl
   trunk/openvas-plugins/scripts/glsa_200409_13.nasl
   trunk/openvas-plugins/scripts/glsa_200409_15.nasl
   trunk/openvas-plugins/scripts/glsa_200409_16.nasl
   trunk/openvas-plugins/scripts/glsa_200409_17.nasl
   trunk/openvas-plugins/scripts/glsa_200409_18.nasl
   trunk/openvas-plugins/scripts/glsa_200409_19.nasl
   trunk/openvas-plugins/scripts/glsa_200409_20.nasl
   trunk/openvas-plugins/scripts/glsa_200409_21.nasl
   trunk/openvas-plugins/scripts/glsa_200409_22.nasl
   trunk/openvas-plugins/scripts/glsa_200409_23.nasl
   trunk/openvas-plugins/scripts/glsa_200409_24.nasl
   trunk/openvas-plugins/scripts/glsa_200409_25.nasl
   trunk/openvas-plugins/scripts/glsa_200409_26.nasl
   trunk/openvas-plugins/scripts/glsa_200409_27.nasl
   trunk/openvas-plugins/scripts/glsa_200409_28.nasl
   trunk/openvas-plugins/scripts/glsa_200409_29.nasl
   trunk/openvas-plugins/scripts/glsa_200409_30.nasl
   trunk/openvas-plugins/scripts/glsa_200409_31.nasl
   trunk/openvas-plugins/scripts/glsa_200409_32.nasl
   trunk/openvas-plugins/scripts/glsa_200409_33.nasl
   trunk/openvas-plugins/scripts/glsa_200409_34.nasl
   trunk/openvas-plugins/scripts/glsa_200409_35.nasl
   trunk/openvas-plugins/scripts/glsa_200410_01.nasl
   trunk/openvas-plugins/scripts/glsa_200410_02.nasl
   trunk/openvas-plugins/scripts/glsa_200410_03.nasl
   trunk/openvas-plugins/scripts/glsa_200410_04.nasl
   trunk/openvas-plugins/scripts/glsa_200410_05.nasl
   trunk/openvas-plugins/scripts/glsa_200410_06.nasl
   trunk/openvas-plugins/scripts/glsa_200410_07.nasl
   trunk/openvas-plugins/scripts/glsa_200410_08.nasl
   trunk/openvas-plugins/scripts/glsa_200410_09.nasl
   trunk/openvas-plugins/scripts/glsa_200410_10.nasl
   trunk/openvas-plugins/scripts/glsa_200410_11.nasl
   trunk/openvas-plugins/scripts/glsa_200410_12.nasl
   trunk/openvas-plugins/scripts/glsa_200410_13.nasl
   trunk/openvas-plugins/scripts/glsa_200410_14.nasl
   trunk/openvas-plugins/scripts/glsa_200410_15.nasl
   trunk/openvas-plugins/scripts/glsa_200410_16.nasl
   trunk/openvas-plugins/scripts/glsa_200410_17.nasl
   trunk/openvas-plugins/scripts/glsa_200410_18.nasl
   trunk/openvas-plugins/scripts/glsa_200410_19.nasl
   trunk/openvas-plugins/scripts/glsa_200410_20.nasl
   trunk/openvas-plugins/scripts/glsa_200410_21.nasl
   trunk/openvas-plugins/scripts/glsa_200410_22.nasl
   trunk/openvas-plugins/scripts/glsa_200410_23.nasl
   trunk/openvas-plugins/scripts/glsa_200410_24.nasl
   trunk/openvas-plugins/scripts/glsa_200410_25.nasl
   trunk/openvas-plugins/scripts/glsa_200410_26.nasl
   trunk/openvas-plugins/scripts/glsa_200410_27.nasl
   trunk/openvas-plugins/scripts/glsa_200410_28.nasl
   trunk/openvas-plugins/scripts/glsa_200410_29.nasl
   trunk/openvas-plugins/scripts/glsa_200410_30.nasl
   trunk/openvas-plugins/scripts/glsa_200410_31.nasl
   trunk/openvas-plugins/scripts/glsa_200411_02.nasl
   trunk/openvas-plugins/scripts/glsa_200411_03.nasl
   trunk/openvas-plugins/scripts/glsa_200411_04.nasl
   trunk/openvas-plugins/scripts/glsa_200411_05.nasl
   trunk/openvas-plugins/scripts/glsa_200411_06.nasl
   trunk/openvas-plugins/scripts/glsa_200411_07.nasl
   trunk/openvas-plugins/scripts/glsa_200411_08.nasl
   trunk/openvas-plugins/scripts/glsa_200411_09.nasl
   trunk/openvas-plugins/scripts/glsa_200411_10.nasl
   trunk/openvas-plugins/scripts/glsa_200411_11.nasl
   trunk/openvas-plugins/scripts/glsa_200411_12.nasl
   trunk/openvas-plugins/scripts/glsa_200411_13.nasl
   trunk/openvas-plugins/scripts/glsa_200411_14.nasl
   trunk/openvas-plugins/scripts/glsa_200411_15.nasl
   trunk/openvas-plugins/scripts/glsa_200411_16.nasl
   trunk/openvas-plugins/scripts/glsa_200411_17.nasl
   trunk/openvas-plugins/scripts/glsa_200411_18.nasl
   trunk/openvas-plugins/scripts/glsa_200411_19.nasl
   trunk/openvas-plugins/scripts/glsa_200411_20.nasl
   trunk/openvas-plugins/scripts/glsa_200411_21.nasl
   trunk/openvas-plugins/scripts/glsa_200411_22.nasl
   trunk/openvas-plugins/scripts/glsa_200411_23.nasl
   trunk/openvas-plugins/scripts/glsa_200411_24.nasl
   trunk/openvas-plugins/scripts/glsa_200411_25.nasl
   trunk/openvas-plugins/scripts/glsa_200411_26.nasl
   trunk/openvas-plugins/scripts/glsa_200411_27.nasl
   trunk/openvas-plugins/scripts/glsa_200411_28.nasl
   trunk/openvas-plugins/scripts/glsa_200411_29.nasl
   trunk/openvas-plugins/scripts/glsa_200411_30.nasl
   trunk/openvas-plugins/scripts/glsa_200411_31.nasl
   trunk/openvas-plugins/scripts/glsa_200411_32.nasl
   trunk/openvas-plugins/scripts/glsa_200411_33.nasl
   trunk/openvas-plugins/scripts/glsa_200411_34.nasl
   trunk/openvas-plugins/scripts/glsa_200411_35.nasl
   trunk/openvas-plugins/scripts/glsa_200411_36.nasl
   trunk/openvas-plugins/scripts/glsa_200411_37.nasl
   trunk/openvas-plugins/scripts/glsa_200411_38.nasl
   trunk/openvas-plugins/scripts/glsa_200412_01.nasl
   trunk/openvas-plugins/scripts/glsa_200412_02.nasl
   trunk/openvas-plugins/scripts/glsa_200412_03.nasl
   trunk/openvas-plugins/scripts/glsa_200412_04.nasl
   trunk/openvas-plugins/scripts/glsa_200412_05.nasl
   trunk/openvas-plugins/scripts/glsa_200412_06.nasl
   trunk/openvas-plugins/scripts/glsa_200412_07.nasl
   trunk/openvas-plugins/scripts/glsa_200412_08.nasl
   trunk/openvas-plugins/scripts/glsa_200412_09.nasl
   trunk/openvas-plugins/scripts/glsa_200412_10.nasl
   trunk/openvas-plugins/scripts/glsa_200412_11.nasl
   trunk/openvas-plugins/scripts/glsa_200412_12.nasl
   trunk/openvas-plugins/scripts/glsa_200412_13.nasl
   trunk/openvas-plugins/scripts/glsa_200412_14.nasl
   trunk/openvas-plugins/scripts/glsa_200412_15.nasl
   trunk/openvas-plugins/scripts/glsa_200412_16.nasl
   trunk/openvas-plugins/scripts/glsa_200412_17.nasl
   trunk/openvas-plugins/scripts/glsa_200412_18.nasl
   trunk/openvas-plugins/scripts/glsa_200412_19.nasl
   trunk/openvas-plugins/scripts/glsa_200412_20.nasl
   trunk/openvas-plugins/scripts/glsa_200412_21.nasl
   trunk/openvas-plugins/scripts/glsa_200412_22.nasl
   trunk/openvas-plugins/scripts/glsa_200412_23.nasl
   trunk/openvas-plugins/scripts/glsa_200412_24.nasl
   trunk/openvas-plugins/scripts/glsa_200412_25.nasl
   trunk/openvas-plugins/scripts/glsa_200412_26.nasl
   trunk/openvas-plugins/scripts/glsa_200412_27.nasl
   trunk/openvas-plugins/scripts/glsa_200501_01.nasl
   trunk/openvas-plugins/scripts/glsa_200501_02.nasl
   trunk/openvas-plugins/scripts/glsa_200501_03.nasl
   trunk/openvas-plugins/scripts/glsa_200501_04.nasl
   trunk/openvas-plugins/scripts/glsa_200501_05.nasl
   trunk/openvas-plugins/scripts/glsa_200501_06.nasl
   trunk/openvas-plugins/scripts/glsa_200501_07.nasl
   trunk/openvas-plugins/scripts/glsa_200501_08.nasl
   trunk/openvas-plugins/scripts/glsa_200501_09.nasl
   trunk/openvas-plugins/scripts/glsa_200501_10.nasl
   trunk/openvas-plugins/scripts/glsa_200501_11.nasl
   trunk/openvas-plugins/scripts/glsa_200501_12.nasl
   trunk/openvas-plugins/scripts/glsa_200501_13.nasl
   trunk/openvas-plugins/scripts/glsa_200501_14.nasl
   trunk/openvas-plugins/scripts/glsa_200501_15.nasl
   trunk/openvas-plugins/scripts/glsa_200501_16.nasl
   trunk/openvas-plugins/scripts/glsa_200501_17.nasl
   trunk/openvas-plugins/scripts/glsa_200501_18.nasl
   trunk/openvas-plugins/scripts/glsa_200501_19.nasl
   trunk/openvas-plugins/scripts/glsa_200501_20.nasl
   trunk/openvas-plugins/scripts/glsa_200501_21.nasl
   trunk/openvas-plugins/scripts/glsa_200501_22.nasl
   trunk/openvas-plugins/scripts/glsa_200501_23.nasl
   trunk/openvas-plugins/scripts/glsa_200501_24.nasl
   trunk/openvas-plugins/scripts/glsa_200501_25.nasl
   trunk/openvas-plugins/scripts/glsa_200501_26.nasl
   trunk/openvas-plugins/scripts/glsa_200501_27.nasl
   trunk/openvas-plugins/scripts/glsa_200501_28.nasl
   trunk/openvas-plugins/scripts/glsa_200501_29.nasl
   trunk/openvas-plugins/scripts/glsa_200501_30.nasl
   trunk/openvas-plugins/scripts/glsa_200501_31.nasl
   trunk/openvas-plugins/scripts/glsa_200501_32.nasl
   trunk/openvas-plugins/scripts/glsa_200501_33.nasl
   trunk/openvas-plugins/scripts/glsa_200501_34.nasl
   trunk/openvas-plugins/scripts/glsa_200501_35.nasl
   trunk/openvas-plugins/scripts/glsa_200501_36.nasl
   trunk/openvas-plugins/scripts/glsa_200501_37.nasl
   trunk/openvas-plugins/scripts/glsa_200501_38.nasl
   trunk/openvas-plugins/scripts/glsa_200501_39.nasl
   trunk/openvas-plugins/scripts/glsa_200501_40.nasl
   trunk/openvas-plugins/scripts/glsa_200501_41.nasl
   trunk/openvas-plugins/scripts/glsa_200501_42.nasl
   trunk/openvas-plugins/scripts/glsa_200501_43.nasl
   trunk/openvas-plugins/scripts/glsa_200501_44.nasl
   trunk/openvas-plugins/scripts/glsa_200501_45.nasl
   trunk/openvas-plugins/scripts/glsa_200501_46.nasl
   trunk/openvas-plugins/scripts/glsa_200502_01.nasl
   trunk/openvas-plugins/scripts/glsa_200502_02.nasl
   trunk/openvas-plugins/scripts/glsa_200502_03.nasl
   trunk/openvas-plugins/scripts/glsa_200502_04.nasl
   trunk/openvas-plugins/scripts/glsa_200502_05.nasl
   trunk/openvas-plugins/scripts/glsa_200502_06.nasl
   trunk/openvas-plugins/scripts/glsa_200502_07.nasl
   trunk/openvas-plugins/scripts/glsa_200502_08.nasl
   trunk/openvas-plugins/scripts/glsa_200502_09.nasl
   trunk/openvas-plugins/scripts/glsa_200502_10.nasl
   trunk/openvas-plugins/scripts/glsa_200502_11.nasl
   trunk/openvas-plugins/scripts/glsa_200502_12.nasl
   trunk/openvas-plugins/scripts/glsa_200502_13.nasl
   trunk/openvas-plugins/scripts/glsa_200502_14.nasl
   trunk/openvas-plugins/scripts/glsa_200502_15.nasl
   trunk/openvas-plugins/scripts/glsa_200502_16.nasl
   trunk/openvas-plugins/scripts/glsa_200502_17.nasl
   trunk/openvas-plugins/scripts/glsa_200502_18.nasl
   trunk/openvas-plugins/scripts/glsa_200502_19.nasl
   trunk/openvas-plugins/scripts/glsa_200502_20.nasl
   trunk/openvas-plugins/scripts/glsa_200502_21.nasl
   trunk/openvas-plugins/scripts/glsa_200502_22.nasl
   trunk/openvas-plugins/scripts/glsa_200502_23.nasl
   trunk/openvas-plugins/scripts/glsa_200502_24.nasl
   trunk/openvas-plugins/scripts/glsa_200502_25.nasl
   trunk/openvas-plugins/scripts/glsa_200502_26.nasl
   trunk/openvas-plugins/scripts/glsa_200502_27.nasl
   trunk/openvas-plugins/scripts/glsa_200502_28.nasl
   trunk/openvas-plugins/scripts/glsa_200502_29.nasl
   trunk/openvas-plugins/scripts/glsa_200502_30.nasl
   trunk/openvas-plugins/scripts/glsa_200502_31.nasl
   trunk/openvas-plugins/scripts/glsa_200502_32.nasl
   trunk/openvas-plugins/scripts/glsa_200502_33.nasl
   trunk/openvas-plugins/scripts/glsa_200503_01.nasl
   trunk/openvas-plugins/scripts/glsa_200503_02.nasl
   trunk/openvas-plugins/scripts/glsa_200503_03.nasl
   trunk/openvas-plugins/scripts/glsa_200503_04.nasl
   trunk/openvas-plugins/scripts/glsa_200503_05.nasl
   trunk/openvas-plugins/scripts/glsa_200503_06.nasl
   trunk/openvas-plugins/scripts/glsa_200503_07.nasl
   trunk/openvas-plugins/scripts/glsa_200503_08.nasl
   trunk/openvas-plugins/scripts/glsa_200503_09.nasl
   trunk/openvas-plugins/scripts/glsa_200503_10.nasl
   trunk/openvas-plugins/scripts/glsa_200503_11.nasl
   trunk/openvas-plugins/scripts/glsa_200503_12.nasl
   trunk/openvas-plugins/scripts/glsa_200503_13.nasl
   trunk/openvas-plugins/scripts/glsa_200503_14.nasl
   trunk/openvas-plugins/scripts/glsa_200503_15.nasl
   trunk/openvas-plugins/scripts/glsa_200503_16.nasl
   trunk/openvas-plugins/scripts/glsa_200503_17.nasl
   trunk/openvas-plugins/scripts/glsa_200503_18.nasl
   trunk/openvas-plugins/scripts/glsa_200503_19.nasl
   trunk/openvas-plugins/scripts/glsa_200503_20.nasl
   trunk/openvas-plugins/scripts/glsa_200503_21.nasl
   trunk/openvas-plugins/scripts/glsa_200503_22.nasl
   trunk/openvas-plugins/scripts/glsa_200503_23.nasl
   trunk/openvas-plugins/scripts/glsa_200503_24.nasl
   trunk/openvas-plugins/scripts/glsa_200503_25.nasl
   trunk/openvas-plugins/scripts/glsa_200503_26.nasl
   trunk/openvas-plugins/scripts/glsa_200503_27.nasl
   trunk/openvas-plugins/scripts/glsa_200503_28.nasl
   trunk/openvas-plugins/scripts/glsa_200503_29.nasl
   trunk/openvas-plugins/scripts/glsa_200503_30.nasl
   trunk/openvas-plugins/scripts/glsa_200503_31.nasl
   trunk/openvas-plugins/scripts/glsa_200503_32.nasl
   trunk/openvas-plugins/scripts/glsa_200503_33.nasl
   trunk/openvas-plugins/scripts/glsa_200503_34.nasl
   trunk/openvas-plugins/scripts/glsa_200503_35.nasl
   trunk/openvas-plugins/scripts/glsa_200503_36.nasl
   trunk/openvas-plugins/scripts/glsa_200503_37.nasl
   trunk/openvas-plugins/scripts/glsa_200504_01.nasl
   trunk/openvas-plugins/scripts/glsa_200504_02.nasl
   trunk/openvas-plugins/scripts/glsa_200504_03.nasl
   trunk/openvas-plugins/scripts/glsa_200504_04.nasl
   trunk/openvas-plugins/scripts/glsa_200504_05.nasl
   trunk/openvas-plugins/scripts/glsa_200504_06.nasl
   trunk/openvas-plugins/scripts/glsa_200504_07.nasl
   trunk/openvas-plugins/scripts/glsa_200504_08.nasl
   trunk/openvas-plugins/scripts/glsa_200504_09.nasl
   trunk/openvas-plugins/scripts/glsa_200504_10.nasl
   trunk/openvas-plugins/scripts/glsa_200504_11.nasl
   trunk/openvas-plugins/scripts/glsa_200504_12.nasl
   trunk/openvas-plugins/scripts/glsa_200504_13.nasl
   trunk/openvas-plugins/scripts/glsa_200504_14.nasl
   trunk/openvas-plugins/scripts/glsa_200504_15.nasl
   trunk/openvas-plugins/scripts/glsa_200504_16.nasl
   trunk/openvas-plugins/scripts/glsa_200504_17.nasl
   trunk/openvas-plugins/scripts/glsa_200504_18.nasl
   trunk/openvas-plugins/scripts/glsa_200504_19.nasl
   trunk/openvas-plugins/scripts/glsa_200504_20.nasl
   trunk/openvas-plugins/scripts/glsa_200504_21.nasl
   trunk/openvas-plugins/scripts/glsa_200504_22.nasl
   trunk/openvas-plugins/scripts/glsa_200504_23.nasl
   trunk/openvas-plugins/scripts/glsa_200504_24.nasl
   trunk/openvas-plugins/scripts/glsa_200504_25.nasl
   trunk/openvas-plugins/scripts/glsa_200504_26.nasl
   trunk/openvas-plugins/scripts/glsa_200504_27.nasl
   trunk/openvas-plugins/scripts/glsa_200504_28.nasl
   trunk/openvas-plugins/scripts/glsa_200504_29.nasl
   trunk/openvas-plugins/scripts/glsa_200504_30.nasl
   trunk/openvas-plugins/scripts/glsa_200505_01.nasl
   trunk/openvas-plugins/scripts/glsa_200505_02.nasl
   trunk/openvas-plugins/scripts/glsa_200505_03.nasl
   trunk/openvas-plugins/scripts/glsa_200505_04.nasl
   trunk/openvas-plugins/scripts/glsa_200505_05.nasl
   trunk/openvas-plugins/scripts/glsa_200505_06.nasl
   trunk/openvas-plugins/scripts/glsa_200505_07.nasl
   trunk/openvas-plugins/scripts/glsa_200505_08.nasl
   trunk/openvas-plugins/scripts/glsa_200505_09.nasl
   trunk/openvas-plugins/scripts/glsa_200505_10.nasl
   trunk/openvas-plugins/scripts/glsa_200505_11.nasl
   trunk/openvas-plugins/scripts/glsa_200505_12.nasl
   trunk/openvas-plugins/scripts/glsa_200505_13.nasl
   trunk/openvas-plugins/scripts/glsa_200505_14.nasl
   trunk/openvas-plugins/scripts/glsa_200505_15.nasl
   trunk/openvas-plugins/scripts/glsa_200505_16.nasl
   trunk/openvas-plugins/scripts/glsa_200505_17.nasl
   trunk/openvas-plugins/scripts/glsa_200505_18.nasl
   trunk/openvas-plugins/scripts/glsa_200505_19.nasl
   trunk/openvas-plugins/scripts/glsa_200505_20.nasl
   trunk/openvas-plugins/scripts/glsa_200506_01.nasl
   trunk/openvas-plugins/scripts/glsa_200506_02.nasl
   trunk/openvas-plugins/scripts/glsa_200506_03.nasl
   trunk/openvas-plugins/scripts/glsa_200506_04.nasl
   trunk/openvas-plugins/scripts/glsa_200506_05.nasl
   trunk/openvas-plugins/scripts/glsa_200506_06.nasl
   trunk/openvas-plugins/scripts/glsa_200506_07.nasl
   trunk/openvas-plugins/scripts/glsa_200506_08.nasl
   trunk/openvas-plugins/scripts/glsa_200506_09.nasl
   trunk/openvas-plugins/scripts/glsa_200506_10.nasl
   trunk/openvas-plugins/scripts/glsa_200506_11.nasl
   trunk/openvas-plugins/scripts/glsa_200506_12.nasl
   trunk/openvas-plugins/scripts/glsa_200506_13.nasl
   trunk/openvas-plugins/scripts/glsa_200506_14.nasl
   trunk/openvas-plugins/scripts/glsa_200506_15.nasl
   trunk/openvas-plugins/scripts/glsa_200506_16.nasl
   trunk/openvas-plugins/scripts/glsa_200506_17.nasl
   trunk/openvas-plugins/scripts/glsa_200506_18.nasl
   trunk/openvas-plugins/scripts/glsa_200506_19.nasl
   trunk/openvas-plugins/scripts/glsa_200506_20.nasl
   trunk/openvas-plugins/scripts/glsa_200506_21.nasl
   trunk/openvas-plugins/scripts/glsa_200506_22.nasl
   trunk/openvas-plugins/scripts/glsa_200506_23.nasl
   trunk/openvas-plugins/scripts/glsa_200506_24.nasl
   trunk/openvas-plugins/scripts/glsa_200507_01.nasl
   trunk/openvas-plugins/scripts/glsa_200507_02.nasl
   trunk/openvas-plugins/scripts/glsa_200507_03.nasl
   trunk/openvas-plugins/scripts/glsa_200507_04.nasl
   trunk/openvas-plugins/scripts/glsa_200507_05.nasl
   trunk/openvas-plugins/scripts/glsa_200507_06.nasl
   trunk/openvas-plugins/scripts/glsa_200507_07.nasl
   trunk/openvas-plugins/scripts/glsa_200507_08.nasl
   trunk/openvas-plugins/scripts/glsa_200507_09.nasl
   trunk/openvas-plugins/scripts/glsa_200507_10.nasl
   trunk/openvas-plugins/scripts/glsa_200507_11.nasl
   trunk/openvas-plugins/scripts/glsa_200507_12.nasl
   trunk/openvas-plugins/scripts/glsa_200507_13.nasl
   trunk/openvas-plugins/scripts/glsa_200507_14.nasl
   trunk/openvas-plugins/scripts/glsa_200507_15.nasl
   trunk/openvas-plugins/scripts/glsa_200507_16.nasl
   trunk/openvas-plugins/scripts/glsa_200507_17.nasl
   trunk/openvas-plugins/scripts/glsa_200507_18.nasl
   trunk/openvas-plugins/scripts/glsa_200507_19.nasl
   trunk/openvas-plugins/scripts/glsa_200507_20.nasl
   trunk/openvas-plugins/scripts/glsa_200507_21.nasl
   trunk/openvas-plugins/scripts/glsa_200507_22.nasl
   trunk/openvas-plugins/scripts/glsa_200507_23.nasl
   trunk/openvas-plugins/scripts/glsa_200507_24.nasl
   trunk/openvas-plugins/scripts/glsa_200507_25.nasl
   trunk/openvas-plugins/scripts/glsa_200507_26.nasl
   trunk/openvas-plugins/scripts/glsa_200507_27.nasl
   trunk/openvas-plugins/scripts/glsa_200507_28.nasl
   trunk/openvas-plugins/scripts/glsa_200507_29.nasl
   trunk/openvas-plugins/scripts/glsa_200508_01.nasl
   trunk/openvas-plugins/scripts/glsa_200508_02.nasl
   trunk/openvas-plugins/scripts/glsa_200508_03.nasl
   trunk/openvas-plugins/scripts/glsa_200508_04.nasl
   trunk/openvas-plugins/scripts/glsa_200508_05.nasl
   trunk/openvas-plugins/scripts/glsa_200508_06.nasl
   trunk/openvas-plugins/scripts/glsa_200508_07.nasl
   trunk/openvas-plugins/scripts/glsa_200508_08.nasl
   trunk/openvas-plugins/scripts/glsa_200508_09.nasl
   trunk/openvas-plugins/scripts/glsa_200508_10.nasl
   trunk/openvas-plugins/scripts/glsa_200508_11.nasl
   trunk/openvas-plugins/scripts/glsa_200508_12.nasl
   trunk/openvas-plugins/scripts/glsa_200508_13.nasl
   trunk/openvas-plugins/scripts/glsa_200508_14.nasl
   trunk/openvas-plugins/scripts/glsa_200508_15.nasl
   trunk/openvas-plugins/scripts/glsa_200508_16.nasl
   trunk/openvas-plugins/scripts/glsa_200508_17.nasl
   trunk/openvas-plugins/scripts/glsa_200508_18.nasl
   trunk/openvas-plugins/scripts/glsa_200508_19.nasl
   trunk/openvas-plugins/scripts/glsa_200508_20.nasl
   trunk/openvas-plugins/scripts/glsa_200508_21.nasl
   trunk/openvas-plugins/scripts/glsa_200508_22.nasl
   trunk/openvas-plugins/scripts/glsa_200509_01.nasl
   trunk/openvas-plugins/scripts/glsa_200509_02.nasl
   trunk/openvas-plugins/scripts/glsa_200509_03.nasl
   trunk/openvas-plugins/scripts/glsa_200509_04.nasl
   trunk/openvas-plugins/scripts/glsa_200509_05.nasl
   trunk/openvas-plugins/scripts/glsa_200509_06.nasl
   trunk/openvas-plugins/scripts/glsa_200509_07.nasl
   trunk/openvas-plugins/scripts/glsa_200509_08.nasl
   trunk/openvas-plugins/scripts/glsa_200509_09.nasl
   trunk/openvas-plugins/scripts/glsa_200509_10.nasl
   trunk/openvas-plugins/scripts/glsa_200509_11.nasl
   trunk/openvas-plugins/scripts/glsa_200509_12.nasl
   trunk/openvas-plugins/scripts/glsa_200509_13.nasl
   trunk/openvas-plugins/scripts/glsa_200509_14.nasl
   trunk/openvas-plugins/scripts/glsa_200509_15.nasl
   trunk/openvas-plugins/scripts/glsa_200509_16.nasl
   trunk/openvas-plugins/scripts/glsa_200509_17.nasl
   trunk/openvas-plugins/scripts/glsa_200509_18.nasl
   trunk/openvas-plugins/scripts/glsa_200509_19.nasl
   trunk/openvas-plugins/scripts/glsa_200509_20.nasl
   trunk/openvas-plugins/scripts/glsa_200509_21.nasl
   trunk/openvas-plugins/scripts/glsa_200510_01.nasl
   trunk/openvas-plugins/scripts/glsa_200510_02.nasl
   trunk/openvas-plugins/scripts/glsa_200510_03.nasl
   trunk/openvas-plugins/scripts/glsa_200510_04.nasl
   trunk/openvas-plugins/scripts/glsa_200510_05.nasl
   trunk/openvas-plugins/scripts/glsa_200510_06.nasl
   trunk/openvas-plugins/scripts/glsa_200510_07.nasl
   trunk/openvas-plugins/scripts/glsa_200510_08.nasl
   trunk/openvas-plugins/scripts/glsa_200510_09.nasl
   trunk/openvas-plugins/scripts/glsa_200510_10.nasl
   trunk/openvas-plugins/scripts/glsa_200510_11.nasl
   trunk/openvas-plugins/scripts/glsa_200510_12.nasl
   trunk/openvas-plugins/scripts/glsa_200510_13.nasl
   trunk/openvas-plugins/scripts/glsa_200510_14.nasl
   trunk/openvas-plugins/scripts/glsa_200510_15.nasl
   trunk/openvas-plugins/scripts/glsa_200510_16.nasl
   trunk/openvas-plugins/scripts/glsa_200510_17.nasl
   trunk/openvas-plugins/scripts/glsa_200510_18.nasl
   trunk/openvas-plugins/scripts/glsa_200510_19.nasl
   trunk/openvas-plugins/scripts/glsa_200510_20.nasl
   trunk/openvas-plugins/scripts/glsa_200510_21.nasl
   trunk/openvas-plugins/scripts/glsa_200510_22.nasl
   trunk/openvas-plugins/scripts/glsa_200510_23.nasl
   trunk/openvas-plugins/scripts/glsa_200510_24.nasl
   trunk/openvas-plugins/scripts/glsa_200510_25.nasl
   trunk/openvas-plugins/scripts/glsa_200510_26.nasl
   trunk/openvas-plugins/scripts/glsa_200511_01.nasl
   trunk/openvas-plugins/scripts/glsa_200511_02.nasl
   trunk/openvas-plugins/scripts/glsa_200511_03.nasl
   trunk/openvas-plugins/scripts/glsa_200511_04.nasl
   trunk/openvas-plugins/scripts/glsa_200511_05.nasl
   trunk/openvas-plugins/scripts/glsa_200511_06.nasl
   trunk/openvas-plugins/scripts/glsa_200511_07.nasl
   trunk/openvas-plugins/scripts/glsa_200511_08.nasl
   trunk/openvas-plugins/scripts/glsa_200511_09.nasl
   trunk/openvas-plugins/scripts/glsa_200511_10.nasl
   trunk/openvas-plugins/scripts/glsa_200511_11.nasl
   trunk/openvas-plugins/scripts/glsa_200511_12.nasl
   trunk/openvas-plugins/scripts/glsa_200511_13.nasl
   trunk/openvas-plugins/scripts/glsa_200511_14.nasl
   trunk/openvas-plugins/scripts/glsa_200511_15.nasl
   trunk/openvas-plugins/scripts/glsa_200511_16.nasl
   trunk/openvas-plugins/scripts/glsa_200511_17.nasl
   trunk/openvas-plugins/scripts/glsa_200511_18.nasl
   trunk/openvas-plugins/scripts/glsa_200511_19.nasl
   trunk/openvas-plugins/scripts/glsa_200511_20.nasl
   trunk/openvas-plugins/scripts/glsa_200511_21.nasl
   trunk/openvas-plugins/scripts/glsa_200511_22.nasl
   trunk/openvas-plugins/scripts/glsa_200511_23.nasl
   trunk/openvas-plugins/scripts/glsa_200512_01.nasl
   trunk/openvas-plugins/scripts/glsa_200512_02.nasl
   trunk/openvas-plugins/scripts/glsa_200512_03.nasl
   trunk/openvas-plugins/scripts/glsa_200512_04.nasl
   trunk/openvas-plugins/scripts/glsa_200512_05.nasl
   trunk/openvas-plugins/scripts/glsa_200512_06.nasl
   trunk/openvas-plugins/scripts/glsa_200512_07.nasl
   trunk/openvas-plugins/scripts/glsa_200512_08.nasl
   trunk/openvas-plugins/scripts/glsa_200512_09.nasl
   trunk/openvas-plugins/scripts/glsa_200512_10.nasl
   trunk/openvas-plugins/scripts/glsa_200512_11.nasl
   trunk/openvas-plugins/scripts/glsa_200512_12.nasl
   trunk/openvas-plugins/scripts/glsa_200512_13.nasl
   trunk/openvas-plugins/scripts/glsa_200512_14.nasl
   trunk/openvas-plugins/scripts/glsa_200512_15.nasl
   trunk/openvas-plugins/scripts/glsa_200512_16.nasl
   trunk/openvas-plugins/scripts/glsa_200512_17.nasl
   trunk/openvas-plugins/scripts/glsa_200512_18.nasl
   trunk/openvas-plugins/scripts/glsa_200601_01.nasl
   trunk/openvas-plugins/scripts/glsa_200601_02.nasl
   trunk/openvas-plugins/scripts/glsa_200601_03.nasl
   trunk/openvas-plugins/scripts/glsa_200601_04.nasl
   trunk/openvas-plugins/scripts/glsa_200601_05.nasl
   trunk/openvas-plugins/scripts/glsa_200601_06.nasl
   trunk/openvas-plugins/scripts/glsa_200601_07.nasl
   trunk/openvas-plugins/scripts/glsa_200601_08.nasl
   trunk/openvas-plugins/scripts/glsa_200601_09.nasl
   trunk/openvas-plugins/scripts/glsa_200601_10.nasl
   trunk/openvas-plugins/scripts/glsa_200601_11.nasl
   trunk/openvas-plugins/scripts/glsa_200601_12.nasl
   trunk/openvas-plugins/scripts/glsa_200601_13.nasl
   trunk/openvas-plugins/scripts/glsa_200601_14.nasl
   trunk/openvas-plugins/scripts/glsa_200601_15.nasl
   trunk/openvas-plugins/scripts/glsa_200601_16.nasl
   trunk/openvas-plugins/scripts/glsa_200601_17.nasl
   trunk/openvas-plugins/scripts/glsa_200602_01.nasl
   trunk/openvas-plugins/scripts/glsa_200602_02.nasl
   trunk/openvas-plugins/scripts/glsa_200602_03.nasl
   trunk/openvas-plugins/scripts/glsa_200602_04.nasl
   trunk/openvas-plugins/scripts/glsa_200602_05.nasl
   trunk/openvas-plugins/scripts/glsa_200602_06.nasl
   trunk/openvas-plugins/scripts/glsa_200602_07.nasl
   trunk/openvas-plugins/scripts/glsa_200602_08.nasl
   trunk/openvas-plugins/scripts/glsa_200602_09.nasl
   trunk/openvas-plugins/scripts/glsa_200602_10.nasl
   trunk/openvas-plugins/scripts/glsa_200602_11.nasl
   trunk/openvas-plugins/scripts/glsa_200602_12.nasl
   trunk/openvas-plugins/scripts/glsa_200602_13.nasl
   trunk/openvas-plugins/scripts/glsa_200602_14.nasl
   trunk/openvas-plugins/scripts/glsa_200603_01.nasl
   trunk/openvas-plugins/scripts/glsa_200603_02.nasl
   trunk/openvas-plugins/scripts/glsa_200603_03.nasl
   trunk/openvas-plugins/scripts/glsa_200603_04.nasl
   trunk/openvas-plugins/scripts/glsa_200603_05.nasl
   trunk/openvas-plugins/scripts/glsa_200603_06.nasl
   trunk/openvas-plugins/scripts/glsa_200603_07.nasl
   trunk/openvas-plugins/scripts/glsa_200603_08.nasl
   trunk/openvas-plugins/scripts/glsa_200603_09.nasl
   trunk/openvas-plugins/scripts/glsa_200603_10.nasl
   trunk/openvas-plugins/scripts/glsa_200603_11.nasl
   trunk/openvas-plugins/scripts/glsa_200603_12.nasl
   trunk/openvas-plugins/scripts/glsa_200603_13.nasl
   trunk/openvas-plugins/scripts/glsa_200603_14.nasl
   trunk/openvas-plugins/scripts/glsa_200603_15.nasl
   trunk/openvas-plugins/scripts/glsa_200603_16.nasl
   trunk/openvas-plugins/scripts/glsa_200603_17.nasl
   trunk/openvas-plugins/scripts/glsa_200603_18.nasl
   trunk/openvas-plugins/scripts/glsa_200603_19.nasl
   trunk/openvas-plugins/scripts/glsa_200603_20.nasl
   trunk/openvas-plugins/scripts/glsa_200603_21.nasl
   trunk/openvas-plugins/scripts/glsa_200603_22.nasl
   trunk/openvas-plugins/scripts/glsa_200603_23.nasl
   trunk/openvas-plugins/scripts/glsa_200603_24.nasl
   trunk/openvas-plugins/scripts/glsa_200603_25.nasl
   trunk/openvas-plugins/scripts/glsa_200603_26.nasl
   trunk/openvas-plugins/scripts/glsa_200604_01.nasl
   trunk/openvas-plugins/scripts/glsa_200604_02.nasl
   trunk/openvas-plugins/scripts/glsa_200604_03.nasl
   trunk/openvas-plugins/scripts/glsa_200604_04.nasl
   trunk/openvas-plugins/scripts/glsa_200604_05.nasl
   trunk/openvas-plugins/scripts/glsa_200604_06.nasl
   trunk/openvas-plugins/scripts/glsa_200604_07.nasl
   trunk/openvas-plugins/scripts/glsa_200604_08.nasl
   trunk/openvas-plugins/scripts/glsa_200604_09.nasl
   trunk/openvas-plugins/scripts/glsa_200604_10.nasl
   trunk/openvas-plugins/scripts/glsa_200604_11.nasl
   trunk/openvas-plugins/scripts/glsa_200604_12.nasl
   trunk/openvas-plugins/scripts/glsa_200604_13.nasl
   trunk/openvas-plugins/scripts/glsa_200604_14.nasl
   trunk/openvas-plugins/scripts/glsa_200604_15.nasl
   trunk/openvas-plugins/scripts/glsa_200604_16.nasl
   trunk/openvas-plugins/scripts/glsa_200604_17.nasl
   trunk/openvas-plugins/scripts/glsa_200604_18.nasl
   trunk/openvas-plugins/scripts/glsa_200605_01.nasl
   trunk/openvas-plugins/scripts/glsa_200605_02.nasl
   trunk/openvas-plugins/scripts/glsa_200605_03.nasl
   trunk/openvas-plugins/scripts/glsa_200605_04.nasl
   trunk/openvas-plugins/scripts/glsa_200605_05.nasl
   trunk/openvas-plugins/scripts/glsa_200605_06.nasl
   trunk/openvas-plugins/scripts/glsa_200605_07.nasl
   trunk/openvas-plugins/scripts/glsa_200605_08.nasl
   trunk/openvas-plugins/scripts/glsa_200605_09.nasl
   trunk/openvas-plugins/scripts/glsa_200605_10.nasl
   trunk/openvas-plugins/scripts/glsa_200605_11.nasl
   trunk/openvas-plugins/scripts/glsa_200605_12.nasl
   trunk/openvas-plugins/scripts/glsa_200605_13.nasl
   trunk/openvas-plugins/scripts/glsa_200605_14.nasl
   trunk/openvas-plugins/scripts/glsa_200605_15.nasl
   trunk/openvas-plugins/scripts/glsa_200605_16.nasl
   trunk/openvas-plugins/scripts/glsa_200605_17.nasl
   trunk/openvas-plugins/scripts/glsa_200606_01.nasl
   trunk/openvas-plugins/scripts/glsa_200606_02.nasl
   trunk/openvas-plugins/scripts/glsa_200606_03.nasl
   trunk/openvas-plugins/scripts/glsa_200606_04.nasl
   trunk/openvas-plugins/scripts/glsa_200606_05.nasl
   trunk/openvas-plugins/scripts/glsa_200606_06.nasl
   trunk/openvas-plugins/scripts/glsa_200606_07.nasl
   trunk/openvas-plugins/scripts/glsa_200606_08.nasl
   trunk/openvas-plugins/scripts/glsa_200606_09.nasl
   trunk/openvas-plugins/scripts/glsa_200606_10.nasl
   trunk/openvas-plugins/scripts/glsa_200606_11.nasl
   trunk/openvas-plugins/scripts/glsa_200606_12.nasl
   trunk/openvas-plugins/scripts/glsa_200606_13.nasl
   trunk/openvas-plugins/scripts/glsa_200606_14.nasl
   trunk/openvas-plugins/scripts/glsa_200606_15.nasl
   trunk/openvas-plugins/scripts/glsa_200606_16.nasl
   trunk/openvas-plugins/scripts/glsa_200606_17.nasl
   trunk/openvas-plugins/scripts/glsa_200606_18.nasl
   trunk/openvas-plugins/scripts/glsa_200606_19.nasl
   trunk/openvas-plugins/scripts/glsa_200606_20.nasl
   trunk/openvas-plugins/scripts/glsa_200606_21.nasl
   trunk/openvas-plugins/scripts/glsa_200606_22.nasl
   trunk/openvas-plugins/scripts/glsa_200606_23.nasl
   trunk/openvas-plugins/scripts/glsa_200606_24.nasl
   trunk/openvas-plugins/scripts/glsa_200606_25.nasl
   trunk/openvas-plugins/scripts/glsa_200606_26.nasl
   trunk/openvas-plugins/scripts/glsa_200606_27.nasl
   trunk/openvas-plugins/scripts/glsa_200606_28.nasl
   trunk/openvas-plugins/scripts/glsa_200606_29.nasl
   trunk/openvas-plugins/scripts/glsa_200606_30.nasl
   trunk/openvas-plugins/scripts/glsa_200607_01.nasl
   trunk/openvas-plugins/scripts/glsa_200607_02.nasl
   trunk/openvas-plugins/scripts/glsa_200607_03.nasl
   trunk/openvas-plugins/scripts/glsa_200607_04.nasl
   trunk/openvas-plugins/scripts/glsa_200607_05.nasl
   trunk/openvas-plugins/scripts/glsa_200607_06.nasl
   trunk/openvas-plugins/scripts/glsa_200607_07.nasl
   trunk/openvas-plugins/scripts/glsa_200607_08.nasl
   trunk/openvas-plugins/scripts/glsa_200607_09.nasl
   trunk/openvas-plugins/scripts/glsa_200607_10.nasl
   trunk/openvas-plugins/scripts/glsa_200607_11.nasl
   trunk/openvas-plugins/scripts/glsa_200607_12.nasl
   trunk/openvas-plugins/scripts/glsa_200607_13.nasl
   trunk/openvas-plugins/scripts/glsa_200608_01.nasl
   trunk/openvas-plugins/scripts/glsa_200608_02.nasl
   trunk/openvas-plugins/scripts/glsa_200608_03.nasl
   trunk/openvas-plugins/scripts/glsa_200608_04.nasl
   trunk/openvas-plugins/scripts/glsa_200608_05.nasl
   trunk/openvas-plugins/scripts/glsa_200608_06.nasl
   trunk/openvas-plugins/scripts/glsa_200608_07.nasl
   trunk/openvas-plugins/scripts/glsa_200608_08.nasl
   trunk/openvas-plugins/scripts/glsa_200608_09.nasl
   trunk/openvas-plugins/scripts/glsa_200608_10.nasl
   trunk/openvas-plugins/scripts/glsa_200608_11.nasl
   trunk/openvas-plugins/scripts/glsa_200608_12.nasl
   trunk/openvas-plugins/scripts/glsa_200608_13.nasl
   trunk/openvas-plugins/scripts/glsa_200608_14.nasl
   trunk/openvas-plugins/scripts/glsa_200608_15.nasl
   trunk/openvas-plugins/scripts/glsa_200608_16.nasl
   trunk/openvas-plugins/scripts/glsa_200608_17.nasl
   trunk/openvas-plugins/scripts/glsa_200608_18.nasl
   trunk/openvas-plugins/scripts/glsa_200608_19.nasl
   trunk/openvas-plugins/scripts/glsa_200608_20.nasl
   trunk/openvas-plugins/scripts/glsa_200608_21.nasl
   trunk/openvas-plugins/scripts/glsa_200608_22.nasl
   trunk/openvas-plugins/scripts/glsa_200608_23.nasl
   trunk/openvas-plugins/scripts/glsa_200608_24.nasl
   trunk/openvas-plugins/scripts/glsa_200608_25.nasl
   trunk/openvas-plugins/scripts/glsa_200608_26.nasl
   trunk/openvas-plugins/scripts/glsa_200608_27.nasl
   trunk/openvas-plugins/scripts/glsa_200608_28.nasl
   trunk/openvas-plugins/scripts/glsa_200609_01.nasl
   trunk/openvas-plugins/scripts/glsa_200609_02.nasl
   trunk/openvas-plugins/scripts/glsa_200609_03.nasl
   trunk/openvas-plugins/scripts/glsa_200609_04.nasl
   trunk/openvas-plugins/scripts/glsa_200609_05.nasl
   trunk/openvas-plugins/scripts/glsa_200609_06.nasl
   trunk/openvas-plugins/scripts/glsa_200609_07.nasl
   trunk/openvas-plugins/scripts/glsa_200609_08.nasl
   trunk/openvas-plugins/scripts/glsa_200609_09.nasl
   trunk/openvas-plugins/scripts/glsa_200609_10.nasl
   trunk/openvas-plugins/scripts/glsa_200609_11.nasl
   trunk/openvas-plugins/scripts/glsa_200609_12.nasl
   trunk/openvas-plugins/scripts/glsa_200609_13.nasl
   trunk/openvas-plugins/scripts/glsa_200609_14.nasl
   trunk/openvas-plugins/scripts/glsa_200609_15.nasl
   trunk/openvas-plugins/scripts/glsa_200609_16.nasl
   trunk/openvas-plugins/scripts/glsa_200609_17.nasl
   trunk/openvas-plugins/scripts/glsa_200609_18.nasl
   trunk/openvas-plugins/scripts/glsa_200609_19.nasl
   trunk/openvas-plugins/scripts/glsa_200609_20.nasl
   trunk/openvas-plugins/scripts/glsa_200610_01.nasl
   trunk/openvas-plugins/scripts/glsa_200610_02.nasl
   trunk/openvas-plugins/scripts/glsa_200610_03.nasl
   trunk/openvas-plugins/scripts/glsa_200610_04.nasl
   trunk/openvas-plugins/scripts/glsa_200610_05.nasl
   trunk/openvas-plugins/scripts/glsa_200610_06.nasl
   trunk/openvas-plugins/scripts/glsa_200610_07.nasl
   trunk/openvas-plugins/scripts/glsa_200610_08.nasl
   trunk/openvas-plugins/scripts/glsa_200610_09.nasl
   trunk/openvas-plugins/scripts/glsa_200610_10.nasl
   trunk/openvas-plugins/scripts/glsa_200610_11.nasl
   trunk/openvas-plugins/scripts/glsa_200610_12.nasl
   trunk/openvas-plugins/scripts/glsa_200610_13.nasl
   trunk/openvas-plugins/scripts/glsa_200610_14.nasl
   trunk/openvas-plugins/scripts/glsa_200610_15.nasl
   trunk/openvas-plugins/scripts/glsa_200611_01.nasl
   trunk/openvas-plugins/scripts/glsa_200611_02.nasl
   trunk/openvas-plugins/scripts/glsa_200611_03.nasl
   trunk/openvas-plugins/scripts/glsa_200611_04.nasl
   trunk/openvas-plugins/scripts/glsa_200611_05.nasl
   trunk/openvas-plugins/scripts/glsa_200611_06.nasl
   trunk/openvas-plugins/scripts/glsa_200611_07.nasl
   trunk/openvas-plugins/scripts/glsa_200611_08.nasl
   trunk/openvas-plugins/scripts/glsa_200611_09.nasl
   trunk/openvas-plugins/scripts/glsa_200611_10.nasl
   trunk/openvas-plugins/scripts/glsa_200611_11.nasl
   trunk/openvas-plugins/scripts/glsa_200611_12.nasl
   trunk/openvas-plugins/scripts/glsa_200611_13.nasl
   trunk/openvas-plugins/scripts/glsa_200611_14.nasl
   trunk/openvas-plugins/scripts/glsa_200611_15.nasl
   trunk/openvas-plugins/scripts/glsa_200611_16.nasl
   trunk/openvas-plugins/scripts/glsa_200611_17.nasl
   trunk/openvas-plugins/scripts/glsa_200611_18.nasl
   trunk/openvas-plugins/scripts/glsa_200611_19.nasl
   trunk/openvas-plugins/scripts/glsa_200611_20.nasl
   trunk/openvas-plugins/scripts/glsa_200611_21.nasl
   trunk/openvas-plugins/scripts/glsa_200611_22.nasl
   trunk/openvas-plugins/scripts/glsa_200611_23.nasl
   trunk/openvas-plugins/scripts/glsa_200611_24.nasl
   trunk/openvas-plugins/scripts/glsa_200611_25.nasl
   trunk/openvas-plugins/scripts/glsa_200611_26.nasl
   trunk/openvas-plugins/scripts/glsa_200612_01.nasl
   trunk/openvas-plugins/scripts/glsa_200612_02.nasl
   trunk/openvas-plugins/scripts/glsa_200612_03.nasl
   trunk/openvas-plugins/scripts/glsa_200612_04.nasl
   trunk/openvas-plugins/scripts/glsa_200612_05.nasl
   trunk/openvas-plugins/scripts/glsa_200612_06.nasl
   trunk/openvas-plugins/scripts/glsa_200612_07.nasl
   trunk/openvas-plugins/scripts/glsa_200612_08.nasl
   trunk/openvas-plugins/scripts/glsa_200612_09.nasl
   trunk/openvas-plugins/scripts/glsa_200612_10.nasl
   trunk/openvas-plugins/scripts/glsa_200612_11.nasl
   trunk/openvas-plugins/scripts/glsa_200612_12.nasl
   trunk/openvas-plugins/scripts/glsa_200612_13.nasl
   trunk/openvas-plugins/scripts/glsa_200612_14.nasl
   trunk/openvas-plugins/scripts/glsa_200612_15.nasl
   trunk/openvas-plugins/scripts/glsa_200612_16.nasl
   trunk/openvas-plugins/scripts/glsa_200612_17.nasl
   trunk/openvas-plugins/scripts/glsa_200612_18.nasl
   trunk/openvas-plugins/scripts/glsa_200612_19.nasl
   trunk/openvas-plugins/scripts/glsa_200612_20.nasl
   trunk/openvas-plugins/scripts/glsa_200612_21.nasl
   trunk/openvas-plugins/scripts/glsa_200701_01.nasl
   trunk/openvas-plugins/scripts/glsa_200701_02.nasl
   trunk/openvas-plugins/scripts/glsa_200701_03.nasl
   trunk/openvas-plugins/scripts/glsa_200701_04.nasl
   trunk/openvas-plugins/scripts/glsa_200701_05.nasl
   trunk/openvas-plugins/scripts/glsa_200701_06.nasl
   trunk/openvas-plugins/scripts/glsa_200701_07.nasl
   trunk/openvas-plugins/scripts/glsa_200701_08.nasl
   trunk/openvas-plugins/scripts/glsa_200701_09.nasl
   trunk/openvas-plugins/scripts/glsa_200701_10.nasl
   trunk/openvas-plugins/scripts/glsa_200701_11.nasl
   trunk/openvas-plugins/scripts/glsa_200701_12.nasl
   trunk/openvas-plugins/scripts/glsa_200701_13.nasl
   trunk/openvas-plugins/scripts/glsa_200701_14.nasl
   trunk/openvas-plugins/scripts/glsa_200701_15.nasl
   trunk/openvas-plugins/scripts/glsa_200701_16.nasl
   trunk/openvas-plugins/scripts/glsa_200701_17.nasl
   trunk/openvas-plugins/scripts/glsa_200701_18.nasl
   trunk/openvas-plugins/scripts/glsa_200701_19.nasl
   trunk/openvas-plugins/scripts/glsa_200701_20.nasl
   trunk/openvas-plugins/scripts/glsa_200701_21.nasl
   trunk/openvas-plugins/scripts/glsa_200701_22.nasl
   trunk/openvas-plugins/scripts/glsa_200701_23.nasl
   trunk/openvas-plugins/scripts/glsa_200701_24.nasl
   trunk/openvas-plugins/scripts/glsa_200701_25.nasl
   trunk/openvas-plugins/scripts/glsa_200701_26.nasl
   trunk/openvas-plugins/scripts/glsa_200701_27.nasl
   trunk/openvas-plugins/scripts/glsa_200701_28.nasl
   trunk/openvas-plugins/scripts/glsa_200702_01.nasl
   trunk/openvas-plugins/scripts/glsa_200702_02.nasl
   trunk/openvas-plugins/scripts/glsa_200702_03.nasl
   trunk/openvas-plugins/scripts/glsa_200702_04.nasl
   trunk/openvas-plugins/scripts/glsa_200702_05.nasl
   trunk/openvas-plugins/scripts/glsa_200702_06.nasl
   trunk/openvas-plugins/scripts/glsa_200702_07.nasl
   trunk/openvas-plugins/scripts/glsa_200702_08.nasl
   trunk/openvas-plugins/scripts/glsa_200702_09.nasl
   trunk/openvas-plugins/scripts/glsa_200702_10.nasl
   trunk/openvas-plugins/scripts/glsa_200702_11.nasl
   trunk/openvas-plugins/scripts/glsa_200702_12.nasl
   trunk/openvas-plugins/scripts/glsa_200703_01.nasl
   trunk/openvas-plugins/scripts/glsa_200703_02.nasl
   trunk/openvas-plugins/scripts/glsa_200703_03.nasl
   trunk/openvas-plugins/scripts/glsa_200703_04.nasl
   trunk/openvas-plugins/scripts/glsa_200703_05.nasl
   trunk/openvas-plugins/scripts/glsa_200703_06.nasl
   trunk/openvas-plugins/scripts/glsa_200703_07.nasl
   trunk/openvas-plugins/scripts/glsa_200703_08.nasl
   trunk/openvas-plugins/scripts/glsa_200703_09.nasl
   trunk/openvas-plugins/scripts/glsa_200703_10.nasl
   trunk/openvas-plugins/scripts/glsa_200703_11.nasl
   trunk/openvas-plugins/scripts/glsa_200703_12.nasl
   trunk/openvas-plugins/scripts/glsa_200703_13.nasl
   trunk/openvas-plugins/scripts/glsa_200703_14.nasl
   trunk/openvas-plugins/scripts/glsa_200703_15.nasl
   trunk/openvas-plugins/scripts/glsa_200703_16.nasl
   trunk/openvas-plugins/scripts/glsa_200703_17.nasl
   trunk/openvas-plugins/scripts/glsa_200703_18.nasl
   trunk/openvas-plugins/scripts/glsa_200703_19.nasl
   trunk/openvas-plugins/scripts/glsa_200703_20.nasl
   trunk/openvas-plugins/scripts/glsa_200703_21.nasl
   trunk/openvas-plugins/scripts/glsa_200703_22.nasl
   trunk/openvas-plugins/scripts/glsa_200703_23.nasl
   trunk/openvas-plugins/scripts/glsa_200703_24.nasl
   trunk/openvas-plugins/scripts/glsa_200703_25.nasl
   trunk/openvas-plugins/scripts/glsa_200703_26.nasl
   trunk/openvas-plugins/scripts/glsa_200703_27.nasl
   trunk/openvas-plugins/scripts/glsa_200703_28.nasl
   trunk/openvas-plugins/scripts/glsa_200704_01.nasl
   trunk/openvas-plugins/scripts/glsa_200704_02.nasl
   trunk/openvas-plugins/scripts/glsa_200704_03.nasl
   trunk/openvas-plugins/scripts/glsa_200704_04.nasl
   trunk/openvas-plugins/scripts/glsa_200704_05.nasl
   trunk/openvas-plugins/scripts/glsa_200704_06.nasl
   trunk/openvas-plugins/scripts/glsa_200704_07.nasl
   trunk/openvas-plugins/scripts/glsa_200704_08.nasl
   trunk/openvas-plugins/scripts/glsa_200704_09.nasl
   trunk/openvas-plugins/scripts/glsa_200704_10.nasl
   trunk/openvas-plugins/scripts/glsa_200704_11.nasl
   trunk/openvas-plugins/scripts/glsa_200704_12.nasl
   trunk/openvas-plugins/scripts/glsa_200704_13.nasl
   trunk/openvas-plugins/scripts/glsa_200704_14.nasl
   trunk/openvas-plugins/scripts/glsa_200704_15.nasl
   trunk/openvas-plugins/scripts/glsa_200704_16.nasl
   trunk/openvas-plugins/scripts/glsa_200704_17.nasl
   trunk/openvas-plugins/scripts/glsa_200704_18.nasl
   trunk/openvas-plugins/scripts/glsa_200704_19.nasl
   trunk/openvas-plugins/scripts/glsa_200704_20.nasl
   trunk/openvas-plugins/scripts/glsa_200704_21.nasl
   trunk/openvas-plugins/scripts/glsa_200704_22.nasl
   trunk/openvas-plugins/scripts/glsa_200704_23.nasl
   trunk/openvas-plugins/scripts/glsa_200705_01.nasl
   trunk/openvas-plugins/scripts/glsa_200705_02.nasl
   trunk/openvas-plugins/scripts/glsa_200705_03.nasl
   trunk/openvas-plugins/scripts/glsa_200705_04.nasl
   trunk/openvas-plugins/scripts/glsa_200705_05.nasl
   trunk/openvas-plugins/scripts/glsa_200705_06.nasl
   trunk/openvas-plugins/scripts/glsa_200705_07.nasl
   trunk/openvas-plugins/scripts/glsa_200705_08.nasl
   trunk/openvas-plugins/scripts/glsa_200705_09.nasl
   trunk/openvas-plugins/scripts/glsa_200705_10.nasl
   trunk/openvas-plugins/scripts/glsa_200705_11.nasl
   trunk/openvas-plugins/scripts/glsa_200705_12.nasl
   trunk/openvas-plugins/scripts/glsa_200705_13.nasl
   trunk/openvas-plugins/scripts/glsa_200705_14.nasl
   trunk/openvas-plugins/scripts/glsa_200705_15.nasl
   trunk/openvas-plugins/scripts/glsa_200705_16.nasl
   trunk/openvas-plugins/scripts/glsa_200705_17.nasl
   trunk/openvas-plugins/scripts/glsa_200705_18.nasl
   trunk/openvas-plugins/scripts/glsa_200705_19.nasl
   trunk/openvas-plugins/scripts/glsa_200705_20.nasl
   trunk/openvas-plugins/scripts/glsa_200705_21.nasl
   trunk/openvas-plugins/scripts/glsa_200705_22.nasl
   trunk/openvas-plugins/scripts/glsa_200705_23.nasl
   trunk/openvas-plugins/scripts/glsa_200705_24.nasl
   trunk/openvas-plugins/scripts/glsa_200705_25.nasl
   trunk/openvas-plugins/scripts/glsa_200706_01.nasl
   trunk/openvas-plugins/scripts/glsa_200706_02.nasl
   trunk/openvas-plugins/scripts/glsa_200706_03.nasl
   trunk/openvas-plugins/scripts/glsa_200706_04.nasl
   trunk/openvas-plugins/scripts/glsa_200706_05.nasl
   trunk/openvas-plugins/scripts/glsa_200706_06.nasl
   trunk/openvas-plugins/scripts/glsa_200706_07.nasl
   trunk/openvas-plugins/scripts/glsa_200706_08.nasl
   trunk/openvas-plugins/scripts/glsa_200706_09.nasl
   trunk/openvas-plugins/scripts/glsa_200707_01.nasl
   trunk/openvas-plugins/scripts/glsa_200707_02.nasl
   trunk/openvas-plugins/scripts/glsa_200707_03.nasl
   trunk/openvas-plugins/scripts/glsa_200707_04.nasl
   trunk/openvas-plugins/scripts/glsa_200707_05.nasl
   trunk/openvas-plugins/scripts/glsa_200707_06.nasl
   trunk/openvas-plugins/scripts/glsa_200707_07.nasl
   trunk/openvas-plugins/scripts/glsa_200707_08.nasl
   trunk/openvas-plugins/scripts/glsa_200707_09.nasl
   trunk/openvas-plugins/scripts/glsa_200707_10.nasl
   trunk/openvas-plugins/scripts/glsa_200707_11.nasl
   trunk/openvas-plugins/scripts/glsa_200707_12.nasl
   trunk/openvas-plugins/scripts/glsa_200707_13.nasl
   trunk/openvas-plugins/scripts/glsa_200707_14.nasl
   trunk/openvas-plugins/scripts/glsa_200708_01.nasl
   trunk/openvas-plugins/scripts/glsa_200708_02.nasl
   trunk/openvas-plugins/scripts/glsa_200708_03.nasl
   trunk/openvas-plugins/scripts/glsa_200708_04.nasl
   trunk/openvas-plugins/scripts/glsa_200708_05.nasl
   trunk/openvas-plugins/scripts/glsa_200708_06.nasl
   trunk/openvas-plugins/scripts/glsa_200708_07.nasl
   trunk/openvas-plugins/scripts/glsa_200708_08.nasl
   trunk/openvas-plugins/scripts/glsa_200708_09.nasl
   trunk/openvas-plugins/scripts/glsa_200708_10.nasl
   trunk/openvas-plugins/scripts/glsa_200708_11.nasl
   trunk/openvas-plugins/scripts/glsa_200708_12.nasl
   trunk/openvas-plugins/scripts/glsa_200708_13.nasl
   trunk/openvas-plugins/scripts/glsa_200708_14.nasl
   trunk/openvas-plugins/scripts/glsa_200708_15.nasl
   trunk/openvas-plugins/scripts/glsa_200708_16.nasl
   trunk/openvas-plugins/scripts/glsa_200708_17.nasl
   trunk/openvas-plugins/scripts/glsa_200709_01.nasl
   trunk/openvas-plugins/scripts/glsa_200709_02.nasl
   trunk/openvas-plugins/scripts/glsa_200709_03.nasl
   trunk/openvas-plugins/scripts/glsa_200709_04.nasl
   trunk/openvas-plugins/scripts/glsa_200709_05.nasl
   trunk/openvas-plugins/scripts/glsa_200709_06.nasl
   trunk/openvas-plugins/scripts/glsa_200709_07.nasl
   trunk/openvas-plugins/scripts/glsa_200709_08.nasl
   trunk/openvas-plugins/scripts/glsa_200709_09.nasl
   trunk/openvas-plugins/scripts/glsa_200709_10.nasl
   trunk/openvas-plugins/scripts/glsa_200709_11.nasl
   trunk/openvas-plugins/scripts/glsa_200709_12.nasl
   trunk/openvas-plugins/scripts/glsa_200709_13.nasl
   trunk/openvas-plugins/scripts/glsa_200709_14.nasl
   trunk/openvas-plugins/scripts/glsa_200709_15.nasl
   trunk/openvas-plugins/scripts/glsa_200709_16.nasl
   trunk/openvas-plugins/scripts/glsa_200709_17.nasl
   trunk/openvas-plugins/scripts/glsa_200709_18.nasl
   trunk/openvas-plugins/scripts/glsa_200710_01.nasl
   trunk/openvas-plugins/scripts/glsa_200710_02.nasl
   trunk/openvas-plugins/scripts/glsa_200710_03.nasl
   trunk/openvas-plugins/scripts/glsa_200710_04.nasl
   trunk/openvas-plugins/scripts/glsa_200710_05.nasl
   trunk/openvas-plugins/scripts/glsa_200710_06.nasl
   trunk/openvas-plugins/scripts/glsa_200710_07.nasl
   trunk/openvas-plugins/scripts/glsa_200710_08.nasl
   trunk/openvas-plugins/scripts/glsa_200710_09.nasl
   trunk/openvas-plugins/scripts/glsa_200710_10.nasl
   trunk/openvas-plugins/scripts/glsa_200710_11.nasl
   trunk/openvas-plugins/scripts/glsa_200710_12.nasl
   trunk/openvas-plugins/scripts/glsa_200710_13.nasl
   trunk/openvas-plugins/scripts/glsa_200710_14.nasl
   trunk/openvas-plugins/scripts/glsa_200710_15.nasl
   trunk/openvas-plugins/scripts/glsa_200710_16.nasl
   trunk/openvas-plugins/scripts/glsa_200710_17.nasl
   trunk/openvas-plugins/scripts/glsa_200710_18.nasl
   trunk/openvas-plugins/scripts/glsa_200710_19.nasl
   trunk/openvas-plugins/scripts/glsa_200710_20.nasl
   trunk/openvas-plugins/scripts/glsa_200710_21.nasl
   trunk/openvas-plugins/scripts/glsa_200710_22.nasl
   trunk/openvas-plugins/scripts/glsa_200710_23.nasl
   trunk/openvas-plugins/scripts/glsa_200710_24.nasl
   trunk/openvas-plugins/scripts/glsa_200710_25.nasl
   trunk/openvas-plugins/scripts/glsa_200710_26.nasl
   trunk/openvas-plugins/scripts/glsa_200710_27.nasl
   trunk/openvas-plugins/scripts/glsa_200710_28.nasl
   trunk/openvas-plugins/scripts/glsa_200710_29.nasl
   trunk/openvas-plugins/scripts/glsa_200710_30.nasl
   trunk/openvas-plugins/scripts/glsa_200710_31.nasl
   trunk/openvas-plugins/scripts/glsa_200711_01.nasl
   trunk/openvas-plugins/scripts/glsa_200711_02.nasl
   trunk/openvas-plugins/scripts/glsa_200711_03.nasl
   trunk/openvas-plugins/scripts/glsa_200711_04.nasl
   trunk/openvas-plugins/scripts/glsa_200711_05.nasl
   trunk/openvas-plugins/scripts/glsa_200711_06.nasl
   trunk/openvas-plugins/scripts/glsa_200711_07.nasl
   trunk/openvas-plugins/scripts/glsa_200711_08.nasl
   trunk/openvas-plugins/scripts/glsa_200711_09.nasl
   trunk/openvas-plugins/scripts/glsa_200711_10.nasl
   trunk/openvas-plugins/scripts/glsa_200711_11.nasl
   trunk/openvas-plugins/scripts/glsa_200711_12.nasl
   trunk/openvas-plugins/scripts/glsa_200711_13.nasl
   trunk/openvas-plugins/scripts/glsa_200711_14.nasl
   trunk/openvas-plugins/scripts/glsa_200711_15.nasl
   trunk/openvas-plugins/scripts/glsa_200711_16.nasl
   trunk/openvas-plugins/scripts/glsa_200711_17.nasl
   trunk/openvas-plugins/scripts/glsa_200711_18.nasl
   trunk/openvas-plugins/scripts/glsa_200711_19.nasl
   trunk/openvas-plugins/scripts/glsa_200711_20.nasl
   trunk/openvas-plugins/scripts/glsa_200711_21.nasl
   trunk/openvas-plugins/scripts/glsa_200711_22.nasl
   trunk/openvas-plugins/scripts/glsa_200711_23.nasl
   trunk/openvas-plugins/scripts/glsa_200711_24.nasl
   trunk/openvas-plugins/scripts/glsa_200711_25.nasl
   trunk/openvas-plugins/scripts/glsa_200711_26.nasl
   trunk/openvas-plugins/scripts/glsa_200711_27.nasl
   trunk/openvas-plugins/scripts/glsa_200711_28.nasl
   trunk/openvas-plugins/scripts/glsa_200711_29.nasl
   trunk/openvas-plugins/scripts/glsa_200711_30.nasl
   trunk/openvas-plugins/scripts/glsa_200711_31.nasl
   trunk/openvas-plugins/scripts/glsa_200711_32.nasl
   trunk/openvas-plugins/scripts/glsa_200711_33.nasl
   trunk/openvas-plugins/scripts/glsa_200711_34.nasl
   trunk/openvas-plugins/scripts/glsa_200712_01.nasl
   trunk/openvas-plugins/scripts/glsa_200712_02.nasl
   trunk/openvas-plugins/scripts/glsa_200712_03.nasl
   trunk/openvas-plugins/scripts/glsa_200712_04.nasl
   trunk/openvas-plugins/scripts/glsa_200712_05.nasl
   trunk/openvas-plugins/scripts/glsa_200712_06.nasl
   trunk/openvas-plugins/scripts/glsa_200712_07.nasl
   trunk/openvas-plugins/scripts/glsa_200712_08.nasl
   trunk/openvas-plugins/scripts/glsa_200712_09.nasl
   trunk/openvas-plugins/scripts/glsa_200712_10.nasl
   trunk/openvas-plugins/scripts/glsa_200712_11.nasl
   trunk/openvas-plugins/scripts/glsa_200712_12.nasl
   trunk/openvas-plugins/scripts/glsa_200712_13.nasl
   trunk/openvas-plugins/scripts/glsa_200712_14.nasl
   trunk/openvas-plugins/scripts/glsa_200712_15.nasl
   trunk/openvas-plugins/scripts/glsa_200712_16.nasl
   trunk/openvas-plugins/scripts/glsa_200712_17.nasl
   trunk/openvas-plugins/scripts/glsa_200712_18.nasl
   trunk/openvas-plugins/scripts/glsa_200712_19.nasl
   trunk/openvas-plugins/scripts/glsa_200712_20.nasl
   trunk/openvas-plugins/scripts/glsa_200712_21.nasl
   trunk/openvas-plugins/scripts/glsa_200712_22.nasl
   trunk/openvas-plugins/scripts/glsa_200712_23.nasl
   trunk/openvas-plugins/scripts/glsa_200712_24.nasl
   trunk/openvas-plugins/scripts/glsa_200712_25.nasl
   trunk/openvas-plugins/scripts/glsa_200801_01.nasl
   trunk/openvas-plugins/scripts/glsa_200801_02.nasl
   trunk/openvas-plugins/scripts/glsa_200801_03.nasl
   trunk/openvas-plugins/scripts/glsa_200801_04.nasl
   trunk/openvas-plugins/scripts/glsa_200801_05.nasl
   trunk/openvas-plugins/scripts/glsa_200801_06.nasl
   trunk/openvas-plugins/scripts/glsa_200801_07.nasl
   trunk/openvas-plugins/scripts/glsa_200801_08.nasl
   trunk/openvas-plugins/scripts/glsa_200801_09.nasl
   trunk/openvas-plugins/scripts/glsa_200801_10.nasl
   trunk/openvas-plugins/scripts/glsa_200801_11.nasl
   trunk/openvas-plugins/scripts/glsa_200801_12.nasl
   trunk/openvas-plugins/scripts/glsa_200801_13.nasl
   trunk/openvas-plugins/scripts/glsa_200801_14.nasl
   trunk/openvas-plugins/scripts/glsa_200801_15.nasl
   trunk/openvas-plugins/scripts/glsa_200801_16.nasl
   trunk/openvas-plugins/scripts/glsa_200801_17.nasl
   trunk/openvas-plugins/scripts/glsa_200801_18.nasl
   trunk/openvas-plugins/scripts/glsa_200801_19.nasl
   trunk/openvas-plugins/scripts/glsa_200801_20.nasl
   trunk/openvas-plugins/scripts/glsa_200801_21.nasl
   trunk/openvas-plugins/scripts/glsa_200801_22.nasl
   trunk/openvas-plugins/scripts/glsa_200802_01.nasl
   trunk/openvas-plugins/scripts/glsa_200802_02.nasl
   trunk/openvas-plugins/scripts/glsa_200802_03.nasl
   trunk/openvas-plugins/scripts/glsa_200802_04.nasl
   trunk/openvas-plugins/scripts/glsa_200802_05.nasl
   trunk/openvas-plugins/scripts/glsa_200802_06.nasl
   trunk/openvas-plugins/scripts/glsa_200802_07.nasl
   trunk/openvas-plugins/scripts/glsa_200802_08.nasl
   trunk/openvas-plugins/scripts/glsa_200802_09.nasl
   trunk/openvas-plugins/scripts/glsa_200802_10.nasl
   trunk/openvas-plugins/scripts/glsa_200802_11.nasl
   trunk/openvas-plugins/scripts/glsa_200802_12.nasl
   trunk/openvas-plugins/scripts/glsa_200803_01.nasl
   trunk/openvas-plugins/scripts/glsa_200803_02.nasl
   trunk/openvas-plugins/scripts/glsa_200803_03.nasl
   trunk/openvas-plugins/scripts/glsa_200803_04.nasl
   trunk/openvas-plugins/scripts/glsa_200803_05.nasl
   trunk/openvas-plugins/scripts/glsa_200803_06.nasl
   trunk/openvas-plugins/scripts/glsa_200803_07.nasl
   trunk/openvas-plugins/scripts/glsa_200803_08.nasl
   trunk/openvas-plugins/scripts/glsa_200803_09.nasl
   trunk/openvas-plugins/scripts/glsa_200803_10.nasl
   trunk/openvas-plugins/scripts/glsa_200803_11.nasl
   trunk/openvas-plugins/scripts/glsa_200803_12.nasl
   trunk/openvas-plugins/scripts/glsa_200803_13.nasl
   trunk/openvas-plugins/scripts/glsa_200803_14.nasl
   trunk/openvas-plugins/scripts/glsa_200803_15.nasl
   trunk/openvas-plugins/scripts/glsa_200803_16.nasl
   trunk/openvas-plugins/scripts/glsa_200803_17.nasl
   trunk/openvas-plugins/scripts/glsa_200803_18.nasl
   trunk/openvas-plugins/scripts/glsa_200803_19.nasl
   trunk/openvas-plugins/scripts/glsa_200803_20.nasl
   trunk/openvas-plugins/scripts/glsa_200803_21.nasl
   trunk/openvas-plugins/scripts/glsa_200803_22.nasl
   trunk/openvas-plugins/scripts/glsa_200803_23.nasl
   trunk/openvas-plugins/scripts/glsa_200803_24.nasl
   trunk/openvas-plugins/scripts/glsa_200803_25.nasl
   trunk/openvas-plugins/scripts/glsa_200803_26.nasl
   trunk/openvas-plugins/scripts/glsa_200803_27.nasl
   trunk/openvas-plugins/scripts/glsa_200803_28.nasl
   trunk/openvas-plugins/scripts/glsa_200803_29.nasl
   trunk/openvas-plugins/scripts/glsa_200803_30.nasl
   trunk/openvas-plugins/scripts/glsa_200803_31.nasl
   trunk/openvas-plugins/scripts/glsa_200803_32.nasl
   trunk/openvas-plugins/scripts/glsa_200804_01.nasl
   trunk/openvas-plugins/scripts/glsa_200804_02.nasl
   trunk/openvas-plugins/scripts/glsa_200804_03.nasl
   trunk/openvas-plugins/scripts/glsa_200804_04.nasl
   trunk/openvas-plugins/scripts/glsa_200804_05.nasl
   trunk/openvas-plugins/scripts/glsa_200804_06.nasl
   trunk/openvas-plugins/scripts/glsa_200804_07.nasl
   trunk/openvas-plugins/scripts/glsa_200804_08.nasl
   trunk/openvas-plugins/scripts/glsa_200804_09.nasl
   trunk/openvas-plugins/scripts/glsa_200804_10.nasl
   trunk/openvas-plugins/scripts/glsa_200804_11.nasl
   trunk/openvas-plugins/scripts/glsa_200804_12.nasl
   trunk/openvas-plugins/scripts/glsa_200804_13.nasl
   trunk/openvas-plugins/scripts/glsa_200804_14.nasl
   trunk/openvas-plugins/scripts/glsa_200804_15.nasl
   trunk/openvas-plugins/scripts/glsa_200804_16.nasl
   trunk/openvas-plugins/scripts/glsa_200804_17.nasl
   trunk/openvas-plugins/scripts/glsa_200804_18.nasl
   trunk/openvas-plugins/scripts/glsa_200804_19.nasl
   trunk/openvas-plugins/scripts/glsa_200804_20.nasl
   trunk/openvas-plugins/scripts/glsa_200804_21.nasl
   trunk/openvas-plugins/scripts/glsa_200804_22.nasl
   trunk/openvas-plugins/scripts/glsa_200804_23.nasl
   trunk/openvas-plugins/scripts/glsa_200804_24.nasl
   trunk/openvas-plugins/scripts/glsa_200804_25.nasl
   trunk/openvas-plugins/scripts/glsa_200804_26.nasl
   trunk/openvas-plugins/scripts/glsa_200804_27.nasl
   trunk/openvas-plugins/scripts/glsa_200804_28.nasl
   trunk/openvas-plugins/scripts/glsa_200804_29.nasl
   trunk/openvas-plugins/scripts/glsa_200804_30.nasl
   trunk/openvas-plugins/scripts/glsa_200805_01.nasl
   trunk/openvas-plugins/scripts/glsa_200805_02.nasl
   trunk/openvas-plugins/scripts/glsa_200805_03.nasl
   trunk/openvas-plugins/scripts/glsa_200805_04.nasl
   trunk/openvas-plugins/scripts/glsa_200805_05.nasl
   trunk/openvas-plugins/scripts/glsa_200805_06.nasl
   trunk/openvas-plugins/scripts/glsa_200805_07.nasl
   trunk/openvas-plugins/scripts/glsa_200805_08.nasl
   trunk/openvas-plugins/scripts/glsa_200805_09.nasl
   trunk/openvas-plugins/scripts/glsa_200805_10.nasl
   trunk/openvas-plugins/scripts/glsa_200805_11.nasl
   trunk/openvas-plugins/scripts/glsa_200805_12.nasl
   trunk/openvas-plugins/scripts/glsa_200805_13.nasl
   trunk/openvas-plugins/scripts/glsa_200805_14.nasl
   trunk/openvas-plugins/scripts/glsa_200805_15.nasl
   trunk/openvas-plugins/scripts/glsa_200805_16.nasl
   trunk/openvas-plugins/scripts/glsa_200805_17.nasl
   trunk/openvas-plugins/scripts/glsa_200805_18.nasl
   trunk/openvas-plugins/scripts/glsa_200805_19.nasl
   trunk/openvas-plugins/scripts/glsa_200805_20.nasl
   trunk/openvas-plugins/scripts/glsa_200805_21.nasl
   trunk/openvas-plugins/scripts/glsa_200805_22.nasl
   trunk/openvas-plugins/scripts/glsa_200805_23.nasl
   trunk/openvas-plugins/scripts/glsa_200806_01.nasl
   trunk/openvas-plugins/scripts/glsa_200806_02.nasl
   trunk/openvas-plugins/scripts/glsa_200806_03.nasl
   trunk/openvas-plugins/scripts/glsa_200806_04.nasl
   trunk/openvas-plugins/scripts/glsa_200806_05.nasl
   trunk/openvas-plugins/scripts/glsa_200806_06.nasl
   trunk/openvas-plugins/scripts/glsa_200806_07.nasl
   trunk/openvas-plugins/scripts/glsa_200806_08.nasl
   trunk/openvas-plugins/scripts/glsa_200806_09.nasl
   trunk/openvas-plugins/scripts/glsa_200806_10.nasl
   trunk/openvas-plugins/scripts/glsa_200806_11.nasl
   trunk/openvas-plugins/scripts/glsa_200807_01.nasl
   trunk/openvas-plugins/scripts/glsa_200807_02.nasl
   trunk/openvas-plugins/scripts/glsa_200807_03.nasl
   trunk/openvas-plugins/scripts/glsa_200807_04.nasl
   trunk/openvas-plugins/scripts/glsa_200807_05.nasl
   trunk/openvas-plugins/scripts/glsa_200807_06.nasl
   trunk/openvas-plugins/scripts/glsa_200807_07.nasl
   trunk/openvas-plugins/scripts/glsa_200807_08.nasl
   trunk/openvas-plugins/scripts/glsa_200807_09.nasl
   trunk/openvas-plugins/scripts/glsa_200807_10.nasl
   trunk/openvas-plugins/scripts/glsa_200807_11.nasl
   trunk/openvas-plugins/scripts/glsa_200807_12.nasl
   trunk/openvas-plugins/scripts/glsa_200807_13.nasl
   trunk/openvas-plugins/scripts/glsa_200807_14.nasl
   trunk/openvas-plugins/scripts/glsa_200807_15.nasl
   trunk/openvas-plugins/scripts/glsa_200807_16.nasl
   trunk/openvas-plugins/scripts/glsa_200808_01.nasl
   trunk/openvas-plugins/scripts/glsa_200808_02.nasl
   trunk/openvas-plugins/scripts/glsa_200808_03.nasl
   trunk/openvas-plugins/scripts/glsa_200808_04.nasl
   trunk/openvas-plugins/scripts/glsa_200808_05.nasl
   trunk/openvas-plugins/scripts/glsa_200808_06.nasl
   trunk/openvas-plugins/scripts/glsa_200808_07.nasl
   trunk/openvas-plugins/scripts/glsa_200808_08.nasl
   trunk/openvas-plugins/scripts/glsa_200808_09.nasl
   trunk/openvas-plugins/scripts/glsa_200808_10.nasl
   trunk/openvas-plugins/scripts/glsa_200808_11.nasl
   trunk/openvas-plugins/scripts/glsa_200808_12.nasl
   trunk/openvas-plugins/scripts/glsa_200809_01.nasl
   trunk/openvas-plugins/scripts/glsa_200809_02.nasl
   trunk/openvas-plugins/scripts/glsa_200809_03.nasl
   trunk/openvas-plugins/scripts/glsa_200809_04.nasl
   trunk/openvas-plugins/scripts/glsa_200809_05.nasl
   trunk/openvas-plugins/scripts/glsa_200809_06.nasl
   trunk/openvas-plugins/scripts/glsa_200809_07.nasl
   trunk/openvas-plugins/scripts/glsa_200809_08.nasl
   trunk/openvas-plugins/scripts/glsa_200809_09.nasl
   trunk/openvas-plugins/scripts/glsa_200809_10.nasl
   trunk/openvas-plugins/scripts/glsa_200809_11.nasl
   trunk/openvas-plugins/scripts/glsa_200809_12.nasl
   trunk/openvas-plugins/scripts/glsa_200809_13.nasl
   trunk/openvas-plugins/scripts/glsa_200809_14.nasl
   trunk/openvas-plugins/scripts/glsa_200809_15.nasl
   trunk/openvas-plugins/scripts/pkg-lib-gentoo.inc
Removed:
   trunk/openvas-plugins/scripts/gentoo_GLSA-200401-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200401-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200401-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200401-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200402-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200402-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200402-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200402-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200402-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200402-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200402-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200403-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200403-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200403-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200403-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200403-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200403-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200403-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200403-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200403-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200403-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200403-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200403-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200403-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200403-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200404-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200404-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200404-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200404-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200404-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200404-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200404-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200404-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200404-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200404-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200404-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200404-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200404-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200404-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200404-15.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200404-16.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200404-17.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200404-18.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200404-19.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200404-20.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200404-21.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-15.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-16.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-17.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-18.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-19.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-20.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-21.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-22.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-23.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-24.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200405-25.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200406-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200406-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200406-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200406-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200406-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200406-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200406-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200406-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200406-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200406-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200406-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200406-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200406-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200406-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200406-15.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200406-16.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200406-17.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200406-18.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200406-19.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200406-20.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200406-21.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200406-22.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-15.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-16.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-17.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-18.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-19.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-20.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-21.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-22.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200407-23.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-15.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-16.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-17.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-18.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-19.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-20.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-21.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-22.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-23.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-24.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-25.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-26.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200408-27.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-15.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-16.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-17.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-18.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-19.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-20.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-21.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-22.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-23.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-24.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-25.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-26.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-27.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-28.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-29.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-30.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-31.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-32.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-33.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-34.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200409-35.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-15.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-16.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-17.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-18.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-19.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-20.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-21.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-22.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-23.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-24.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-25.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-26.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-27.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-28.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-29.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-30.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200410-31.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-15.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-16.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-17.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-18.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-19.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-20.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-21.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-22.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-23.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-24.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-25.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-26.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-27.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-28.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-29.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-30.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-31.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-32.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-33.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-34.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-35.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-36.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-37.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200411-38.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-15.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-16.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-17.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-18.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-19.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-20.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-21.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-22.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-23.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-24.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-25.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-26.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200412-27.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-15.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-16.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-17.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-18.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-19.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-20.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-21.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-22.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-23.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-24.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-25.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-26.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-27.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-28.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-29.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-30.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-31.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-32.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-33.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-34.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-35.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-36.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-37.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-38.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-39.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-40.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-41.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-42.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-43.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-44.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-45.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200501-46.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-15.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-16.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-17.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-18.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-19.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-20.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-21.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-22.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-23.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-24.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-25.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-26.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-27.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-28.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-29.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-30.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-31.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-32.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200502-33.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-15.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-16.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-17.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-18.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-19.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-20.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-21.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-22.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-23.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-24.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-25.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-26.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-27.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-28.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-29.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-30.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-31.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-32.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-33.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-34.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-35.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-36.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200503-37.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-15.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-16.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-17.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-18.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-19.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-20.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-21.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-22.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-23.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-24.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-25.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-26.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-27.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-28.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-29.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200504-30.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200505-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200505-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200505-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200505-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200505-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200505-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200505-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200505-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200505-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200505-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200505-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200505-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200505-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200505-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200505-15.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200505-16.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200505-17.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200505-18.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200505-19.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200505-20.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-15.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-16.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-17.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-18.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-19.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-20.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-21.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-22.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-23.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200506-24.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-15.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-16.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-17.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-18.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-19.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-20.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-21.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-22.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-23.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-24.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-25.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-26.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-27.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-28.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200507-29.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200508-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200508-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200508-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200508-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200508-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200508-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200508-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200508-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200508-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200508-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200508-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200508-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200508-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200508-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200508-15.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200508-16.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200508-17.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200508-18.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200508-19.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200508-20.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200508-21.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200508-22.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200509-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200509-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200509-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200509-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200509-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200509-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200509-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200509-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200509-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200509-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200509-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200509-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200509-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200509-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200509-15.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200509-16.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200509-17.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200509-18.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200509-19.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200509-20.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200509-21.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-15.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-16.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-17.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-18.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-19.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-20.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-21.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-22.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-23.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-24.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200510-25.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-15.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-16.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-17.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-18.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-19.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-20.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-21.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-22.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200511-23.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200512-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200512-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200512-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200512-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200512-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200512-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200512-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200512-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200512-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200512-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200512-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200512-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200512-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200512-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200512-15.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200512-16.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200512-17.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200512-18.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200601-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200601-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200601-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200601-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200601-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200601-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200601-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200601-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200601-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200601-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200601-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200601-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200601-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200601-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200601-15.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200601-16.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200601-17.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200602-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200602-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200602-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200602-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200602-05.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200602-06.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200602-07.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200602-08.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200602-09.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200602-10.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200602-11.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200602-12.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200602-13.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200602-14.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200603-01.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200603-02.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200603-03.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200603-04.nasl
   trunk/openvas-plugins/scripts/gentoo_GLSA-200603-05.nasl
Modified:
   trunk/openvas-plugins/ChangeLog
Log:
New scripts added

Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/ChangeLog	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,5 +1,13 @@
 2008-09-24  Thomas Reinke <reinke at securityspace.com>
+   
+	* Removed legacy gentoo scripts that were no longer
+	  being maintained, and were non functional due
+	  to missing prerequisite.
+	  Added replacement gentoo scripts that work with
+	  gather-package-list.nasl and are up to date.
 
+2008-09-24  Thomas Reinke <reinke at securityspace.com>
+
 	* deb_1634_2.nasl deb_1638_1.nasl deb_1639_1.nasl
 	  deb_1640_1.nasl deb_1641_1.nasl deb_1642_1.nasl
 	  freebsd_firefox34.nasl freebsd_gallery3.nasl

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200401-01.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200401-01.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200401-01.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,154 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200401-01.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14441);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200401-01");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200401-01
-(Linux kernel do_mremap() local privilege escalation vulnerability)
-
-
-    The memory subsystem allows for shrinking, growing, and moving of
-    chunks of memory along any of the allocated memory areas which the kernel
-    posesses.
-    A typical virtual memory area covers at least one memory page. An incorrect
-    bound check discovered inside the do_mremap() kernel code performing
-    remapping of a virtual memory area may lead to creation of a virtual memory
-    area of 0 bytes length.
-    The problem is based on the general mremap flaw that remapping 2 pages from
-    inside a VMA creates a memory hole of only one page in length but an
-    additional VMA of two pages. In the case of a zero sized remapping request
-    no VMA hole is created but an additional VMA descriptor of 0
-    bytes in length is created.
-    This advisory also addresses an information leak in the Linux RTC system.
-  
-Impact
-
-    Arbitrary code may be able to exploit this vulnerability and may
-    disrupt the operation of other
-    parts of the kernel memory management subroutines finally leading to
-    unexpected behavior.
-    Since no special privileges are required to use the mremap(2) system call
-    any process may misuse its unexpected behavior to disrupt the kernel memory
-    management subsystem. Proper exploitation of this vulnerability may lead to
-    local privilege escalation including execution of arbitrary code
-    with kernel level access.
-    Proof-of-concept exploit code has been created and successfully tested,
-    permitting root escalation on vulnerable systems. As a result, all users
-    should upgrade their kernels to new or patched versions.
-  
-Workaround
-
-    There is no temporary workaround - a kernel upgrade is required. A list
-    of unaffected kernels is provided along with this announcement.
-  
-References:
-    http://isec.pl/vulnerabilities/isec-0012-mremap.txt
-
-
-Solution: 
-    Users are encouraged to upgrade to the latest available sources for
-    their system:
-    $> emerge sync
-    $> emerge -pv your-favourite-sources
-    $> emerge your-favourite-sources
-    $> # Follow usual procedure for compiling and installing a kernel.
-    $> # If you use genkernel, run genkernel as you would do normally.
-    $> # IF YOUR KERNEL IS MARKED as "remerge required!" THEN
-    $> # YOU SHOULD UPDATE YOUR KERNEL EVEN IF PORTAGE
-    $> # REPORTS THAT THE SAME VERSION IS INSTALLED.
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200401-01] Linux kernel do_mremap() local privilege escalation vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Linux kernel do_mremap() local privilege escalation vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-kernel/aa-sources", unaffected: make_list("ge 2.4.23-r1"), vulnerable: make_list("lt 2.4.23-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/mips-prepatch-sources", unaffected: make_list("ge 2.4.24_pre2-r1"), vulnerable: make_list("lt 2.4.24_pre2-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/gentoo-dev-sources", unaffected: make_list("ge 2.6.1_rc3"), vulnerable: make_list("lt 2.6.1_rc3")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/gaming-sources", unaffected: make_list("ge 2.4.20-r7"), vulnerable: make_list("lt 2.4.20-r7")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ppc-development-sources", unaffected: make_list("ge 2.6.1_rc1-r1"), vulnerable: make_list("lt 2.6.1_rc1-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/arm-sources", unaffected: make_list("ge 2.4.19-r2"), vulnerable: make_list("lt 2.4.19-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/alpha-sources", unaffected: make_list("ge 2.4.21-r2"), vulnerable: make_list("lt 2.4.21-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/vanilla-prepatch-sources", unaffected: make_list("ge 2.4.25_pre4"), vulnerable: make_list("lt 2.4.25_pre4")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/win4lin-sources", unaffected: make_list("ge 2.6.0-r1"), vulnerable: make_list("lt 2.6.0-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/vanilla-sources", unaffected: make_list("ge 2.4.24"), vulnerable: make_list("lt 2.4.24")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/hppa-sources", unaffected: make_list("ge 2.4.23_p4-r2"), vulnerable: make_list("lt 2.4.23_p4-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/development-sources", unaffected: make_list("ge 2.6.1_rc3"), vulnerable: make_list("lt 2.6.1_rc3")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/grsec-sources", unaffected: make_list("gt 2.4.23.2.0_rc4-r1"), vulnerable: make_list("lt 2.4.23.2.0_rc4-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/compaq-sources", unaffected: make_list("ge 2.4.9.32.7-r1"), vulnerable: make_list("lt 2.4.9.32.7-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/hardened-sources", unaffected: make_list("ge 2.4.22-r2"), vulnerable: make_list("lt 2.4.22-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/sparc-sources", unaffected: make_list("ge 2.4.24"), vulnerable: make_list("lt 2.4.24")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/openmosix-sources", unaffected: make_list("ge 2.4.22-r3"), vulnerable: make_list("lt 2.4.22-r3")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ppc-sources-benh", unaffected: make_list("ge 2.4.22-r4"), vulnerable: make_list("lt 2.4.22-r4")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ppc-sources-crypto", unaffected: make_list("ge 2.4.20-r2"), vulnerable: make_list("lt 2.4.20-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/mm-sources", unaffected: make_list("ge 2.6.1_rc1-r2"), vulnerable: make_list("lt 2.6.1_rc1-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/xfs-sources", unaffected: make_list("ge 2.4.23-r1"), vulnerable: make_list("lt 2.4.23-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ia64-sources", unaffected: make_list("ge 2.4.22-r2"), vulnerable: make_list("lt 2.4.22-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/pfeifer-sources", unaffected: make_list("ge 2.4.21.1_pre4-r1"), vulnerable: make_list("lt 2.4.21.1_pre4-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/planet-ccrma-sources", unaffected: make_list("ge 2.4.21-r4"), vulnerable: make_list("lt 2.4.21-r4")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ck-sources", unaffected: make_list("ge 2.4.23-r1"), vulnerable: make_list("lt 2.4.23-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/usermode-sources", unaffected: make_list("ge 2.4.23-r1"), vulnerable: make_list("lt 2.4.23-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/gentoo-sources", unaffected: make_list("gt 2.4.22-r3"), vulnerable: make_list("lt 2.4.22-r3")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/selinux-sources", unaffected: make_list("ge 2.4.24"), vulnerable: make_list("lt 2.4.24")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ppc-sources", unaffected: make_list("ge 2.4.23-r1"), vulnerable: make_list("lt 2.4.23-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/gs-sources", unaffected: make_list("ge 2.4.23_pre8-r2"), vulnerable: make_list("lt 2.4.23_pre8-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/pac-sources", unaffected: make_list("ge 2.4.23-r1"), vulnerable: make_list("lt 2.4.23-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/wolk-sources", unaffected: make_list("ge 4.10_pre7-r2"), vulnerable: make_list("lt 4.10_pre7-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/mips-sources", unaffected: make_list("ge 2.4.23-r2"), vulnerable: make_list("lt 2.4.23-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/sparc-dev-sources", unaffected: make_list("ge 2.6.1_rc2"), vulnerable: make_list("lt 2.6.1_rc2")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200401-02.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200401-02.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200401-02.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200401-02.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14442);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200401-02");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200401-02
-(Honeyd remote detection vulnerability via a probe packet)
-
-
-    A bug in handling NMAP fingerprints caused Honeyd to reply to TCP
-    packets with both the SYN and RST flags set.  Watching for replies, it is
-    possible to detect IP addresses simulated by Honeyd.
-  
-Impact
-
-    Although there are no public exploits known for Honeyd, the detection
-    of Honeyd IP addresses may in some cases be undesirable.
-  
-Workaround
-
-    Honeyd 0.8 has been released along with an advisory to address this
-    issue. In addition, Honeyd 0.8 drops privileges if permitted by the
-    configuration file and contains command line flags to force dropping
-    of privileges.
-  
-References:
-    http://www.honeyd.org/adv.2004-01.asc
-
-
-Solution: 
-    All users are recommended to update to honeyd version 0.8:
-    $> emerge sync
-    $> emerge -pv ">=net-analyzer/honeyd-0.8"
-    $> emerge ">=net-analyzer/honeyd-0.8"
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200401-02] Honeyd remote detection vulnerability via a probe packet");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Honeyd remote detection vulnerability via a probe packet');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-analyzer/honeyd", unaffected: make_list("ge 0.8"), vulnerable: make_list("lt 0.8")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200401-03.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200401-03.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200401-03.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,68 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200401-03.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14443);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200401-03");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200401-03
-(Apache mod_python Denial of Service vulnerability)
-
-
-    The Apache Foundation has reported that mod_python may be prone to
-    Denial of Service attacks when handling a malformed
-    query. Mod_python 2.7.9 was released to fix the vulnerability,
-    however, because the vulnerability has not been fully fixed,
-    version 2.7.10 has been released.
-    Users of mod_python 3.0.4 are not affected by this vulnerability.
-  
-Impact
-
-    Although there are no known public exploits known for this
-    exploit, users are recommended to upgrade mod_python to ensure the
-    security of their infrastructure.
-  
-Workaround
-
-    Mod_python 2.7.10 has been released to solve this issue; there is
-    no immediate workaround.
-  
-References:
-    http://www.modpython.org/pipermail/mod_python/2004-January/014879.html
-
-
-Solution: 
-    All users using mod_python 2.7.9 or below are recommended to
-    update their mod_python installation:
-    $> emerge sync
-    $> emerge -pv ">=dev-python/mod_python-2.7.10"
-    $> emerge ">=dev-python/mod_python-2.7.10"
-    $> /etc/init.d/apache restart
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200401-03] Apache mod_python Denial of Service vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Apache mod_python Denial of Service vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-python/mod_python", unaffected: make_list("ge 2.7.10"), vulnerable: make_list("lt 2.7.10")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200401-04.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200401-04.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200401-04.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,73 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200401-04.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14444);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200401-04");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200401-04
-(GAIM 0.75 Remote overflows)
-
-
-    Yahoo changed the authentication methods to their IM servers,
-    rendering GAIM useless. The GAIM team released a rushed release
-    solving this issue, however, at the same time a code audit
-    revealed 12 new vulnerabilities.
-  
-Impact
-
-    Due to the nature of instant messaging many of these bugs require
-    man-in-the-middle attacks between the client and the server. But
-    the underlying protocols are easy to implement and attacking
-    ordinary TCP sessions is a fairly simple task. As a result, all
-    users are advised to upgrade their GAIM installation.
-        Users of GAIM 0.74 or below are affected by 7 of the
-        vulnerabilities and are encouraged to upgrade.
-        Users of GAIM 0.75 are affected by 11 of the vulnerabilities
-        and are encouraged to upgrade to the patched version of GAIM
-        offered by Gentoo.
-        Users of GAIM 0.75-r6 are only affected by
-        4 of the vulnerabilities, but are still urged to upgrade to
-        maintain security.
-  
-Workaround
-
-    There is no immediate workaround; a software upgrade is required.
-  
-References:
-    http://www.securityfocus.com/archive/1/351235/2004-01-23/2004-01-29/0
-
-
-Solution: 
-    All users are recommended to upgrade GAIM to 0.75-r7.
-    $> emerge sync
-    $> emerge -pv ">=net-im/gaim-0.75-r7"
-    $> emerge ">=net-im/gaim-0.75-r7"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200401-04] GAIM 0.75 Remote overflows");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'GAIM 0.75 Remote overflows');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-im/gaim", unaffected: make_list("ge 0.75-r7"), vulnerable: make_list("lt 0.75-r7")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200402-01.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200402-01.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200402-01.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,69 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200402-01.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14445);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200402-01");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200402-01
-(PHP setting leaks from .htaccess files on virtual hosts)
-
-
-    If the server configuration "php.ini" file has
-    "register_globals = on" and a request is made to one virtual host
-    (which has "php_admin_flag register_globals off") and the next
-    request is sent to the another virtual host (which does not have the
-    setting) through the same apache child, the setting will persist.
-  
-Impact
-
-    Depending on the server and site, an attacker may be able to exploit
-    global variables to gain access to reserved areas, such as MySQL passwords,
-    or this vulnerability may simply cause a lack of functionality. As a
-    result, users are urged to upgrade their PHP installations.
-    Gentoo ships PHP with "register_globals" set to "off"
-    by default.
-    This issue affects both servers running Apache 1.x and servers running
-    Apache 2.x.
-  
-Workaround
-
-    No immediate workaround is available; a software upgrade is required.
-  
-References:
-    http://bugs.php.net/bug.php?id=25753
-
-
-Solution: 
-    All users are recommended to upgrade their PHP installation to 4.3.4-r4:
-    # emerge sync
-    # emerge -pv ">=dev-php/mod_php-4.3.4-r4"
-    # emerge ">=dev-php/mod_php-4.3.4-r4"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200402-01] PHP setting leaks from .htaccess files on virtual hosts");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'PHP setting leaks from .htaccess files on virtual hosts');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-php/mod_php", unaffected: make_list("ge 4.3.4-r4"), vulnerable: make_list("lt 4.3.4-r4")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200402-02.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200402-02.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200402-02.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,83 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200402-02.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14446);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200402-02");
- script_cve_id("CVE-2004-0083");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200402-02
-(XFree86 Font Information File Buffer Overflow)
-
-
-    Exploitation of a buffer overflow in The XFree86 Window System
-    discovered by iDefence allows local attackers to gain root
-    privileges.
-    The problem exists in the parsing of the \'font.alias\' file. The X
-    server (running as root) fails to check the length of the user
-    provided input, so a malicious user may craft a malformed
-    \'font.alias\' file causing a buffer overflow upon parsing,
-    eventually leading to the execution of arbitrary code.
-    To reproduce the overflow on the command line one can run:
-    # cat > fonts.dir <<EOF
-    1
-    word.bdf -misc-fixed-medium-r-semicondensed--13-120-75-75-c-60-iso8859-1
-    EOF
-    # perl -e \'print "0" x 1024 . "A" x 96 . "\\n"\' > fonts.alias
-    # X :0 -fp $PWD
-    {Some output removed}... Server aborting... Segmentation fault (core dumped)
-  
-Impact
-
-    Successful exploitation can lead to a root compromise provided
-    that the attacker is able to execute commands in the X11
-    subsystem. This can be done either by having console access to the
-    target or through a remote exploit against any X client program
-    such as a web-browser, mail-reader or game.
-  
-Workaround
-
-    No immediate workaround is available; a software upgrade is required.
-    Gentoo has released XFree 4.2.1-r3, 4.3.0-r4 and 4.3.99.902-r1 and
-    encourages all users to upgrade their XFree86
-    installations. Vulnerable versions are no longer available in
-    Portage.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0083
-    http://www.idefense.com/application/poi/display?id=72&type=vulnerabilities
-
-
-Solution: 
-    All users are recommended to upgrade their XFree86 installation:
-    # emerge sync
-    # emerge -pv x11-base/xfree
-    # emerge x11-base/xfree
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200402-02] XFree86 Font Information File Buffer Overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'XFree86 Font Information File Buffer Overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "x11-base/xfree", unaffected: make_list("eq 4.2.1-r3", "eq 4.3.0-r4", "ge 4.3.99.902-r1"), vulnerable: make_list("lt 4.3.99.902-r1")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200402-03.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200402-03.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200402-03.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200402-03.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14447);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200402-03");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200402-03
-(Monkeyd Denial of Service vulnerability)
-
-
-    A bug in the URI processing of incoming requests allows for a Denial of
-    Service to be launched against the webserver, which may cause the server
-    to crash or behave sporadically.
-  
-Impact
-
-    Although there are no public exploits known for bug, users are recommended
-    to upgrade to ensure the security of their infrastructure.
-  
-Workaround
-
-    There is no immediate workaround; a software upgrade is
-    required. The vulnerable function in the code has been rewritten.
-  
-References:
-    http://cvs.sourceforge.net/viewcvs.py/monkeyd/monkeyd/src/utils.c?r1=1.3&r2=1.4
-
-
-Solution: 
-    All users are recommended to upgrade monkeyd to 0.8.2:
-    # emerge sync
-    # emerge -pv ">=net-www/monkeyd-0.8.2"
-    # emerge ">=net-www/monkeyd-0.8.2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200402-03] Monkeyd Denial of Service vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Monkeyd Denial of Service vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/monkeyd", unaffected: make_list("ge 0.8.2"), vulnerable: make_list("lt 0.8.2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200402-04.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200402-04.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200402-04.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,66 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200402-04.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14448);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200402-04");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200402-04
-(Gallery 1.4.1 and below remote exploit vulnerability)
-
-
-    Starting in the 1.3.1 release, Gallery includes code to simulate the behaviour
-    of the PHP \'register_globals\' variable in environments where that setting
-    is disabled.  It is simulated by extracting the values of the various
-    $HTTP_ global variables into the global namespace.
-  
-Impact
-
-    A crafted URL such as
-    http://example.com/gallery/init.php?HTTP_POST_VARS=xxx  causes the
-    \'register_globals\' simulation code to overwrite the $HTTP_POST_VARS which,
-    when it is extracted, will deliver the given payload. If the
-    payload compromises $GALLERY_BASEDIR then the malicious user can perform a
-    PHP injection exploit and gain remote access to the webserver with PHP
-    user UID access rights.
-  
-Workaround
-
-    The workaround for the vulnerability is to replace init.php and
-    setup/init.php with the files in the following ZIP file:
-    http://prdownloads.sourceforge.net/gallery/patch_1.4.1-to-1.4.1-pl1.zip?download
-  
-
-Solution: 
-    All users are encouraged to upgrade their gallery installation:
-    # emerge sync
-    # emerge -p ">=app-misc/gallery-1.4.1_p1"
-    # emerge ">=app-misc/gallery-1.4.1_p1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200402-04] Gallery 1.4.1 and below remote exploit vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Gallery 1.4.1 and below remote exploit vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-misc/gallery", unaffected: make_list("ge 1.4.1_p1"), vulnerable: make_list("lt 1.4.1_p1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200402-05.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200402-05.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200402-05.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,67 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200402-05.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14449);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200402-05");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200402-05
-( 2.5.6-rc1: possible attack against export.php)
-
-
-    One component of the phpMyAdmin software package (export.php) does not
-    properly verify input that is passed to it from a remote user.  Since the
-    input is used to include other files, it is possible to launch a directory
-    traversal attack.
-  
-Impact
-
-    Private information could be gleaned from the remote server if an attacker
-    uses a malformed URL such as http://phpmyadmin.example.com/export.php?what=../../../[existing_file]
-    In this scenario, the script does not sanitize the "what" argument passed
-    to it, allowing directory traversal attacks to take place, disclosing
-    the contents of files if the file is readable as the web-server user.
-  
-Workaround
-
-    The workaround is to either patch the export.php file using the
-    referenced CVS patch or upgrade the software via Portage.
-  
-References:
-    http://cvs.sourceforge.net/viewcvs.py/phpmyadmin/phpMyAdmin/export.php?r1=2.3&r2=2.3.2.1
-
-
-Solution: 
-    Users are encouraged to upgrade to phpMyAdmin-2.5.6_rc1:
-    # emerge sync
-    # emerge -pv ">=dev-db/phpmyadmin-2.5.6_rc1"
-    # emerge ">=dev-db/phpmyadmin-2.5.6_rc1"
-    # emerge clean
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200402-05]  2.5.6-rc1: possible attack against export.php");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: ' 2.5.6-rc1: possible attack against export.php');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-db/phpmyadmin", unaffected: make_list("ge 2.5.6_rc1"), vulnerable: make_list("le 2.5.5_p1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200402-06.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200402-06.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200402-06.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,81 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200402-06.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14450);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200402-06");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200402-06
-(Updated kernel packages fix the AMD64 ptrace vulnerability)
-
-
-    A vulnerability has been discovered by Andi Kleen in the ptrace emulation
-    code for AMD64 platforms when eflags are processed, allowing a local user
-    to obtain elevated priveleges.  The Common Vulnerabilities and Exposures
-    project, http://cve.mitre.org, has assigned CVE-2004-0001 to this issue.
-  
-Impact
-
-    Only users of the AMD64 platform are affected: in this scenario, a user may
-    be able to obtain elevated priveleges, including root access. However, no
-    public exploit is known for the vulnerability at this time.
-  
-Workaround
-
-    There is no temporary workaround - a kernel upgrade is required. A list of
-    unaffected kernels is provided along with this announcement.
-  
-
-Solution: 
-    Users are encouraged to upgrade to the latest available sources for
-    their system:
-    # emerge sync
-    # emerge -pv your-favourite-sources
-    # emerge your-favourite-sources
-    # # Follow usual procedure for compiling and installing a kernel.
-    # # If you use genkernel, run genkernel as you would do normally.
-    # # IF YOUR KERNEL IS MARKED as "remerge required!" THEN
-    # # YOU SHOULD UPDATE YOUR KERNEL EVEN IF PORTAGE
-    # # REPORTS THAT THE SAME VERSION IS INSTALLED.
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200402-06] Updated kernel packages fix the AMD64 ptrace vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Updated kernel packages fix the AMD64 ptrace vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-kernel/gentoo-test-sources", arch: "amd64", unaffected: make_list("ge 2.6.2-r1"), vulnerable: make_list("lt 2.6.2")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/gentoo-sources", arch: "amd64", unaffected: make_list("ge 2.4.22-r6"), vulnerable: make_list("lt 2.4.22-r6")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/gentoo-dev-sources", arch: "amd64", unaffected: make_list("ge 2.6.2"), vulnerable: make_list("lt 2.6.2")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/vanilla-sources", arch: "amd64", unaffected: make_list("ge 2.4.24-r1"), vulnerable: make_list("lt 2.4.24-r1")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/gs-sources", arch: "amd64", unaffected: make_list("ge 2.4.25_pre7-r1"), vulnerable: make_list("lt 2.4.25_pre7-r1")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/vanilla-prepatch-sources", arch: "amd64", unaffected: make_list("ge 2.4.25_rc3"), vulnerable: make_list("lt 2.4.25_rc3")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ck-sources", arch: "amd64", unaffected: make_list("ge 2.6.2"), vulnerable: make_list("lt 2.6.2")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/development-sources", arch: "amd64", unaffected: make_list("ge 2.6.2"), vulnerable: make_list("lt 2.6.2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200402-07.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200402-07.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200402-07.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,73 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200402-07.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14451);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200402-07");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200402-07
-(Clam Antivirus DoS vulnerability)
-
-
-    Oliver Eikemeier of Fillmore Labs discovered the overflow in Clam AV 0.65
-    when it handled malformed UUEncoded messages, causing the daemon to shut
-    down.
-    The problem originated in libclamav which calculates the line length of an
-    uuencoded message by taking the ASCII value of the first character minus 64
-    while doing an assertion if the length is not in the allowed range,
-    effectively terminating the calling program as clamav would not be
-    available.
-  
-Impact
-
-    A malformed message such as the one below would cause a denial of service,
-    and depending on the server configuration this may impact other daemons
-    relying on Clam AV in a fatal manner.
-    To exploit the vulnerability, you can add the following to ~/clamtest.mbox:
-    From -
-    begin 644 byebye
-    byebye
-    end
-    Then do "clamscan --mbox -v ~/clamtest.mbox" or "clamdscan
-    -v ~/clamtest.mbox; ps ax | grep clam": the former will cause an
-    assertion and a segmentation fault, the latter would cause the daemon to
-    shut down.
-  
-Workaround
-
-    There is no immediate workaround, a software upgrade is required.
-  
-
-Solution: 
-    All users are urged to upgrade their Clam AV installations to Clam AV 0.67:
-    # emerge sync
-    # emerge -pv ">=net-mail/clamav-0.6.7"
-    # emerge ">=net-mail/clamav-0.6.7"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200402-07] Clam Antivirus DoS vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Clam Antivirus DoS vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-mail/clamav", unaffected: make_list("ge 0.67"), vulnerable: make_list("lt 0.67")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200403-01.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200403-01.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200403-01.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200403-01.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14452);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200403-01");
- script_cve_id("CVE-2004-0110");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200403-01
-(Libxml2 URI Parsing Buffer Overflow Vulnerabilities)
-
-
-    Yuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6.
-    When the libxml2 library fetches a remote resource via FTP or HTTP, libxml2
-    uses parsing routines that can overflow a buffer caused by improper bounds
-    checking if they are passed a URL longer than 4096 bytes.
-  
-Impact
-
-    If an attacker is able to exploit an application using libxml2 that parses
-    remote resources, then this flaw could be used to execute arbitrary code.
-  
-Workaround
-
-    No workaround is available; users are urged to upgrade libxml2 to 2.6.6.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0110
-
-
-Solution: 
-    All users are recommended to upgrade their libxml2 installation:
-    # emerge sync
-    # emerge -pv ">=dev-libs/libxml2-2.6.6"
-    # emerge ">=dev-libs/libxml2-2.6.6"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200403-01] Libxml2 URI Parsing Buffer Overflow Vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Libxml2 URI Parsing Buffer Overflow Vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-libs/libxml2", unaffected: make_list("ge 2.6.6"), vulnerable: make_list("lt 2.6.6")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200403-02.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200403-02.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200403-02.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,158 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200403-02.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14453);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200403-02");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200403-02
-(Linux kernel do_mremap local privilege escalation vulnerability)
-
-
-    The memory subsystem allows for shrinking, growing, and moving of
-    chunks of memory along any of the allocated memory areas which the
-    kernel posesses.
-    To accomplish this, the do_mremap code calls the do_munmap() kernel
-    function to remove any old memory mappings in the new location - but,
-    the code doesn\'t check the return value of the do_munmap() function
-    which may fail if the maximum number of available virtual memory area
-    descriptors has been exceeded.
-    Due to the missing return value check after trying to unmap the middle
-    of the first memory area, the corresponding page table entries from the
-    second new area are inserted into the page table locations described by
-    the first old one, thus they are subject to page protection flags of
-    the first area. As a result, arbitrary code can be executed.
-  
-Impact
-
-    Arbitrary code with normal non-super-user privelerges may be able to
-    exploit this vulnerability and may disrupt the operation of other parts
-    of the kernel memory management subroutines finally leading to
-    unexpected behavior.
-    Since no special privileges are required to use the mremap() and
-    mummap() system calls any process may misuse this unexpected behavior
-    to disrupt the kernel memory management subsystem. Proper exploitation
-    of this vulnerability may lead to local privilege escalation allowing
-    for the execution of arbitrary code with kernel level root access.
-    Proof-of-concept exploit code has been created and successfully tested,
-    permitting root escalation on vulnerable systems. As a result, all
-    users should upgrade their kernels to new or patched versions.
-  
-Workaround
-
-    Users who are unable to upgrade their kernels may attempt to use
-    "sysctl -w vm.max_map_count=1000000", however, this is a temporary fix
-    which only solves the problem by increasing the number of memory areas
-    that can be created by each process. Because of the static nature of
-    this workaround, it is not recommended and users are urged to upgrade
-    their systems to the latest avaiable patched sources.
-  
-References:
-    http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt
-
-
-Solution: 
-    Users are encouraged to upgrade to the latest available sources for
-    their system:
-    # emerge sync
-    # emerge -pv your-favourite-sources
-    # emerge your-favourite-sources
-    # # Follow usual procedure for compiling and installing a kernel.
-    # # If you use genkernel, run genkernel as you would do normally.
-    # # IF YOUR KERNEL IS MARKED as "remerge required!" THEN
-    # # YOU SHOULD UPDATE YOUR KERNEL EVEN IF PORTAGE
-    # # REPORTS THAT THE SAME VERSION IS INSTALLED.
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200403-02] Linux kernel do_mremap local privilege escalation vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Linux kernel do_mremap local privilege escalation vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-kernel/mips-prepatch-sources", unaffected: make_list("ge 2.4.25_pre6-r1"), vulnerable: make_list("lt 2.4.25_pre6-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/wolk-sources", unaffected: make_list("eq 4.9-r4", "ge 4.10_pre7-r3"), vulnerable: make_list("lt 4.10_pre7-r3")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/hppa-sources", unaffected: make_list("ge 2.4.24_p0-r1"), vulnerable: make_list("lt 2.4.24_p0-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/vanilla-sources", unaffected: make_list("ge 2.4.25"), vulnerable: make_list("lt 2.4.25")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/openmosix-sources", unaffected: make_list("ge 2.4.22-r4"), vulnerable: make_list("lt 2.4.22-r4")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/grsec-sources", unaffected: make_list("ge 2.4.24.1.9.13-r1"), vulnerable: make_list("lt 2.4.24.1.9.13-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/hardened-sources", unaffected: make_list("ge 2.4.24-r1"), vulnerable: make_list("lt 2.4.24-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ppc-sources-benh", unaffected: make_list("ge 2.4.22-r5"), vulnerable: make_list("lt 2.4.22-r5")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/win4lin-sources", unaffected: make_list("eq 2.4.23-r2", "ge 2.6.2-r1"), vulnerable: make_list("lt 2.6.2-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/compaq-sources", unaffected: make_list("ge 2.4.9.32.7-r2"), vulnerable: make_list("lt 2.4.9.32.7-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/hppa-dev-sources", unaffected: make_list("ge 2.6.2_p3-r1"), vulnerable: make_list("lt 2.6.2_p3-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/sparc-sources", unaffected: make_list("ge 2.4.24-r2"), vulnerable: make_list("lt 2.4.24-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ia64-sources", unaffected: make_list("ge 2.4.24-r1"), vulnerable: make_list("lt 2.4.24-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/gentoo-sources", unaffected: make_list("eq 2.4.19-r11", "eq 2.4.20-r12", "ge 2.4.22-r7"), vulnerable: make_list("lt 2.4.22-r7")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/gs-sources", unaffected: make_list("ge 2.4.25_pre7-r2"), vulnerable: make_list("lt 2.4.25_pre7-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/gentoo-dev-sources", unaffected: make_list("ge 2.6.3_rc1"), vulnerable: make_list("lt 2.6.3_rc1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/usermode-sources", unaffected: make_list("rge 2.4.24-r1", "rge 2.4.26", "ge 2.6.3-r1"), vulnerable: make_list("lt 2.6.3-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/mips-sources", unaffected: make_list("ge 2.4.25_rc4"), vulnerable: make_list("lt 2.4.25_rc4")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/vanilla-prepatch-sources", unaffected: make_list("ge 2.4.25_rc4"), vulnerable: make_list("lt 2.4.25_rc4")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ck-sources", unaffected: make_list("eq 2.4.24-r1", "ge 2.6.2-r1"), vulnerable: make_list("lt 2.6.2-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/pac-sources", unaffected: make_list("ge 2.4.23-r3"), vulnerable: make_list("lt 2.4.23-r3")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/alpha-sources", unaffected: make_list("ge 2.4.21-r4"), vulnerable: make_list("lt 2.4.21-r4")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ppc-sources-crypto", unaffected: make_list("ge 2.4.20-r3"), vulnerable: make_list("lt 2.4.20-r3")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/planet-ccrma-sources", unaffected: make_list("ge 2.4.21-r5"), vulnerable: make_list("lt 2.4.21-r5")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ppc-sources-dev", unaffected: make_list("ge 2.4.24-r2"), vulnerable: make_list("lt 2.4.24-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ppc-sources", unaffected: make_list("ge 2.4.24-r1"), vulnerable: make_list("lt 2.4.24-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/gaming-sources", unaffected: make_list("ge 2.4.20-r8"), vulnerable: make_list("lt 2.4.20-r8")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/xfs-sources", unaffected: make_list("ge 2.4.24-r2"), vulnerable: make_list("lt 2.4.24-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/selinux-sources", unaffected: make_list("ge 2.4.24-r2"), vulnerable: make_list("lt 2.4.24-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ppc-development-sources", unaffected: make_list("ge 2.6.3_rc1-r1"), vulnerable: make_list("lt 2.6.3_rc1-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/development-sources", unaffected: make_list("ge 2.6.3_rc1"), vulnerable: make_list("lt 2.6.3_rc1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/sparc-dev-sources", unaffected: make_list("ge 2.6.3_rc1"), vulnerable: make_list("lt 2.6.3_rc1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/aa-sources", unaffected: make_list("ge 2.4.23-r1"), vulnerable: make_list("lt 2.4.23-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/mm-sources", unaffected: make_list("ge 2.6.3_rc1-r1"), vulnerable: make_list("lt 2.6.3_rc1-r1")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200403-03.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200403-03.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200403-03.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,77 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200403-03.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14454);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200403-03");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200403-03
-(Multiple OpenSSL Vulnerabilities)
-
-
-      Testing performed by the OpenSSL group using the Codenomicon
-      TLS Test Tool uncovered a null-pointer assignment in the
-      do_change_cipher_spec() function. A remote attacker could perform
-      a carefully crafted SSL/TLS handshake against a server that used
-      the OpenSSL library in such a way as to cause OpenSSL to
-      crash. Depending on the application this could lead to a denial of
-      service. All versions of OpenSSL from 0.9.6c to 0.9.6l inclusive
-      and from 0.9.7a to 0.9.7c inclusive are affected by this issue.
-      A flaw has been discovered in SSL/TLS handshaking code when
-      using Kerberos ciphersuites. A remote attacker could perform a
-      carefully crafted SSL/TLS handshake against a server configured to
-      use Kerberos ciphersuites in such a way as to cause OpenSSL to
-      crash. Most applications have no ability to use Kerberos
-      cipher suites and will therefore be unaffected.  Versions 0.9.7a,
-      0.9.7b, and 0.9.7c of OpenSSL are affected by this issue.
-      Testing performed by the OpenSSL group using the Codenomicon
-      TLS Test Tool uncovered a bug in older versions of OpenSSL 0.9.6
-      that can lead to a Denial of Service attack (infinite
-      loop). This issue was traced to a fix that was added to OpenSSL
-      0.9.6d some time ago. This issue will affect vendors that ship
-      older versions of OpenSSL with backported security patches.
-  
-Impact
-
-    Although there are no public exploits known for bug, users are recommended
-    to upgrade to ensure the security of their infrastructure.
-  
-Workaround
-
-    There is no immediate workaround; a software upgrade is required. The
-    vulnerable function in the code has been rewritten.
-  
-
-Solution: 
-    All users are recommened to upgrade openssl to either 0.9.7d or 0.9.6m:
-    # emerge sync
-    # emerge -pv ">=dev-libs/openssl-0.9.7d"
-    # emerge ">=dev-libs/openssl-0.9.7d"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200403-03] Multiple OpenSSL Vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Multiple OpenSSL Vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-libs/openssl", unaffected: make_list("ge 0.9.7d", "eq 0.9.6m"), vulnerable: make_list("le 0.9.7c")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200403-04.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200403-04.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200403-04.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,89 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200403-04.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14455);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200403-04");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200403-04
-(Multiple security vulnerabilities in Apache 2)
-
-
-    Three vulnerabilities were found:
-        A memory leak in ssl_engine_io.c for mod_ssl in Apache 2.0.48 and below
-        allows remote attackers to cause a denial of service attack
-        via plain HTTP requests to the SSL port of an SSL-enabled server.
-        Apache fails to filter terminal escape sequences from error
-        logs that begin with the ASCII (0x1B) sequence and are followed by a
-        series of arguments. If a remote attacker could inject escape sequences
-        into an Apache error log, the attacker could take advantages of
-        weaknesses in various terminal emulators, launching attacks
-        against remote users including further denial of service attacks,
-        file modification, and the execution of arbitrary commands.
-        The Apache mod_disk_cache has been found to be
-        vulnerable to a weakness that allows attackers to gain access
-        to authentication credentials through the issue of caching
-        HTTP hop-by-hop headers which would contain plaintext user
-        passwords. There is no available resolution for this issue yet.
-  
-Impact
-
-    No special privileges are required for these vulnerabilities. As a result,
-    all users are recommended to upgrade their Apache installations.
-  
-Workaround
-
-    There is no immediate workaround; a software upgrade is required.
-    There is no workaround for the mod_disk_cache issue; users are
-    recommended to disable the feature on their servers until a patched
-    version is released.
-  
-References:
-    http://www.securityfocus.com/bid/9933/info/
-    http://www.apache.org/dist/httpd/Announcement2.html
-
-
-Solution: 
-    Users are urged to upgrade to Apache 2.0.49:
-    # emerge sync
-    # emerge -pv ">=net-www/apache-2.0.49"
-    # emerge ">=net-www/apache-2.0.49"
-    # ** IMPORTANT **
-    # If you are migrating from Apache 2.0.48-r1 or earlier versions,
-    # it is important that the following directories are removed.
-    # The following commands should cause no data loss since these
-    # are symbolic links.
-    # rm /etc/apache2/lib /etc/apache2/logs /etc/apache2/modules
-    # rm /etc/apache2/extramodules
-    # ** ** ** ** **
-    # ** ALSO NOTE **
-    # Users who use mod_disk_cache should edit their Apache
-    # configuration and disable mod_disk_cache.
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200403-04] Multiple security vulnerabilities in Apache 2");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Multiple security vulnerabilities in Apache 2');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/apache", unaffected: make_list("eq 1.3*", "ge 2.0.49"), vulnerable: make_list("le 2.0.48")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200403-05.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200403-05.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200403-05.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,67 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200403-05.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14456);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200403-05");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200403-05
-(UUDeview MIME Buffer Overflow)
-
-
-    By decoding a MIME archive with excessively long strings for various
-    parameters, it is possible to crash UUDeview, or cause it to execute
-    arbitrary code.
-    This vulnerability was originally reported by iDEFENSE as part of a WinZip
-    advisory [ Reference: 1 ].
-  
-Impact
-
-    An attacker could create a specially-crafted MIME file and send it via
-    email. When recipient decodes the file, UUDeview may execute arbitrary code
-    which is embedded in the MIME file, thus granting the attacker access to
-    the recipient\'s account.
-  
-Workaround
-
-    There is no known workaround at this time. As a result, a software upgrade
-    is required and users should upgrade to uudeview 0.5.20.
-  
-References:
-    http://www.idefense.com/application/poi/display?id=76&type=vulnerabilities
-    http://www.securityfocus.com/bid/9758
-
-
-Solution: 
-    All users should upgrade to uudeview 0.5.20:
-    # emerge sync
-    # emerge -pv ">=app-text/uudeview-0.5.20"
-    # emerge ">=app-text/uudeview-0.5.20"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200403-05] UUDeview MIME Buffer Overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'UUDeview MIME Buffer Overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-text/uudeview", unaffected: make_list("ge 0.5.20"), vulnerable: make_list("lt 0.5.20")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200403-06.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200403-06.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200403-06.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,68 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200403-06.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14457);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200403-06");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200403-06
-(Multiple remote buffer overflow vulnerabilities in Courier)
-
-
-    The vulnerabilities have been found in the \'SHIFT_JIS\' converter in
-    \'shiftjis.c\' and \'ISO2022JP\' converter in \'so2022jp.c\'. An attacker may
-    supply Unicode characters that exceed BMP (Basic Multilingual Plane) range,
-    causing an overflow.
-  
-Impact
-
-    An attacker without privileges may exploit this vulnerability remotely, allowing arbitrary code to be executed in order to gain unauthorized access.
-  
-Workaround
-
-    While a workaround is not currently known for this issue, all users are
-    advised to upgrade to the latest version of the affected packages.
-  
-References:
-    http://www.securityfocus.com/bid/9845
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0224
-
-
-Solution: 
-    All users should upgrade to current versions of the affected packages:
-    # emerge sync
-    # emerge -pv ">=net-mail/courier-imap-3.0.0"
-    # emerge ">=net-mail/courier-imap-3.0.0"
-    # ** Or; depending on your installation... **
-    # emerge -pv ">=net-mail/courier-0.45"
-    # emerge ">=net-mail/courier-0.45"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200403-06] Multiple remote buffer overflow vulnerabilities in Courier");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Multiple remote buffer overflow vulnerabilities in Courier');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-mail/courier", unaffected: make_list("ge 0.45"), vulnerable: make_list("lt 0.45")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "net-mail/courier-imap", unaffected: make_list("ge 3.0.0"), vulnerable: make_list("lt 3.0.0")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200403-07.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200403-07.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200403-07.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,67 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200403-07.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14458);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200403-07");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200403-07
-(Multiple remote overflows and vulnerabilities in Ethereal)
-
-
-    There are multiple vulnerabilities in versions of Ethereal earlier than 0.10.3, including:
-	Thirteen buffer overflows in the following protocol dissectors: NetFlow, IGAP, EIGRP, PGM, IrDA, BGP, ISUP, and TCAP.
-      	A zero-length Presentation protocol selector could make Ethereal crash.
-     	A vulnerability in the RADIUS packet dissector which may crash ethereal.
-      	A corrupt color filter file could cause a segmentation fault.
-  
-Impact
-
-    These vulnerabilities may cause Ethereal to crash or may allow an attacker
-    to run arbitrary code on the user\'s computer.
-  
-Workaround
-
-    While a workaround is not currently known for this issue, all users are
-    advised to upgrade to the latest version of the affected package.
-  
-References:
-    http://www.ethereal.com/appnotes/enpa-sa-00013.html
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0176
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0365
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0367
-
-
-Solution: 
-    All users should upgrade to the current version of the affected package:
-    # emerge sync
-    # emerge -pv ">=net-analyzer/ethereal-0.10.3"
-    # emerge ">=net-analyzer/ethereal-0.10.3"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200403-07] Multiple remote overflows and vulnerabilities in Ethereal");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Multiple remote overflows and vulnerabilities in Ethereal');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-analyzer/ethereal", unaffected: make_list("ge 0.10.3"), vulnerable: make_list("le 0.10.2")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200403-08.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200403-08.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200403-08.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200403-08.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14459);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200403-08");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200403-08
-(oftpd DoS vulnerability)
-
-
-    Issuing a port command with a number higher than 255 causes the server to
-    crash.  The port command may be issued before any authentication takes
-    place, meaning the attacker does not need to know a valid username and
-    password in order to exploit this vulnerability.
-  
-Impact
-
-    This exploit causes a denial of service.
-  
-Workaround
-
-    While a workaround is not currently known for this issue, all users are
-    advised to upgrade to the latest version of the affected package.
-  
-References:
-    http://www.time-travellers.org/oftpd/oftpd-dos.html
-
-
-Solution: 
-     All users should upgrade to the current version of the affected package:
-    # emerge sync
-    # emerge -pv ">=net-ftp/oftpd-0.3.7"
-    # emerge ">=net-ftp/oftpd-0.3.7"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200403-08] oftpd DoS vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'oftpd DoS vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-ftp/oftpd", unaffected: make_list("ge 0.3.7"), vulnerable: make_list("le 0.3.6")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200403-09.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200403-09.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200403-09.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200403-09.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14460);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200403-09");
- script_cve_id("CVE-2003-1023");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200403-09
-(Buffer overflow in Midnight Commander)
-
-
-    A stack-based buffer overflow has been found in Midnight Commander\'s
-    virtual filesystem.
-  
-Impact
-
-    This overflow allows an attacker to run arbitrary code on the user\'s
-    computer during the symlink conversion process.
-  
-Workaround
-
-    While a workaround is not currently known for this issue, all users are
-    advised to upgrade to the latest version of the affected package.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1023
-
-
-Solution: 
-    All users should upgrade to the current version of the affected package:
-    # emerge sync
-    # emerge -pv ">=app-misc/mc-4.6.0-r5"
-    # emerge ">=app-misc/mc-4.6.0-r5"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200403-09] Buffer overflow in Midnight Commander");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Buffer overflow in Midnight Commander');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-misc/mc", unaffected: make_list("ge 4.6.0-r5"), vulnerable: make_list("le 4.6.0-r4")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200403-10.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200403-10.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200403-10.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200403-10.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14461);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200403-10");
- script_cve_id("CVE-2003-0792");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200403-10
-(Fetchmail 6.2.5 fixes a remote DoS)
-
-
-    Fetchmail versions 6.2.4 and earlier can be crashed by sending a
-    specially-crafted email to a fetchmail user. This problem occurs because
-    Fetchmail does not properly allocate memory for long lines in an incoming
-    email.
-  
-Impact
-
-    Fetchmail users who receive a malicious email may have their fetchmail
-    program crash.
-  
-Workaround
-
-    While a workaround is not currently known for this issue, all users are advised to upgrade to the latest version of fetchmail.
-  
-References:
-    http://xforce.iss.net/xforce/xfdb/13450
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0792
-
-
-Solution: 
-    Fetchmail users should upgrade to version 6.2.5 or later:
-    # emerge sync
-    # emerge -pv ">=net-mail/fetchmail-6.2.5"
-    # emerge ">=net-mail/fetchmail-6.2.5"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200403-10] Fetchmail 6.2.5 fixes a remote DoS");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Fetchmail 6.2.5 fixes a remote DoS');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-mail/fetchmail", unaffected: make_list("ge 6.2.5"), vulnerable: make_list("le 6.2.4")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200403-11.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200403-11.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200403-11.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,72 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200403-11.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14462);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200403-11");
- script_cve_id("CVE-2004-0189");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200403-11
-(Squid ACL [url_regex] bypass vulnerability)
-
-
-    A bug in Squid allows users to bypass certain access controls by passing a
-    URL containing "%00" which exploits the Squid decoding function.
-    This may insert a NUL character into decoded URLs, which may allow users to
-    bypass url_regex access control lists that are enforced upon them.
-    In such a scenario, Squid will insert a NUL character after
-    the"%00" and it will make a comparison between the URL to the end
-    of the NUL character rather than the contents after it: the comparison does
-    not result in a match, and the user\'s request is not denied.
-  
-Impact
-
-    Restricted users may be able to bypass url_regex access control lists that
-    are enforced upon them which may cause unwanted network traffic as well as
-    a route for other possible exploits. Users of Squid 2.5STABLE4 and below
-    who require the url_regex features are recommended to upgrade to 2.5STABLE5
-    to maintain the security of their infrastructure.
-  
-Workaround
-
-    A workaround is not currently known for this issue. All users are advised
-    to upgrade to the latest version of Squid.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0189
-    http://www.squid-cache.org/Advisories/SQUID-2004_1.txt
-
-
-Solution: 
-    Squid can be updated as follows:
-    # emerge sync
-    # emerge -pv ">=www-proxy/squid-2.5.5"
-    # emerge ">=www-proxy/squid-2.5.5"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200403-11] Squid ACL [url_regex] bypass vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Squid ACL [url_regex] bypass vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "www-proxy/squid", unaffected: make_list("ge 2.5.5"), vulnerable: make_list("lt 2.5.5")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200403-12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200403-12.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200403-12.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200403-12.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14463);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200403-12");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200403-12
-(OpenLDAP DoS Vulnerability)
-
-
-    A password extended operation (password EXOP) which fails will cause the
-    slapd server to free() an uninitialized pointer, possibly resulting in a
-    segfault. This only affects servers using the back-ldbm backend.
-    Such a crash is not guaranteed with every failed operation, however, it is
-    possible.
-  
-Impact
-
-    An attacker (or indeed, a normal user) may crash the OpenLDAP server,
-    creating a Denial of Service condition.
-  
-Workaround
-
-    A workaround is not currently known for this issue.  All users are
-    advised to upgrade to the latest version of OpenLDAP.
-  
-References:
-    http://www.openldap.org/its/index.cgi?findid=2390
-
-
-Solution: 
-    OpenLDAP users should upgrade to version 2.1.17 or later:
-    # emerge sync
-    # emerge -pv ">=net-nds/openldap-2.1.17"
-    # emerge ">=net-nds/openldap-2.1.17"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200403-12] OpenLDAP DoS Vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'OpenLDAP DoS Vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-nds/openldap", unaffected: make_list("ge 2.1.17"), vulnerable: make_list("le 2.1.16")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200403-13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200403-13.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200403-13.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,72 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200403-13.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14464);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200403-13");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200403-13
-(Remote buffer overflow in MPlayer)
-
-
-    A vulnerability exists in the MPlayer HTTP parser which may allow an
-    attacker to craft a special HTTP header ("Location:") which will
-    trick MPlayer into executing arbitrary code on the user\'s computer.
-  
-Impact
-
-    An attacker without privileges may exploit this vulnerability remotely,
-    allowing arbitrary code to be executed in order to gain unauthorized
-    access.
-  
-Workaround
-
-    A workaround is not currently known for this issue. All users are advised
-    to upgrade to the latest version MPlayer for their architecture.
-  
-References:
-    http://www.mplayerhq.hu/homepage/design6/news.html
-
-
-Solution: 
-    MPlayer may be upgraded as follows:
-    x86 and SPARC users should:
-    # emerge sync
-    # emerge -pv ">=media-video/mplayer-0.92-r1"
-    # emerge ">=media-video/mplayer-0.92-r1"
-    AMD64 users should:
-    # emerge sync
-    # emerge -pv ">=media-video/mplayer-1.0_pre2-r1"
-    # emerge ">=media-video/mplayer-1.0_pre2-r1"
-    PPC users should:
-    # emerge sync
-    # emerge -pv ">=media-video/mplayer-1.0_pre3-r2"
-    # emerge ">=media-video/mplayer-1.0_pre3-r2"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200403-13] Remote buffer overflow in MPlayer");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Remote buffer overflow in MPlayer');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-video/mplayer", arch: "ppc", unaffected: make_list("ge 1.0_pre3-r3"), vulnerable: make_list("le 1.0_pre3")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200403-14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200403-14.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200403-14.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,67 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200403-14.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14465);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200403-14");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200403-14
-(Multiple Security Vulnerabilities in Monit)
-
-
-    A denial of service may occur due to Monit not sanitizing remotely supplied
-    HTTP parameters before passing them to memory allocation functions. This
-    could allow an attacker to cause an unexpected condition that could lead to
-    the Monit daemon crashing.
-    An overly long http request method may cause a buffer overflow due to Monit
-    performing insufficient bounds checking when handling HTTP requests.
-  
-Impact
-
-    An attacker may crash the Monit daemon to create a denial of service
-    condition or cause a buffer overflow that would allow arbitrary code to be
-    executed with root privileges.
-  
-Workaround
-
-    A workaround is not currently known for this issue. All users are advised
-    to upgrade to the latest version of the affected package.
-  
-References:
-    http://www.securityfocus.com/bid/9098
-    http://www.securityfocus.com/bid/9099
-
-
-Solution: 
-    Monit users should upgrade to version 4.2 or later:
-    # emerge sync
-    # emerge -pv ">=app-admin/monit-4.2"
-    # emerge ">=app-admin/monit-4.2"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200403-14] Multiple Security Vulnerabilities in Monit");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Multiple Security Vulnerabilities in Monit');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-admin/monit", unaffected: make_list("ge 4.2"), vulnerable: make_list("le 4.1")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200404-01.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200404-01.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200404-01.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,78 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200404-01.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14466);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200404-01");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200404-01
-(Insecure sandbox temporary lockfile vulnerabilities in Portage)
-
-
-    A flaw in Portage\'s sandbox wrapper has been found where the temporary
-    lockfiles are subject to a hard-link attack which allows linkable files to
-    be overwritten to an empty file. This can be used to damage critical files
-    on a system causing a Denial of Service, or alternatively this attack may
-    be used to cause other security risks; for example firewall configuration
-    data could be overwritten without notice.
-    The vulnerable sandbox functions have been patched to test for these new
-    conditions: namely; for the existance of a hard-link which would be removed
-    before the sandbox process would continue, for the existance of a
-    world-writable lockfile in which case the sandbox would also remove it, and
-    also for any mismatches in the UID ( anything but root ) and the GID (
-    anything but the group of the sandbox process ).
-    If the vulnerable files cannot be removed by the sandbox, then the sandbox
-    would exit with a fatal error warning the adminstrator of the issue. The
-    patched functions also fix any other sandbox I/O operations which do not
-    explicitly include the mentioned lockfile.
-  
-Impact
-
-    Any user with write access to the /tmp directory can hard-link a file to
-    /tmp/sandboxpids.tmp - this file would eventually be replaced with an empty
-    one; effectively wiping out the file it was linked to as well with no prior
-    warning. This could be used to potentially disable a vital component of the
-    system and cause a path for other possible exploits.
-    This vulnerability only affects systems that have /tmp on the root
-    partition: since symbolic link attacks are filtered, /tmp has to be on the
-    same partition for an attack to take place.
-  
-Workaround
-
-    A workaround is not currently known for this issue. All users are advised
-    to upgrade to the latest version of the affected package.
-  
-
-Solution: 
-    Users should upgrade to Portage 2.0.50-r3 or later:
-    # emerge sync
-    # emerge -pv ">=sys-apps/portage-2.0.50-r3"
-    # emerge ">=sys-apps/portage-2.0.50-r3"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200404-01] Insecure sandbox temporary lockfile vulnerabilities in Portage");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Insecure sandbox temporary lockfile vulnerabilities in Portage');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-apps/portage", unaffected: make_list("ge 2.0.50-r3"), vulnerable: make_list("lt 2.0.50-r3")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200404-02.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200404-02.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200404-02.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,61 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200404-02.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14467);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200404-02");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200404-02
-(KDE Personal Information Management Suite Remote Buffer Overflow Vulnerability)
-
-
-    A buffer overflow may occur in KDE-PIM\'s VCF file reader when a maliciously
-    crafted VCF file is opened by a user on a vulnerable system.
-  
-Impact
-
-    A remote attacker may unauthorized access to a user\'s personal data or
-    execute commands with the user\'s privileges.
-  
-Workaround
-
-    A workaround is not currently known for this issue. All users are advised
-    to upgrade to the latest version of the affected package.
-  
-References:
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0988
-
-
-Solution: 
-    KDE users should upgrade to version 3.1.5 or later:
-    # emerge sync
-    # emerge -pv ">=kde-base/kde-3.1.5"
-    # emerge ">=kde-base/kde-3.1.5"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200404-02] KDE Personal Information Management Suite Remote Buffer Overflow Vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'KDE Personal Information Management Suite Remote Buffer Overflow Vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "kde-base/kde", unaffected: make_list("ge 3.1.5"), vulnerable: make_list("le 3.1.4")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200404-03.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200404-03.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200404-03.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,71 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200404-03.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14468);
- if(defined_func("script_xref"))script_xref(name:"IAVA", value:"2004-t-0008");
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200404-03");
- script_cve_id("CVE-2003-0989");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200404-03
-(Tcpdump Vulnerabilities in ISAKMP Parsing)
-
-
-    There are two specific vulnerabilities in tcpdump, outlined in [ reference
-    1 ]. In the first scenario, an attacker may send a specially-crafted ISAKMP
-    Delete packet which causes tcpdump to read past the end of its buffer. In
-    the second scenario, an attacker may send an ISAKMP packet with the wrong
-    payload length, again causing tcpdump to read past the end of a buffer.
-  
-Impact
-
-    Remote attackers could potentially cause tcpdump to crash or execute
-    arbitrary code as the \'pcap\' user.
-  
-Workaround
-
-    There is no known workaround at this time. All tcpdump users are encouraged
-    to upgrade to the latest available version.
-  
-References:
-    http://www.rapid7.com/advisories/R7-0017.html
-    http://rhn.redhat.com/errata/RHSA-2004-008.html
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0989
-
-
-Solution: 
-    All tcpdump users should upgrade to the latest available version.
-    ADDITIONALLY, the net-libs/libpcap package should be upgraded.
-    # emerge sync
-    # emerge -pv ">=net-libs/libpcap-0.8.3-r1" ">=net-analyzer/tcpdump-3.8.3-r1"
-    # emerge ">=net-libs/libpcap-0.8.3-r1" ">=net-analyzer/tcpdump-3.8.3-r1"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200404-03] Tcpdump Vulnerabilities in ISAKMP Parsing");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Tcpdump Vulnerabilities in ISAKMP Parsing');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-analyzer/tcpdump", unaffected: make_list("ge 3.8.3-r1"), vulnerable: make_list("le 3.8.1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "net-libs/libpcap", unaffected: make_list("ge 0.8.3-r1"), vulnerable: make_list("le 0.8.1-r1")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200404-04.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200404-04.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200404-04.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,67 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200404-04.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14469);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200404-04");
- script_cve_id("CVE-2004-0107", "CVE-2004-0108");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200404-04
-(Multiple vulnerabilities in sysstat)
-
-
-    There are two vulnerabilities in the way sysstat handles symlinks:
-    The isag utility, which displays sysstat data in a graphical format,
-    creates a temporary file in an insecure manner.
-    Two scripts in the sysstat package, post and trigger, create temporary
-    files in an insecure manner.
-  
-Impact
-
-    Both vulnerabilities may allow an attacker to overwrite arbitrary files
-    under the permissions of the user executing any of the affected
-    utilities.
-  
-Workaround
-
-    A workaround is not currently known for this issue. All users are advised
-    to upgrade to the latest version of the affected package.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0107
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0108
-
-
-Solution: 
-    Systat users should upgrade to version 4.2 or later:
-    # emerge sync
-    # emerge -pv ">=app-admin/sysstat-5.0.2"
-    # emerge ">=app-admin/sysstat-5.0.2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200404-04] Multiple vulnerabilities in sysstat");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Multiple vulnerabilities in sysstat');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-admin/sysstat", arch: "x86 ppc sparc amd64", unaffected: make_list("ge 5.0.2"), vulnerable: make_list("lt 5.0.2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200404-05.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200404-05.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200404-05.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,60 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200404-05.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14470);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200404-05");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200404-05
-(ipsec-tools contains an X.509 certificates vulnerability.)
-
-
-    racoon (a utility in the ipsec-tools package) does not verify digital
-    signatures on Phase1 packets.  This means  that anybody holding the correct
-    X.509 certificate would be able to establish a connection, even if they did
-    not have the corresponding private key.
-  
-Impact
-
-    Since digital signatures are not verified by the racoon tool, an attacker may
-	be able to connect to the VPN gateway and/or execute a man-in-the-middle attack.
-  
-Workaround
-
-    A workaround is not currently known for this issue. All users are advised
-    to upgrade to the latest version of the affected package.
-  
-
-Solution: 
-    ipsec-tools users should upgrade to version 0.2.5 or later:
-    # emerge sync
-    # emerge -pv ">=net-firewall/ipsec-tools-0.2.5"
-    # emerge ">=net-firewall/ipsec-tools-0.2.5"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200404-05] ipsec-tools contains an X.509 certificates vulnerability.");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'ipsec-tools contains an X.509 certificates vulnerability.');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-firewall/ipsec-tools", arch: "amd64", unaffected: make_list("ge 0.2.5"), vulnerable: make_list("le 0.2.4")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200404-06.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200404-06.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200404-06.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,65 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200404-06.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14471);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200404-06");
- script_cve_id("CVE-2004-0080");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200404-06
-(Util-linux login may leak sensitive data)
-
-
-    In some situations the login program could leak sensitive data due to an
-    incorrect usage of a reallocated pointer.
-	NOTE: Only users who have PAM support disabled on their
-	systems (i.e.  -PAM in their USE variable) will be affected by this
-	vulnerability.  By default, this USE flag is enabled on all
-	architectures.  Users with PAM support on their system receive login binaries
-	as part of the pam-login package, which remains unaffected.
-  
-Impact
-
-    A remote attacker may obtain sensitive data.
-  
-Workaround
-
-     A workaround is not currently known for this issue. All users are advised to upgrade to the latest version of the affected package.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0080
-
-
-Solution: 
-    All util-linux users should upgrade to version 2.12 or later:
-    # emerge sync
-	# emerge -pv ">=sys-apps/util-linux-2.12"
-    # emerge ">=sys-apps/util-linux-2.12"
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200404-06] Util-linux login may leak sensitive data");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Util-linux login may leak sensitive data');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-apps/util-linux", unaffected: make_list("ge 2.12"), vulnerable: make_list("le 2.11")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200404-07.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200404-07.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200404-07.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,59 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200404-07.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14472);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200404-07");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200404-07
-(ClamAV RAR Archive Remote Denial Of Service Vulnerability)
-
-
-    Certain types of RAR archives, including those created by variants of the
-    W32.Beagle.A at mm worm, may cause clamav to crash when it attempts to process
-    them.
-  
-Impact
-
-    This vulnerability causes a Denial of Service in the clamav process.  Depending on
-    configuration, this may cause dependent services such as mail to fail as well.
-  
-Workaround
-
-    A workaround is not currently known for this issue. All users are advised
-    to upgrade to the latest version of the affected package.
-  
-
-Solution: 
-    ClamAV users should upgrade to version 0.68.1 or later:
-    # emerge sync
-    # emerge -pv ">=net-mail/clamav-0.68.1"
-    # emerge ">=net-mail/clamav-0.68.1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200404-07] ClamAV RAR Archive Remote Denial Of Service Vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'ClamAV RAR Archive Remote Denial Of Service Vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-mail/clamav", unaffected: make_list("ge 0.68.1"), vulnerable: make_list("le 0.68")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200404-08.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200404-08.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200404-08.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,61 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200404-08.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14473);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200404-08");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200404-08
-(GNU Automake symbolic link vulnerability)
-
-
-    Automake may be vulnerable to a symbolic link attack which may allow an
-    attacker to modify data or escalate their privileges. This is due to
-    the insecure way Automake creates directories during compilation. An
-    attacker may be able to create symbolic links in the place of files
-    contained in the affected directories, which may potentially lead to
-    elevated privileges due to modification of data.
-  
-Impact
-
-    An attacker may be able to use this vulnerability to modify data in an
-    unauthorized fashion or elevate their privileges.
-  
-Workaround
-
-    A workaround is not currently known for this issue. All users are
-    advised to upgrade to the latest version of the affected package.
-  
-
-Solution: 
-    Automake users should upgrade to the latest versions:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose sys-devel/automake
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200404-08] GNU Automake symbolic link vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'GNU Automake symbolic link vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-devel/automake", unaffected: make_list("ge 1.8.5-r3", "rge 1.7.9-r1", "lt 1.7"), vulnerable: make_list("le 1.8.5-r2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200404-09.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200404-09.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200404-09.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200404-09.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14474);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200404-09");
- script_cve_id("CVE-2004-0371");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200404-09
-(Cross-realm trust vulnerability in Heimdal)
-
-
-    Heimdal does not properly perform certain consistency checks for
-    cross-realm requests, which allows remote attackers with control of a realm
-    to impersonate others in the cross-realm trust path.
-  
-Impact
-
-    Remote attackers with control of a realm may be able to impersonate other
-    users in the cross-realm trust path.
-  
-Workaround
-
-    A workaround is not currently known for this issue. All users are advised
-    to upgrade to the latest version of the affected package.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0371
-
-
-Solution: 
-    Heimdal users should upgrade to version 0.6.1 or later:
-    # emerge sync
-    # emerge -pv ">=app-crypt/heimdal-0.6.1"
-    # emerge ">=app-crypt/heimdal-0.6.1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200404-09] Cross-realm trust vulnerability in Heimdal");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Cross-realm trust vulnerability in Heimdal');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-crypt/heimdal", unaffected: make_list("ge 0.6.1"), vulnerable: make_list("le 0.6.0")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200404-10.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200404-10.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200404-10.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200404-10.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14475);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200404-10");
- script_cve_id("CVE-2003-0856");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200404-10
-(iproute local Denial of Service vulnerability)
-
-
-    It has been reported that iproute can accept spoofed messages on the kernel
-    netlink interface from local users. This could lead to a local Denial of
-    Service condition.
-  
-Impact
-
-    Local users could cause a Denial of Service.
-  
-Workaround
-
-     A workaround is not currently known for this issue. All users are advised
-     to upgrade to the latest version of the affected package.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0856
-
-
-Solution: 
-    All iproute users should upgrade to version 20010824-r5 or later:
-    # emerge sync
-    # emerge -pv ">=sys-apps/iproute-20010824-r5";
-    # emerge ">=sys-apps/iproute-20010824-r5";
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200404-10] iproute local Denial of Service vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'iproute local Denial of Service vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-apps/iproute", unaffected: make_list("ge 20010824-r5"), vulnerable: make_list("le 20010824-r4")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200404-11.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200404-11.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200404-11.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,66 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200404-11.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14476);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200404-11");
- script_cve_id("CVE-2004-0097");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200404-11
-(Multiple Vulnerabilities in pwlib)
-
-
-    Multiple vulnerabilities have been found in the implimentation of protocol
-    H.323 contained in pwlib. Most of the vulnerabilies are in the parsing of
-    ASN.1 elements which would allow an attacker to use a maliciously crafted
-    ASN.1 element to cause unpredictable behavior in pwlib.
-  
-Impact
-
-    An attacker may cause a denial of service condition or cause a buffer
-    overflow that would allow arbitrary code to be executed with root
-    privileges.
-  
-Workaround
-
-    Blocking ports 1719 and 1720 may reduce the likelihood of an attack. All
-    users are advised to upgrade to the latest version of the affected package.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0097
-    http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
-
-
-Solution: 
-    All pwlib users are advised to upgrade to version 1.5.2-r3 or later:
-    # emerge sync
-    # emerge -pv ">=dev-libs/pwlib-1.5.2-r3"
-    # emerge ">=dev-libs/pwlib-1.5.2-r3"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200404-11] Multiple Vulnerabilities in pwlib");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Multiple Vulnerabilities in pwlib');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-libs/pwlib", unaffected: make_list("ge 1.5.2-r3"), vulnerable: make_list("le 1.5.2-r2")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200404-12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200404-12.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200404-12.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200404-12.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14477);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200404-12");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200404-12
-(Scorched 3D server chat box format string vulnerability)
-
-
-    Scorched 3D (build 36.2 and before) does not properly check the text
-    entered in the Chat box (T key). Using format string characters, you can
-    generate a heap overflow. This and several other unchecked buffers have
-    been corrected in the build 37 release.
-  
-Impact
-
-    This vulnerability can be easily exploited to remotely crash the Scorched
-    3D server, disconnecting all clients. It could also theorically be used to
-    execute arbitrary code on the server with the rights of the user running
-    the server.
-  
-Workaround
-
-    A workaround is not currently known for this issue. All users are advised
-    to upgrade to the latest version of the affected package.
-  
-
-Solution: 
-    Scorched 3D users should upgrade to version 37 or later:
-    # emerge sync
-    # emerge -pv ">=games-strategy/scorched3d-37"
-    # emerge ">=games-strategy/scorched3d-37"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200404-12] Scorched 3D server chat box format string vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Scorched 3D server chat box format string vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "games-strategy/scorched3d", unaffected: make_list("ge 37"), vulnerable: make_list("lt 37")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200404-13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200404-13.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200404-13.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,65 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200404-13.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14478);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200404-13");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200404-13
-(CVS Server and Client Vulnerabilities)
-
-
-    There are two vulnerabilities in CVS; one in the server and one in the
-    client. The server vulnerability allows a malicious client to request the
-    contents of any RCS file to which the server has permission, even those not
-    located under $CVSROOT. The client vulnerability allows a malicious server
-    to overwrite files on the client machine anywhere the client has
-    permissions.
-  
-Impact
-
-    Arbitrary files may be read or written on CVS clients and servers by
-    anybody with access to the CVS tree.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest stable version of CVS.
-  
-References:
-    http://ccvs.cvshome.org/source/browse/ccvs/NEWS?rev=1.116.2.92&content-type=text/x-cvsweb-markup
-
-
-Solution: 
-    All CVS users should upgrade to the latest stable version.
-    # emerge sync
-    # emerge -pv ">=dev-util/cvs-1.11.15"
-    # emerge ">=dev-util/cvs-1.11.15"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200404-13] CVS Server and Client Vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'CVS Server and Client Vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-util/cvs", unaffected: make_list("ge 1.11.15"), vulnerable: make_list("le 1.11.14")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200404-14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200404-14.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200404-14.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,66 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200404-14.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14479);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200404-14");
- script_cve_id("CVE-2004-0179");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200404-14
-(Multiple format string vulnerabilities in cadaver)
-
-
-    Cadaver code includes the neon library, which in versions 0.24.4 and
-    previous is vulnerable to multiple format string attacks. The latest
-    version of cadaver uses version 0.24.5 of the neon library, which makes it
-    immune to this vulnerability.
-  
-Impact
-
-    When using cadaver to connect to an untrusted WebDAV server, this
-    vulnerability can allow a malicious remote server to execute arbitrary code
-    on the client with the rights of the user using cadaver.
-  
-Workaround
-
-    A workaround is not currently known for this issue. All users are advised
-    to upgrade to the latest version of the affected package.
-  
-References:
-    http://www.webdav.org/cadaver
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0179
-
-
-Solution: 
-    cadaver users should upgrade to version 0.22.1 or later:
-    # emerge sync
-    # emerge -pv ">=net-misc/cadaver-0.22.1"
-    # emerge ">=net-misc/cadaver-0.22.1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200404-14] Multiple format string vulnerabilities in cadaver");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Multiple format string vulnerabilities in cadaver');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-misc/cadaver", unaffected: make_list("ge 0.22.1"), vulnerable: make_list("lt 0.22.1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200404-15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200404-15.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200404-15.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,68 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200404-15.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14480);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200404-15");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200404-15
-(XChat 2.0.x SOCKS5 Vulnerability)
-
-
-    The SOCKS 5 proxy code in XChat is vulnerable to a remote exploit. Users
-    would have to be using XChat through a SOCKS 5 server, enable SOCKS 5
-    traversal which is disabled by default and also connect to an attacker\'s
-    custom proxy server.
-  
-Impact
-
-    This vulnerability may allow an attacker to run arbitrary code within the
-    context of the user ID of the XChat client.
-  
-Workaround
-
-    A workaround is not currently known for this issue. All users are advised
-    to upgrade to the latest version of the affected package.
-  
-References:
-    http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html
-
-
-Solution: 
-    All XChat users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=net-irc/xchat-2.0.8-r1"
-    # emerge ">=net-irc/xchat-2.0.8-r1"
-    Note that users of the gtk1 version of xchat (1.8.*) should upgrade to
-    xchat-1.8.11-r1:
-    # emerge sync
-    # emerge -pv "=net-irc/xchat-1.8.11-r1"
-    # emerge "=net-irc/xchat-1.8.11-r1"
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200404-15] XChat 2.0.x SOCKS5 Vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'XChat 2.0.x SOCKS5 Vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-irc/xchat", unaffected: make_list("ge 2.0.8-r1"), vulnerable: make_list("lt 2.0.8-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200404-16.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200404-16.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200404-16.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200404-16.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14481);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200404-16");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200404-16
-(Multiple new security vulnerabilities in monit)
-
-
-    Monit has several vulnerabilities in its HTTP interface : a buffer overflow
-    vulnerability in the authentication handling code and a off-by-one error in
-    the POST method handling code.
-  
-Impact
-
-    An attacker may exploit the off-by-one error to crash the Monit daemon and
-    create a denial of service condition, or cause a buffer overflow that would
-    allow arbitrary code to be executed with root privileges.
-  
-Workaround
-
-    A workaround is not currently known for this issue. All users are advised
-    to upgrade to the latest version of the affected package.
-  
-References:
-    http://www.tildeslash.com/monit/secadv_20040305.txt
-
-
-Solution: 
-    Monit users should upgrade to version 4.2.1 or later:
-    # emerge sync
-    # emerge -pv ">=app-admin/monit-4.2.1"
-    # emerge ">=app-admin/monit-4.2.1"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200404-16] Multiple new security vulnerabilities in monit");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Multiple new security vulnerabilities in monit');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-admin/monit", unaffected: make_list("ge 4.2.1"), vulnerable: make_list("le 4.2")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200404-17.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200404-17.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200404-17.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,71 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200404-17.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14482);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200404-17");
- script_cve_id("CVE-2004-0403");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200404-17
-(ipsec-tools and iputils contain a remote DoS vulnerability)
-
-
-    When racoon receives an ISAKMP header, it allocates memory based on the
-    length of the header field. Thus, an attacker may be able to cause a Denial
-    of Services by creating a header that is large enough to consume all
-    available system resources.
-  
-Impact
-
-    This vulnerability may allow an attacker to remotely cause a Denial of
-    Service.
-  
-Workaround
-
-    A workaround is not currently known for this issue. All users are advised
-    to upgrade to the latest version of the affected package.
-  
-References:
-    http://ipsec-tools.sourceforge.net/
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0403
-
-
-Solution: 
-    ipsec-tools users should upgrade to version 0.2.5 or later:
-    # emerge sync
-    # emerge -pv ">=net-firewall/ipsec-tools-0.3.1"
-    # emerge ">=net-firewall/ipsec-tools-0.3.1"
-    iputils users should upgrade to version 021109-r3 or later:
-    # emerge sync
-    # emerge -pv ">=net-misc/iputils-021109-r3"
-    # emerge ">=net-misc/iputils-021109-r3"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200404-17] ipsec-tools and iputils contain a remote DoS vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'ipsec-tools and iputils contain a remote DoS vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-firewall/ipsec-tools", arch: "amd64", unaffected: make_list("ge 0.3.1"), vulnerable: make_list("lt 0.3.1")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "net-misc/iputils", arch: "ppc amd64 ppc64 s390", unaffected: make_list("eq 021109-r3"), vulnerable: make_list("eq 021109-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200404-18.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200404-18.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200404-18.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,67 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200404-18.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14483);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200404-18");
- script_cve_id("CVE-2004-0156");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200404-18
-(Multiple Vulnerabilities in ssmtp)
-
-
-    There are two format string vulnerabilities inside the log_event() and
-    die() functions of ssmtp. Strings from outside ssmtp are passed to various
-    printf()-like functions from within log_event() and die() as format
-    strings. An attacker could cause a specially-crafted string to be passed to
-    these functions, and potentially cause ssmtp to execute arbitrary code.
-  
-Impact
-
-    If ssmtp connects to a malicious mail relay server, this vulnerability can
-    be used to execute code with the rights of the mail sender, including root.
-  
-Workaround
-
-    There is no known workaround at this time. All users are advised to upgrade
-    to the latest available version of ssmtp.
-  
-References:
-    http://secunia.com/advisories/11378/
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0156
-    http://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00084.html
-
-
-Solution: 
-    All users are advised to upgrade to the latest available version of ssmtp.
-    # emerge sync
-    # emerge -pv ">=net-mail/ssmtp-2.60.7"
-    # emerge ">=net-mail/ssmtp-2.60.7"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200404-18] Multiple Vulnerabilities in ssmtp");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Multiple Vulnerabilities in ssmtp');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-mail/ssmtp", unaffected: make_list("ge 2.60.7"), vulnerable: make_list("le 2.60.4-r2")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200404-19.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200404-19.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200404-19.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200404-19.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14484);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200404-19");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200404-19
-(Buffer overflows and format string vulnerabilities in LCDproc)
-
-
-    Due to insufficient checking of client-supplied data, the LCDd server is
-    susceptible to two buffer overflows and one string buffer vulnerability. If
-    the server is configured to listen on all network interfaces (see the Bind
-    parameter in LCDproc configuration), these vulnerabilities can be triggered
-    remotely.
-  
-Impact
-
-    These vulnerabilities allow an attacker to execute code with the rights of
-    the user running the LCDproc server. By default, this is the "nobody" user.
-  
-Workaround
-
-    A workaround is not currently known for this issue. All users are advised
-    to upgrade to the latest version of the affected package.
-  
-References:
-    http://lists.omnipotent.net/pipermail/lcdproc/2004-April/008884.html
-
-
-Solution: 
-    LCDproc users should upgrade to version 0.4.5 or later:
-    # emerge sync
-    # emerge -pv ">=app-misc/lcdproc-0.4.5"
-    # emerge ">=app-misc/lcdproc-0.4.5"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200404-19] Buffer overflows and format string vulnerabilities in LCDproc");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Buffer overflows and format string vulnerabilities in LCDproc');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-misc/lcdproc", unaffected: make_list("ge 0.4.5"), vulnerable: make_list("le 0.4.4-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200404-20.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200404-20.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200404-20.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,76 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200404-20.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14485);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200404-20");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200404-20
-(Multiple vulnerabilities in xine)
-
-
-    Several vulnerabilities were found in xine-ui and xine-lib. By opening a
-    malicious MRL in any xine-lib based media player, an attacker can write
-    arbitrary content to an arbitrary file, only restricted by the permissions
-    of the user running the application. By opening a malicious playlist in the
-    xine-ui media player, an attacker can write arbitrary content to an
-    arbitrary file, only restricted by the permissions of the user running
-    xine-ui. Finally, a temporary file is created in an insecure manner by the
-    xine-check and xine-bugreport scripts, potentially allowing a local
-    attacker to use a symlink attack.
-  
-Impact
-
-    These three vulnerabilities may alow an attacker to corrupt system files,
-    thus potentially leading to a Denial of Service. It is also theoretically
-    possible, though very unlikely, to use these vulnerabilities to elevate the
-    privileges of the attacker.
-  
-Workaround
-
-    There is no known workaround at this time. All users are advised to upgrade
-    to the latest available versions of xine-ui and xine-lib.
-  
-References:
-    http://xinehq.de/index.php/security
-    http://nettwerked.mg2.org/advisories/xinebug
-
-
-Solution: 
-    All users of xine-ui or another xine-based player should upgrade to the
-    latest stable versions:
-    # emerge sync
-    # emerge -pv ">=media-video/xine-ui-0.9.23-r2"
-    # emerge ">=media-video/xine-ui-0.9.23-r2"
-    # emerge -pv ">=media-libs/xine-lib-1_rc3-r3"
-    # emerge ">=media-libs/xine-lib-1_rc3-r3"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200404-20] Multiple vulnerabilities in xine");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Multiple vulnerabilities in xine');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-video/xine-ui", unaffected: make_list("ge 0.9.23-r2"), vulnerable: make_list("le 0.9.23-r1")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "media-libs/xine-lib", unaffected: make_list("ge 1_rc3-r3"), vulnerable: make_list("le 1_rc3-r2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200404-21.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200404-21.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200404-21.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,80 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200404-21.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14486);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200404-21");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200404-21
-(Multiple Vulnerabilities in Samba)
-
-
-    Two vulnerabilities have been discovered in Samba. The first vulnerability
-    allows a local user who has access to the smbmount command to gain root. An
-    attacker could place a setuid-root binary on a Samba share/server he or she
-    controls, and then use the smbmount command to mount the share on the
-    target UNIX box. The remote Samba server must support UNIX extensions for
-    this to work. This has been fixed in version 3.0.2a.
-    The second vulnerability is in the smbprint script. By creating a symlink
-    from /tmp/smbprint.log, an attacker could cause the smbprint script to
-    write to an arbitrary file on the system. This has been fixed in version
-    3.0.2a-r2.
-  
-Impact
-
-    Local users with access to the smbmount command may gain root access. Also,
-    arbitrary files may be overwritten using the smbprint script.
-  
-Workaround
-
-    To workaround the setuid bug, remove the setuid bits from the
-    /usr/bin/smbmnt, /usr/bin/smbumount and /usr/bin/mount.cifs binaries.
-    However, please note that this workaround will prevent ordinary users from
-    mounting remote SMB and CIFS shares.
-    To work around the smbprint vulnerability, set "debug=no" in the smbprint
-    configuration.
-  
-References:
-    http://www.securityfocus.com/archive/1/353222/2004-04-09/2004-04-15/1
-    http://seclists.org/lists/bugtraq/2004/Mar/0189.html
-
-
-Solution: 
-    All users should update to the latest version of the Samba package.
-    The following commands will perform the upgrade:
-    # emerge sync
-    # emerge -pv ">=net-fs/samba-3.0.2a-r2"
-    # emerge ">=net-fs/samba-3.0.2a-r2"
-    Those who are using Samba\'s password database also need to run the
-    following command:
-    # pdbedit --force-initialized-passwords
-    Those using LDAP for Samba passwords also need to check the sambaPwdLastSet
-    attribute on each account, and ensure it is not 0.
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200404-21] Multiple Vulnerabilities in Samba");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Multiple Vulnerabilities in Samba');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-fs/samba", unaffected: make_list("ge 3.0.2a-r2"), vulnerable: make_list("le 3.0.2a")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-01.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-01.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-01.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-01.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14487);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-01");
- script_cve_id("CVE-2004-0179");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-01
-(Multiple format string vulnerabilities in neon 0.24.4 and earlier)
-
-
-    There are multiple format string vulnerabilities in libneon which may allow
-    a malicious WebDAV server to execute arbitrary code under the context of
-    the process using libneon.
-  
-Impact
-
-    An attacker may be able to execute arbitrary code under the context of the
-    process using libneon.
-  
-Workaround
-
-    A workaround is not currently known for this issue. All users are advised
-    to upgrade to the latest version of the affected package.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0179
-
-
-Solution: 
-    Neon users should upgrade to version 0.24.5 or later:
-    # emerge sync
-    # emerge -pv ">=net-misc/neon-0.24.5"
-    # emerge ">=net-misc/neon-0.24.5"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-01] Multiple format string vulnerabilities in neon 0.24.4 and earlier");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Multiple format string vulnerabilities in neon 0.24.4 and earlier');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-misc/neon", unaffected: make_list("ge 0.24.5"), vulnerable: make_list("le 0.24.4")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-02.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-02.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-02.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,71 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-02.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14488);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-02");
- script_cve_id("CVE-2004-0234", "CVE-2004-0235");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-02
-(Multiple vulnerabilities in LHa)
-
-
-    Ulf Harnhammar found two stack overflows and two directory traversal
-    vulnerabilities in LHa version 1.14 and 1.17. A stack overflow occurs when
-    testing or extracting archives containing long file or directory names.
-    Furthermore, LHa doesn\'t contain sufficient protection against relative or
-    absolute archive paths.
-  
-Impact
-
-    The stack overflows can be exploited to execute arbitrary code with the
-    rights of the user testing or extracting the archive. The directory
-    traversal vulnerabilities can be used to overwrite files in the filesystem
-    with the rights of the user extracting the archive, potentially leading to
-    denial of service or privilege escalation. Since LHa is often interfaced to
-    other software like an email virus scanner, this attack can be used
-    remotely.
-  
-Workaround
-
-    There is no known workaround at this time. All users are advised to upgrade
-    to the latest available version of LHa.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0234
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0235
-
-
-Solution: 
-    All users of LHa should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=app-arch/lha-114i-r2"
-    # emerge ">=app-arch/lha-114i-r2"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-02] Multiple vulnerabilities in LHa");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Multiple vulnerabilities in LHa');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-arch/lha", unaffected: make_list("ge 114i-r2"), vulnerable: make_list("le 114i-r1")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-03.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-03.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-03.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,66 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-03.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14489);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-03");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-03
-(ClamAV VirusEvent parameter vulnerability)
-
-
-    The VirusEvent parameter in the clamav.conf configuration file allows to
-    specify a system command to run whenever a virus is found. This system
-    command can make use of the "%f" parameter which is replaced by the name of
-    the file infected. The name of the file scanned is under control of the
-    attacker and is not sufficiently checked. Version 0.70 of clamav disables
-    the use of the "%f" parameter.
-  
-Impact
-
-    Sending a virus with a malicious file name can result in execution of
-    arbirary system commands with the rights of the antivirus process. Since
-    clamav is often associated to mail servers for email scanning, this attack
-    can be used remotely.
-  
-Workaround
-
-    You should not use the "%f" parameter in your VirusEvent configuration.
-  
-References:
-    http://www.clamav.net/
-
-
-Solution: 
-    All users of Clam AntiVirus should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=net-mail/clamav-0.70"
-    # emerge ">=net-mail/clamav-0.70"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-03] ClamAV VirusEvent parameter vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'ClamAV VirusEvent parameter vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-mail/clamav", unaffected: make_list("ge 0.70"), vulnerable: make_list("lt 0.70")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-04.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-04.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-04.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,89 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-04.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14490);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-04");
- script_cve_id("CVE-2004-0179");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-04
-(OpenOffice.org vulnerability when using DAV servers)
-
-
-    OpenOffice.org includes code from the Neon library in functions related to
-    publication on WebDAV servers. This library is vulnerable to several format
-    string attacks.
-  
-Impact
-
-    If you use the WebDAV publication and connect to a malicious WebDAV server,
-    this server can exploit these vulnerabilities to execute arbitrary code
-    with the rights of the user running OpenOffice.org.
-  
-Workaround
-
-    As a workaround, you should not use the WebDAV publication facilities.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0179
-    http://www.gentoo.org/security/en/glsa/glsa-200405-01.xml
-
-
-Solution: 
-    There is no Ximian OpenOffice.org binary version including the fix yet. All
-    users of the openoffice-ximian-bin package making use of the WebDAV
-    openoffice-ximian source-based package.
-    openoffice users on the x86 architecture should:
-    # emerge sync
-    # emerge -pv ">=app-office/openoffice-1.1.1-r1"
-    # emerge ">=app-office/openoffice-1.1.1-r1"
-    openoffice users on the sparc architecture should:
-    # emerge sync
-    # emerge -pv ">=app-office/openoffice-1.1.0-r3"
-    # emerge ">=app-office/openoffice-1.1.0-r3"
-    openoffice users on the ppc architecture should:
-    # emerge sync
-    # emerge -pv ">=app-office/openoffice-1.0.3-r1"
-    # emerge ">=app-office/openoffice-1.0.3-r1"
-    openoffice-ximian users should:
-    # emerge sync
-    # emerge -pv ">=app-office/openoffice-ximian-1.1.51-r1"
-    # emerge ">=app-office/openoffice-ximian-1.1.51-r1"
-    openoffice-bin users should:
-    # emerge sync
-    # emerge -pv ">=app-office/openoffice-bin-1.1.2"
-    # emerge ">=app-office/openoffice-bin-1.1.2"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-04] OpenOffice.org vulnerability when using DAV servers");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'OpenOffice.org vulnerability when using DAV servers');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-office/openoffice", arch: "sparc", unaffected: make_list("ge 1.1.0-r4"), vulnerable: make_list("le 1.1.0-r3")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "app-office/openoffice-bin", unaffected: make_list("ge 1.1.2"), vulnerable: make_list("lt 1.1.2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "app-office/openoffice-ximian-bin", unaffected: make_list(), vulnerable: make_list("le 1.1.52")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "app-office/openoffice-ximian", unaffected: make_list("ge 1.1.51-r1"), vulnerable: make_list("le 1.1.51")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-05.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-05.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-05.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-05.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14491);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-05");
- script_cve_id("CVE-2004-0233");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-05
-(Utempter symlink vulnerability)
-
-
-    Utempter contains a vulnerability that may allow local users to overwrite
-    arbitrary files via a symlink attack.
-  
-Impact
-
-    This vulnerability may allow arbitrary files to be overwritten with root
-    privileges.
-  
-Workaround
-
-    There is no known workaround at this time. All users are advised to upgrade
-    to the latest available version of utempter.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0233
-
-
-Solution: 
-    All users of utempter should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=sys-apps/utempter-0.5.5.4"
-    # emerge ">=sys-apps/utempter-0.5.5.4"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-05] Utempter symlink vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Utempter symlink vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-apps/utempter", unaffected: make_list("ge 0.5.5.4"), vulnerable: make_list("lt 0.5.5.4")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-06.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-06.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-06.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,69 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-06.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14492);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-06");
- script_cve_id("CVE-2004-0421");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-06
-(libpng denial of service vulnerability)
-
-
-    libpng provides two functions (png_chunk_error and png_chunk_warning) for
-    default error and warning messages handling. These functions do not perform
-    proper bounds checking on the provided message, which is limited to 64
-    bytes. Programs linked against this library may crash when handling a
-    malicious PNG image.
-  
-Impact
-
-    This vulnerability could be used to crash various programs using the libpng
-    library, potentially resulting in a denial of service attack on vulnerable
-    daemon processes.
-  
-Workaround
-
-    There is no known workaround at this time. All users are advised to upgrade
-    to the latest available version of libpng.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0421
-
-
-Solution: 
-    All users of libpng should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=media-libs/libpng-1.2.5-r5"
-    # emerge ">=media-libs/libpng-1.2.5-r5"
-    You should also run revdep-rebuild to rebuild any packages that depend on
-    older versions of libpng :
-    # revdep-rebuild
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-06] libpng denial of service vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'libpng denial of service vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-libs/libpng", unaffected: make_list("ge 1.2.5-r5"), vulnerable: make_list("le 1.2.5-r4")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-07.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-07.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-07.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,65 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-07.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14493);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-07");
- script_cve_id("CVE-2004-0400");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-07
-(Exim verify=header_syntax buffer overflow)
-
-
-    When the option "verify = header_syntax" is used in an ACL in the
-    configuration file, Exim is vulnerable to a buffer overflow attack that can
-    be triggered remotely by sending malicious headers in an email message.
-    Note that this option is not enabled in Exim\'s default configuration file.
-  
-Impact
-
-    This vulnerability can be exploited to trigger a denial of service attack
-    and potentially execute arbitrary code with the rights of the user used by
-    the Exim daemon (by default this is the "mail" user in Gentoo Linux).
-  
-Workaround
-
-    Make sure the verify=header_syntax option is not used in your exim.conf
-    file.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0400
-
-
-Solution: 
-    All users of Exim should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=net-mail/exim-4.33-r1"
-    # emerge ">=net-mail/exim-4.33-r1"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-07] Exim verify=header_syntax buffer overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Exim verify=header_syntax buffer overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-mail/exim", unaffected: make_list("ge 4.33-r1"), vulnerable: make_list("le 4.33")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-08.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-08.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-08.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-08.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14494);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-08");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-08
-(Pound format string vulnerability)
-
-
-    A format string flaw in the processing of syslog messages was discovered
-    and corrected in Pound.
-  
-Impact
-
-    This flaw may allow remote execution of arbitrary code with the rights of
-    the Pound daemon process. By default, Gentoo uses the "nobody" user to run
-    the Pound daemon.
-  
-Workaround
-
-    There is no known workaround at this time. All users are advised to upgrade
-    to the latest available version of Pound.
-  
-References:
-    http://www.apsis.ch/pound/pound_list/archive/2003/2003-12/1070234315000#1070234315000
-
-
-Solution: 
-    All users of Pound should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=net-www/pound-1.6"
-    # emerge ">=net-www/pound-1.6"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-08] Pound format string vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Pound format string vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/pound", unaffected: make_list("ge 1.6"), vulnerable: make_list("le 1.5")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-09.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-09.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-09.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-09.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14495);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-09");
- script_cve_id("CVE-2004-0432");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-09
-(ProFTPD Access Control List bypass vulnerability)
-
-
-    ProFTPD 1.2.9 introduced a vulnerability that allows CIDR-based ACLs (such
-    as 10.0.0.1/24) to be bypassed. The CIDR ACLs are disregarded, with the net
-    effect being similar to an "AllowAll" directive.
-  
-Impact
-
-    This vulnerability may allow unauthorized files, including critical system
-    files to be downloaded and/or modified, thereby allowing a potential remote
-    compromise of the server.
-  
-Workaround
-
-    Users may work around the problem by avoiding use of CIDR-based ACLs.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0432
-
-
-Solution: 
-    ProFTPD users are encouraged to upgrade to the latest version of the
-    package:
-    # emerge sync
-    # emerge -pv ">=net-ftp/proftpd-1.2.9-r2"
-    # emerge ">=net-ftp/proftpd-1.2.9-r2"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-09] ProFTPD Access Control List bypass vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'ProFTPD Access Control List bypass vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-ftp/proftpd", unaffected: make_list("ge 1.2.9-r2"), vulnerable: make_list("eq 1.2.9-r1", "eq 1.2.9")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-10.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-10.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-10.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-10.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14496);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-10");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-10
-(Icecast denial of service vulnerability)
-
-
-    There is an out-of-bounds read error in the web interface of Icecast when
-    handling Basic Authorization requests. This vulnerability can theorically
-    be exploited by sending a specially crafted Authorization header to the
-    server.
-  
-Impact
-
-    By exploiting this vulnerability, it is possible to crash the Icecast
-    server remotely, resulting in a denial of service attack.
-  
-Workaround
-
-    There is no known workaround at this time. All users are advised to upgrade
-    to the latest available version of Icecast.
-  
-References:
-    http://www.xiph.org/archives/icecast/7144.html
-
-
-Solution: 
-    All users of Icecast should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=net-misc/icecast-2.0.1"
-    # emerge ">=net-misc/icecast-2.0.1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-10] Icecast denial of service vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Icecast denial of service vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-misc/icecast", unaffected: make_list("ge 2.0.1"), vulnerable: make_list("le 2.0.0")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-11.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-11.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-11.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,71 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-11.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14497);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-11");
- script_cve_id("CVE-2004-0411");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-11
-(KDE URI Handler Vulnerabilities)
-
-
-    The telnet, rlogin, ssh and mailto URI handlers in KDE do not check for \'-\'
-    at the beginning of the hostname passed. By crafting a malicious URI and
-    entice an user to click on it, it is possible to pass an option to the
-    programs started by the handlers (typically telnet, kmail...).
-  
-Impact
-
-    If the attacker controls the options passed to the URI handling programs,
-    it becomes possible for example to overwrite arbitrary files (possibly
-    leading to denial of service), to open kmail on an attacker-controlled
-    remote display or with an alternate configuration file (possibly leading to
-    control of the user account).
-  
-Workaround
-
-    There is no known workaround at this time. All users are advised to upgrade
-    to a corrected version of kdelibs.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0411
-
-
-Solution: 
-    Users of KDE 3.1 should upgrade to the corrected version of kdelibs:
-    # emerge sync
-    # emerge -pv "=kde-base/kdelibs-3.1.5-r1"
-    # emerge "=kde-base/kdelibs-3.1.5-r1"
-    Users of KDE 3.2 should upgrade to the latest available version of kdelibs:
-    # emerge sync
-    # emerge -pv ">=kde-base/kdelibs-3.2.2-r1"
-    # emerge ">=kde-base/kdelibs-3.2.2-r1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-11] KDE URI Handler Vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'KDE URI Handler Vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "kde-base/kdelibs", unaffected: make_list("ge 3.2.2-r1", "eq 3.1.5-r1"), vulnerable: make_list("le 3.2.2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-12.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-12.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,67 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-12.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14498);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-12");
- script_cve_id("CVE-2004-0396");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-12
-(CVS heap overflow vulnerability)
-
-
-    Stefan Esser discovered a heap overflow in the CVS server, which can be
-    triggered by sending malicious "Entry" lines and manipulating the flags
-    related to that Entry. This vulnerability was proven to be exploitable.
-  
-Impact
-
-    A remote attacker can execute arbitrary code on the CVS server, with the
-    rights of the CVS server. By default, Gentoo uses the "cvs" user to run the
-    CVS server. In particular, this flaw allows a complete compromise of CVS
-    source repositories. If you\'re not running a server, then you are not
-    vulnerable.
-  
-Workaround
-
-    There is no known workaround at this time. All users are advised to upgrade
-    to the latest available version of CVS.
-  
-References:
-    http://security.e-matters.de/advisories/072004.html
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0396
-
-
-Solution: 
-    All users running a CVS server should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=dev-util/cvs-1.11.16"
-    # emerge ">=dev-util/cvs-1.11.16"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-12] CVS heap overflow vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'CVS heap overflow vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-util/cvs", unaffected: make_list("ge 1.11.16"), vulnerable: make_list("le 1.11.15")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-13.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-13.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,65 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-13.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14499);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-13");
- script_cve_id("CVE-2004-0398");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-13
-(neon heap-based buffer overflow)
-
-
-    Stefan Esser discovered a vulnerability in the code of the neon library :
-    if a malicious date string is passed to the ne_rfc1036_parse() function, it
-    can trigger a string overflow into static heap variables.
-  
-Impact
-
-    Depending on the application linked against libneon and when connected to a
-    malicious WebDAV server, this vulnerability could allow execution of
-    arbitrary code with the rights of the user running that application.
-  
-Workaround
-
-    There is no known workaround at this time. All users are advised to upgrade
-    to the latest available version of neon.
-  
-References:
-    http://security.e-matters.de/advisories/062004.html
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0398
-
-
-Solution: 
-    All users of neon should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=net-misc/neon-0.24.6"
-    # emerge ">=net-misc/neon-0.24.6"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-13] neon heap-based buffer overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'neon heap-based buffer overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-misc/neon", unaffected: make_list("ge 0.24.6"), vulnerable: make_list("le 0.24.5")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-14.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-14.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,68 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-14.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14500);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-14");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-14
-(Buffer overflow in Subversion)
-
-
-    All releases of Subversion prior to 1.0.3 have a vulnerability in the
-    date-parsing code. This vulnerability may allow denial of service or
-    arbitrary code execution as the Subversion user. Both the client and server
-    are vulnerable, and write access is NOT required to the server\'s
-    repository.
-  
-Impact
-
-    All servers and clients are vulnerable. Specifically, clients that allow
-    other users to write to administrative files in a working copy may be
-    exploited. Additionally all servers (whether they are httpd/DAV or
-    svnserve) are vulnerable. Write access to the server is not required;
-    public read-only Subversion servers are also exploitable.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version.
-  
-References:
-    http://subversion.tigris.org/servlets/ReadMsg?list=announce&msgNo=125
-    http://security.e-matters.de/advisories/082004.html
-
-
-Solution: 
-    All Subversion users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=dev-util/subversion-1.0.3"
-    # emerge ">=dev-util/subversion-1.0.3"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-14] Buffer overflow in Subversion");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Buffer overflow in Subversion');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-util/subversion", unaffected: make_list("ge 1.0.3"), vulnerable: make_list("le 1.0.2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-15.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-15.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-15.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14501);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-15");
- script_cve_id("CVE-2004-0398");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-15
-(cadaver heap-based buffer overflow)
-
-
-    Stefan Esser discovered a vulnerability in the code of the neon library
-    (see GLSA 200405-13). This library is also included in cadaver.
-  
-Impact
-
-    When connected to a malicious WebDAV server, this vulnerability could allow
-    remote execution of arbitrary code with the rights of the user running
-    cadaver.
-  
-Workaround
-
-    There is no known workaround at this time. All users are advised to upgrade
-    to the latest available version of cadaver.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0398
-    http://www.gentoo.org/security/en/glsa/glsa-200405-13.xml
-
-
-Solution: 
-    All users of cadaver should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=net-misc/cadaver-0.22.2"
-    # emerge ">=net-misc/cadaver-0.22.2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-15] cadaver heap-based buffer overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'cadaver heap-based buffer overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-misc/cadaver", unaffected: make_list("ge 0.22.2"), vulnerable: make_list("le 0.22.1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-16.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-16.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-16.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,70 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-16.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14502);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-16");
- script_xref(name: "CERT", value: "CA-2000-02");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-16
-(Multiple XSS Vulnerabilities in SquirrelMail)
-
-
-    Several unspecified cross-site scripting (XSS) vulnerabilities and a well
-    hidden SQL injection vulnerability were found. An XSS attack allows an
-    attacker to insert malicious code into a web-based application.
-    SquirrelMail does not check for code when parsing variables received via
-    the URL query string.
-  
-Impact
-
-    One of the XSS vulnerabilities could be exploited by an attacker to steal
-    cookie-based authentication credentials from the user\'s browser. The SQL
-    injection issue could potentially be used by an attacker to run arbitrary
-    SQL commands inside the SquirrelMail database with privileges of the
-    SquirrelMail database user.
-  
-Workaround
-
-    There is no known workaround at this time. All users are advised to upgrade
-    to version 1.4.3_rc1 or higher of SquirrelMail.
-  
-References:
-    http://sourceforge.net/mailarchive/forum.php?thread_id=4199060&forum_id=1988
-    http://www.securityfocus.com/bid/10246/
-    http://www.cert.org/advisories/CA-2000-02.html
-
-
-Solution: 
-    All SquirrelMail users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=net-mail/squirrelmail-1.4.3_rc1"
-    # emerge ">=net-mail/squirrelmail-1.4.3_rc1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-16] Multiple XSS Vulnerabilities in SquirrelMail");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Multiple XSS Vulnerabilities in SquirrelMail');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-mail/squirrelmail", unaffected: make_list("ge 1.4.3_rc1"), vulnerable: make_list("lt 1.4.3_rc1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-17.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-17.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-17.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-17.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14503);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-17");
- script_cve_id("CVE-2004-0104", "CVE-2004-0105");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-17
-(Multiple vulnerabilities in metamail)
-
-
-    Ulf Harnhammar found two format string bugs and two buffer overflow bugs in
-    Metamail.
-  
-Impact
-
-    A remote attacker could send a malicious email message and execute
-    arbitrary code with the rights of the process calling the Metamail program.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0104
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0105
-
-
-Solution: 
-    All users of Metamail should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=net-mail/metamail-2.7.45.3"
-    # emerge ">=net-mail/metamail-2.7.45.3"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-17] Multiple vulnerabilities in metamail");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Multiple vulnerabilities in metamail');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-mail/metamail", unaffected: make_list("ge 2.7.45.3"), vulnerable: make_list("lt 2.7.45.3")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-18.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-18.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-18.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-18.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14504);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-18");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-18
-(Buffer Overflow in Firebird)
-
-
-    A buffer overflow exists in three Firebird binaries (gds_inet_server,
-    gds_lock_mgr, and gds_drop) that is exploitable by setting a large value to
-    the INTERBASE environment variable.
-  
-Impact
-
-    An attacker could control program execution, allowing privilege escalation
-    to the UID of Firebird, full access to Firebird databases, and trojaning
-    the Firebird binaries. An attacker could use this to compromise other user
-    or root accounts.
-  
-Workaround
-
-    There is no known workaround.
-  
-References:
-    http://securityfocus.com/bid/7546/info/
-     http://sourceforge.net/tracker/?group_id=9028&atid=109028&func=detail&aid=739480
-
-
-Solution: 
-    All users should upgrade to the latest version of Firebird:
-    # emerge sync
-    # emerge -pv ">=dev-db/firebird-1.5"
-    # emerge ">=dev-db/firebird-1.5"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-18] Buffer Overflow in Firebird");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Buffer Overflow in Firebird');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-db/firebird", unaffected: make_list("ge 1.5"), vulnerable: make_list("lt 1.5")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-19.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-19.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-19.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,71 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-19.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14505);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-19");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-19
-(Opera telnet URI handler file creation/truncation vulnerability)
-
-
-    The telnet URI handler in Opera does not check for leading \'-\' characters
-    in the host name. Consequently, a maliciously-crafted telnet:// link may be
-    able to pass options to the telnet program itself. One example would be the
-    following:
-    telnet://-nMyFile
-    If MyFile exists in the user\'s home directory and the user clicking on the
-    link has write permissions to it, the contents of the file will be
-    overwritten with the output of the telnet trace information. If MyFile does
-    not exist, the file will be created in the user\'s home directory.
-  
-Impact
-
-    This exploit has two possible impacts. First, it may create new files in
-    the user\'s home directory. Second, and far more serious, it may overwrite
-    existing files that the user has write permissions to. An attacker with
-    some knowledge of a user\'s home directory might be able to destroy
-    important files stored within.
-  
-Workaround
-
-    Disable the telnet URI handler from within Opera.
-  
-References:
-    http://www.idefense.com/application/poi/display?id=104&type=vulnerabilities&flashstatus=true
-
-
-Solution: 
-    All Opera users are encouraged to upgrade to the latest version of the
-    program:
-    # emerge sync
-    # emerge -pv ">=net-www/opera-7.50_beta1"
-    # emerge ">=net-www/opera-7.50_beta1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-19] Opera telnet URI handler file creation/truncation vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Opera telnet URI handler file creation/truncation vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/opera", unaffected: make_list("ge 7.50_beta1"), vulnerable: make_list("lt 7.50_beta1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-20.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-20.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-20.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,68 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-20.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14506);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-20");
- script_cve_id("CVE-2004-0381", "CVE-2004-0388");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-20
-(Insecure Temporary File Creation In MySQL)
-
-
-    The MySQL bug reporting utility (mysqlbug) creates a temporary file to log
-    bug reports to. A malicious local user with write access to the /tmp
-    directory could create a symbolic link of the name mysqlbug-N
-    pointing to a protected file, such as /etc/passwd, such that when mysqlbug
-    creates the Nth log file, it would end up overwriting the target
-    file. A similar vulnerability exists with the mysql_multi utility, which
-    creates a temporary file called mysql_multi.log.
-  
-Impact
-
-    Since mysql_multi runs as root, a local attacker could use this to destroy
-    any other users\' data or corrupt and destroy system files.
-  
-Workaround
-
-    One could modify both scripts to log to a directory that users do not have
-    write permission to, such as /var/log/mysql/.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0381
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0388
-
-
-Solution: 
-    All users should upgrade to the latest stable version of MySQL.
-    # emerge sync
-    # emerge -pv ">=dev-db/mysql-4.0.18-r2"
-    # emerge ">=dev-db/mysql-4.0.18-r2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-20] Insecure Temporary File Creation In MySQL");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Insecure Temporary File Creation In MySQL');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-db/mysql", unaffected: make_list("ge 4.0.18-r2"), vulnerable: make_list("lt 4.0.18-r2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-21.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-21.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-21.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,69 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-21.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14507);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-21");
- script_cve_id("CVE-2004-0226", "CVE-2004-0231", "CVE-2004-0232");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-21
-(Midnight Commander: Multiple vulnerabilities)
-
-
-    Numerous security issues have been discovered in Midnight Commander,
-    including several buffer overflow vulnerabilities, multiple vulnerabilities
-    in the handling of temporary file and directory creation, and multiple
-    format string vulnerabilities.
-  
-Impact
-
-    The buffer overflows and format string vulnerabilites may allow attackers
-    to cause a denial of service or execute arbitrary code with permissions of
-    the user running MC. The insecure creation of temporary files and
-    directories could lead to a privilege escalation, including root
-    privileges, for a local attacker.
-  
-Workaround
-
-    There is no known workaround at this time. All users are advised to upgrade
-    to version 4.6.0-r7 or higher of Midnight Commander.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0226
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0231
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0232
-
-
-Solution: 
-    All Midnight Commander users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=app-misc/mc-4.6.0-r7
-    # emerge ">=app-misc/mc-4.6.0-r7"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-21] Midnight Commander: Multiple vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Midnight Commander: Multiple vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-misc/mc", unaffected: make_list("ge 4.6.0-r7"), vulnerable: make_list("le 4.6.0-r6")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-22.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-22.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-22.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,76 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-22.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14508);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-22");
- script_cve_id("CVE-2003-0993", "CVE-2003-0020", "CVE-2003-0987", "CVE-2004-0174");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-22
-(Apache 1.3: Multiple vulnerabilities)
-
-
-    On 64-bit big-endian platforms, mod_access does not properly parse
-    Allow/Deny rules using IP addresses without a netmask which could result in
-    failure to match certain IP addresses.
-    Terminal escape sequences are not filtered from error logs. This could be
-    used by an attacker to insert escape sequences into a terminal emulater
-    vulnerable to escape sequences.
-    mod_digest does not properly verify the nonce of a client response by using
-    a AuthNonce secret. This could permit an attacker to replay the response of
-    another website. This does not affect mod_auth_digest.
-    On certain platforms there is a starvation issue where listening sockets
-    fails to handle short-lived connection on a rarely-accessed listening
-    socket. This causes the child to hold the accept mutex and block out new
-    connections until another connection arrives on the same rarely-accessed
-    listening socket thus leading to a denial of service.
-  
-Impact
-
-    These vulnerabilities could lead to attackers bypassing intended access
-    restrictions, denial of service, and possibly execution of arbitrary code.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0993
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0020
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0987
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0174
-
-
-Solution: 
-    All users should upgrade to the latest stable version of Apache 1.3.
-    # emerge sync
-    # emerge -pv ">=net-www/apache-1.3.31"
-    # emerge ">=net-www/apache-1.3.31"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-22] Apache 1.3: Multiple vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Apache 1.3: Multiple vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/apache", unaffected: make_list("ge 1.3.31"), vulnerable: make_list("lt 1.3.31")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-23.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-23.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-23.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,65 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-23.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14509);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-23");
- script_cve_id("CVE-2004-0434");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-23
-(Heimdal: Kerberos 4 buffer overflow in kadmin)
-
-
-    A buffer overflow was discovered in kadmind, a server for administrative
-    access to the Kerberos database.
-  
-Impact
-
-    By sending a specially formatted message to kadmind, a remote attacker may
-    be able to crash kadmind causing a denial of service, or execute arbitrary
-    code with the permissions of the kadmind process.
-  
-Workaround
-
-    For a temporary workaround, providing you do not require Kerberos 4
-    support, you may turn off Kerberos 4 kadmin by running kadmind with the
-    --no-kerberos4 option.
-  
-References:
-    http://www.pdc.kth.se/heimdal/advisory/2004-05-06/
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0434
-
-
-Solution: 
-    All Heimdal users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=app-crypt/heimdal-0.6.2"
-    # emerge ">=app-crypt/heimdal-0.6.2"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-23] Heimdal: Kerberos 4 buffer overflow in kadmin");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Heimdal: Kerberos 4 buffer overflow in kadmin');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-crypt/heimdal", unaffected: make_list("ge 0.6.2"), vulnerable: make_list("lt 0.6.2")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-24.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-24.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-24.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,71 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-24.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14510);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-24");
- script_cve_id("CVE-2004-0433");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-24
-(MPlayer, xine-lib: vulnerabilities in RTSP stream handling)
-
-
-    Multiple vulnerabilities have been found and fixed in the RTSP handling
-    code common to recent versions of these two packages. These vulnerabilities
-    include several remotely exploitable buffer overflows.
-  
-Impact
-
-    A remote attacker, posing as a RTSP stream server, can execute arbitrary
-    code with the rights of the user of the software playing the stream
-    (MPlayer or any player using xine-lib). Another attacker may entice a user
-    to use a maliciously crafted URL or playlist to achieve the same results.
-  
-Workaround
-
-    For MPlayer, there is no known workaround at this time. For xine-lib, you
-    can delete the xineplug_inp_rtsp.so file.
-  
-References:
-    http://xinehq.de/index.php/security/XSA-2004-3
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0433
-
-
-Solution: 
-    All users should upgrade to non-vulnerable versions of MPlayer and
-    xine-lib:
-    # emerge sync
-    # emerge -pv ">=media-video/mplayer-1.0_pre4"
-    # emerge ">=media-video/mplayer-1.0_pre4"
-    # emerge -pv ">=media-libs/xine-lib-1_rc4"
-    # emerge ">=media-libs/xine-lib-1_rc4"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-24] MPlayer, xine-lib: vulnerabilities in RTSP stream handling");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'MPlayer, xine-lib: vulnerabilities in RTSP stream handling');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-video/mplayer", unaffected: make_list("ge 1.0_pre4", "le 0.92-r1"), vulnerable: make_list("lt 1.0_pre4")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "media-libs/xine-lib", unaffected: make_list("ge 1_rc4", "le 0.9.13-r3"), vulnerable: make_list("lt 1_rc4")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200405-25.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200405-25.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200405-25.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200405-25.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14511);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200405-25");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200405-25
-(tla: Multiple vulnerabilities in included libneon)
-
-
-    Multiple format string vulnerabilities and a heap overflow vulnerability
-    were discovered in the code of the neon library (GLSA 200405-01 and
-    200405-13). Current versions of the tla package include their own version
-    of this library.
-  
-Impact
-
-    When connected to a malicious WebDAV server, these vulnerabilities could
-    allow execution of arbitrary code with the rights of the user running tla.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.gentoo.org/security/en/glsa/glsa-200405-01.xml
-    http://www.gentoo.org/security/en/glsa/glsa-200405-13.xml
-
-
-Solution: 
-    All users of tla should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=dev-util/tla-1.2-r2"
-    # emerge ">=dev-util/tla-1.2-r2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200405-25] tla: Multiple vulnerabilities in included libneon");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'tla: Multiple vulnerabilities in included libneon');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-util/tla", unaffected: make_list("ge 1.2-r2"), vulnerable: make_list("le 1.2-r1", "eq 1.2.1_pre1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200406-01.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200406-01.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200406-01.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,70 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200406-01.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14512);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200406-01");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200406-01
-(Ethereal: Multiple security problems)
-
-
-    There are multiple vulnerabilities in versions of Ethereal earlier than
-    0.10.4, including:
-    A buffer overflow in the MMSE dissector.
-    Under specific conditions a SIP packet could make Ethereal crash.
-    The AIM dissector could throw an assertion, causing Ethereal to
-    crash.
-    The SPNEGO dissector could dereference a null pointer, causing a
-    crash.
-  
-Impact
-
-    An attacker could use these vulnerabilities to crash Ethereal or even
-    execute arbitrary code with the permissions of the user running Ethereal,
-    which could be the root user.
-  
-Workaround
-
-    For a temporary workaround you can disable all affected protocol dissectors
-    by selecting Analyze->Enabled Protocols... and deselecting them from the
-    list. However, it is strongly recommended to upgrade to the latest stable
-    release.
-  
-References:
-    http://www.ethereal.com/appnotes/enpa-sa-00014.html
-
-
-Solution: 
-    All Ethereal users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=net-analyzer/ethereal-0.10.4"
-    # emerge ">=net-analyzer/ethereal-0.10.4"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200406-01] Ethereal: Multiple security problems");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Ethereal: Multiple security problems');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-analyzer/ethereal", unaffected: make_list("ge 0.10.4"), vulnerable: make_list("le 0.10.3")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200406-02.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200406-02.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200406-02.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,61 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200406-02.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14513);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200406-02");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200406-02
-(tripwire: Format string vulnerability)
-
-
-    The code that generates email reports contains a format string
-    vulnerability in pipedmailmessage.cpp.
-  
-Impact
-
-    With a carefully crafted filename on a local filesystem an attacker could
-    cause execution of arbitrary code with permissions of the user running
-    tripwire, which could be the root user.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.securityfocus.com/archive/1/365036/2004-05-31/2004-06-06/0
-
-
-Solution: 
-    All tripwire users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=app-admin/tripwire-2.3.1.2-r1"
-    # emerge ">=app-admin/tripwire-2.3.1.2-r1"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200406-02] tripwire: Format string vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'tripwire: Format string vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-admin/tripwire", unaffected: make_list("ge 2.3.1.2-r1"), vulnerable: make_list("le 2.3.1.2")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200406-03.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200406-03.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200406-03.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,65 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200406-03.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14514);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200406-03");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200406-03
-(sitecopy: Multiple vulnerabilities in included libneon)
-
-
-    Multiple format string vulnerabilities and a heap overflow vulnerability
-    were discovered in the code of the neon library (GLSA 200405-01 and
-    200405-13). Current versions of the sitecopy package include their own
-    version of this library.
-  
-Impact
-
-    When connected to a malicious WebDAV server, these vulnerabilities could
-    allow execution of arbitrary code with the rights of the user running
-    sitecopy.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version of sitecopy.
-  
-References:
-    http://www.gentoo.org/security/en/glsa/glsa-200405-01.xml
-    http://www.gentoo.org/security/en/glsa/glsa-200405-13.xml
-
-
-Solution: 
-    All sitecopy users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-misc/sitecopy-0.13.4-r2"
-    # emerge ">=net-misc/sitecopy-0.13.4-r2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200406-03] sitecopy: Multiple vulnerabilities in included libneon");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'sitecopy: Multiple vulnerabilities in included libneon');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-misc/sitecopy", unaffected: make_list("ge 0.13.4-r2"), vulnerable: make_list("le 0.13.4-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200406-04.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200406-04.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200406-04.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200406-04.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14515);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200406-04");
- script_cve_id("CVE-2004-0412");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200406-04
-(Mailman: Member password disclosure vulnerability)
-
-
-    Mailman contains an unspecified vulnerability in the handling of request
-    emails.
-  
-Impact
-
-    By sending a carefully crafted email request to the mailman server an
-    attacker could obtain member passwords.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://mail.python.org/pipermail/mailman-announce/2004-May/000072.html
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0412
-
-
-Solution: 
-    All users of Mailman should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=net-mail/mailman-2.1.5"
-    # emerge ">=net-mail/mailman-2.1.5"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200406-04] Mailman: Member password disclosure vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Mailman: Member password disclosure vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-mail/mailman", unaffected: make_list("ge 2.1.5"), vulnerable: make_list("lt 2.1.5")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200406-05.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200406-05.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200406-05.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,73 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200406-05.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14516);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200406-05");
- script_cve_id("CVE-2004-0488");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200406-05
-(Apache: Buffer overflow in mod_ssl)
-
-
-    A bug in the function ssl_util_uuencode_binary in ssl_util.c may lead to a
-    remote buffer overflow on a server configured to use FakeBasicAuth that
-    will trust a client certificate with an issuing CA with a subject DN longer
-    than 6k.
-  
-Impact
-
-    Given the right server configuration, an attacker could cause a Denial of
-    Service or execute code as the user running Apache, usually
-    "apache". It is thought to be impossible to exploit this to
-    execute code on the x86 platform, but the possibility for other platforms
-    is unknown. This does not preclude a DoS on x86 systems.
-  
-Workaround
-
-    A server should not be vulnerable if it is not configured to use
-    FakeBasicAuth and to trust a client CA with a long subject DN.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0488
-
-
-Solution: 
-    Apache 1.x users should upgrade to the latest version of mod_ssl:
-    # emerge sync
-    # emerge -pv ">=net-www/mod_ssl-2.8.18"
-    # emerge ">=net-www/mod_ssl-2.8.18"
-    Apache 2.x users should upgrade to the latest version of Apache:
-    # emerge sync
-    # emerge -pv ">=net-www/apache-2.0.49-r3"
-    # emerge ">=net-www/apache-2.0.49-r3"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200406-05] Apache: Buffer overflow in mod_ssl");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Apache: Buffer overflow in mod_ssl');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/apache", unaffected: make_list("lt 2.0", "ge 2.0.49-r3"), vulnerable: make_list("le 2.0.49-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "net-www/mod_ssl", unaffected: make_list("ge 2.8.18"), vulnerable: make_list("lt 2.8.18")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200406-06.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200406-06.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200406-06.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,71 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200406-06.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14517);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200406-06");
- script_cve_id("CVE-2004-0414", "CVE-2004-0416", "CVE-2004-0417", "CVE-2004-0418");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200406-06
-(CVS: additional DoS and arbitrary code execution vulnerabilities)
-
-
-    A team audit of the CVS source code performed by Stefan Esser and Sebastian
-    Krahmer resulted in the discovery of several remotely exploitable
-    vulnerabilities including:
-    no-null-termination of "Entry" lines
-    error_prog_name "double-free()"
-    Argument integer overflow
-    serve_notify() out of bounds writes
-  
-Impact
-
-    An attacker could use these vulnerabilities to cause a Denial of Service or
-    execute arbitrary code with the permissions of the user running cvs.
-  
-Workaround
-
-    There is no known workaround at this time. All users are advised to upgrade
-    to the latest available version of CVS.
-  
-References:
-    http://security.e-matters.de/advisories/092004.html
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0414
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0416
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0417
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0418
-
-
-Solution: 
-    All CVS users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=dev-util/cvs-1.11.17"
-    # emerge ">=dev-util/cvs-1.11.17"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200406-06] CVS: additional DoS and arbitrary code execution vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'CVS: additional DoS and arbitrary code execution vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-util/cvs", unaffected: make_list("ge 1.11.17"), vulnerable: make_list("le 1.11.16-r1")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200406-07.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200406-07.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200406-07.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,70 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200406-07.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14518);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200406-07");
- script_cve_id("CVE-2004-0413");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200406-07
-(Subversion: Remote heap overflow)
-
-
-    The svn protocol parser trusts the indicated length of a URI string sent by
-    a client. This allows a client to specify a very long string, thereby
-    causing svnserve to allocate enough memory to hold that string. This may
-    cause a Denial of Service. Alternately, given a string that causes an
-    integer overflow in the variable holding the string length, the server
-    might allocate less memory than required, allowing a heap overflow. This
-    heap overflow may then be exploitable, allowing remote code execution. The
-    attacker does not need read or write access to the Subversion repository
-    being served, since even un-authenticated users can send svn protocol
-    requests.
-  
-Impact
-
-    Ranges from remote Denial of Service to potential arbitrary code execution
-    with privileges of the svnserve process.
-  
-Workaround
-
-    Servers without svnserve running are not vulnerable. Disable svnserve and
-    use DAV for access instead.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0413
-
-
-Solution: 
-    All users should upgrade to the latest version of Subversion.
-    # emerge sync
-    # emerge -pv ">=dev-util/subversion-1.0.4-r1"
-    # emerge ">=dev-util/subversion-1.0.4-r1"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200406-07] Subversion: Remote heap overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Subversion: Remote heap overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-util/subversion", unaffected: make_list("ge 1.0.4-r1"), vulnerable: make_list("le 1.0.4")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200406-08.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200406-08.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200406-08.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,65 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200406-08.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14519);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200406-08");
- script_xref(name: "CERT", value: "CA-2000-02");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200406-08
-(Squirrelmail: Another XSS vulnerability)
-
-
-    A new cross-site scripting (XSS) vulnerability in Squirrelmail-1.4.3_rc1
-    has been discovered. In functions/mime.php Squirrelmail fails to properly
-    sanitize user input.
-  
-Impact
-
-    By enticing a user to read a specially crafted e-mail, an attacker can
-    execute arbitrary scripts running in the context of the victim\'s browser.
-    This could lead to a compromise of the user\'s webmail account, cookie
-    theft, etc.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt
-    http://www.cert.org/advisories/CA-2000-02.html
-
-
-Solution: 
-    All SquirrelMail users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=mail-client/squirrelmail-1.4.3"
-    # emerge ">=mail-client/squirrelmail-1.4.3"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200406-08] Squirrelmail: Another XSS vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Squirrelmail: Another XSS vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "mail-client/squirrelmail", unaffected: make_list("ge 1.4.3"), vulnerable: make_list("le 1.4.3_rc1-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200406-09.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200406-09.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200406-09.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200406-09.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14520);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200406-09");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200406-09
-(Horde-Chora: Remote code execution)
-
-
-    A vulnerability in the diff viewer of Chora allows an attacker to inject
-    shellcode. An attacker can exploit PHP\'s file upload functionality to
-    upload a malicious binary to a vulnerable server, chmod it as executable,
-    and run the file.
-  
-Impact
-
-    An attacker could remotely execute arbitrary binaries with the permissions
-    of the PHP script, conceivably allowing further exploitation of local
-    vulnerabilities and remote root access.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://security.e-matters.de/advisories/102004.html
-
-
-Solution: 
-    All users are advised to upgrade to the latest version of Chora:
-    # emerge sync
-    # emerge -pv ">=net-www/horde-chora-1.2.2"
-    # emerge ">=net-www/horde-chora-1.2.2"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200406-09] Horde-Chora: Remote code execution");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Horde-Chora: Remote code execution');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/horde-chora", unaffected: make_list("ge 1.2.2"), vulnerable: make_list("lt 1.2.2")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200406-10.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200406-10.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200406-10.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200406-10.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14521);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200406-10");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200406-10
-(Gallery: Privilege escalation vulnerability)
-
-
-    There is a vulnerability in the Gallery photo album software which may
-    allow an attacker to gain administrator privileges within Gallery. A
-    Gallery administrator has full access to all albums and photos on the
-    server, thus attackers may add or delete photos at will.
-  
-Impact
-
-    Attackers may gain full access to all Gallery albums. There is no risk to
-    the webserver itself, or the server on which it runs.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version.
-  
-References:
-    http://gallery.menalto.com/modules.php?op=modload&name=News&file=article&sid=123&mode=thread&order=0&thold=0
-
-
-Solution: 
-    All users should upgrade to the latest available version of Gallery.
-    # emerge sync
-    # emerge -pv ">=app-misc/gallery-1.4.3_p2"
-    # emerge ">=app-misc/gallery-1.4.3_p2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200406-10] Gallery: Privilege escalation vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Gallery: Privilege escalation vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-misc/gallery", unaffected: make_list("ge 1.4.3_p2"), vulnerable: make_list("le 1.4.3_p1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200406-11.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200406-11.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200406-11.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200406-11.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14522);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200406-11");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200406-11
-(Horde-IMP: Input validation vulnerability)
-
-
-    Horde-IMP fails to properly sanitize email messages that contain malicious
-    HTML or script code.
-  
-Impact
-
-    By enticing a user to read a specially crafted e-mail, an attacker can
-    execute arbitrary scripts running in the context of the victim\'s browser.
-    This could lead to a compromise of the user\'s webmail account, cookie
-    theft, etc.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.securityfocus.com/bid/10501
-
-
-Solution: 
-    All Horde-IMP users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=horde-imp-3.2.4"
-    # emerge ">=horde-imp-3.2.4"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200406-11] Horde-IMP: Input validation vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Horde-IMP: Input validation vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/horde-imp", unaffected: make_list("ge 3.2.4"), vulnerable: make_list("le 3.2.3")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200406-12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200406-12.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200406-12.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200406-12.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14523);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200406-12");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200406-12
-(Webmin: Multiple vulnerabilities)
-
-
-    Webmin contains two security vulnerabilities. One allows any user to view
-    the configuration of any module and the other could allow an attacker to
-    lock out a valid user by sending an invalid username and password.
-  
-Impact
-
-    An authenticated user could use these vulnerabilities to view the
-    configuration of any module thus potentially obtaining important knowledge
-    about configuration settings. Furthermore an attacker could lock out
-    legitimate users by sending invalid login information.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.securityfocus.com/bid/10474
-    http://www.webmin.com/changes-1.150.html
-
-
-Solution: 
-    All Webmin users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=app-admin/app-admin/webmin-1.150"
-    # emerge ">=app-admin/app-admin/webmin-1.150"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200406-12] Webmin: Multiple vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Webmin: Multiple vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-admin/webmin", unaffected: make_list("ge 1.150"), vulnerable: make_list("le 1.140-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200406-13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200406-13.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200406-13.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,65 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200406-13.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14524);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200406-13");
- script_cve_id("CVE-2004-0541");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200406-13
-(Squid: NTLM authentication helper buffer overflow)
-
-
-    Squid is a full-featured Web Proxy Cache designed to run on Unix systems.
-    It supports proxying and caching of HTTP, FTP, and other URLs, as well as
-    SSL support, cache hierarchies, transparent caching, access control lists
-    and many other features.
-  
-Impact
-
-    If Squid is configured to use NTLM authentication, an attacker could
-    exploit this vulnerability by sending a very long password. This could lead
-    to arbitrary code execution with the permissions of the user running Squid.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0541
-
-
-Solution: 
-    All Squid users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=www-proxy/squid-2.5.5-r2"
-    # emerge ">=www-proxy/squid-2.5.5-r2"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200406-13] Squid: NTLM authentication helper buffer overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Squid: NTLM authentication helper buffer overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "www-proxy/squid", unaffected: make_list("ge 2.5.5-r2"), vulnerable: make_list("le 2.5.5-r1")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200406-14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200406-14.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200406-14.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200406-14.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14525);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200406-14");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200406-14
-(aspell: Buffer overflow in word-list-compress)
-
-
-    aspell includes a utility for handling wordlists called word-list-compress.
-    This utility fails to do proper bounds checking when processing words
-    longer than 256 bytes.
-  
-Impact
-
-    If an attacker could entice a user to handle a wordlist containing very
-    long word lengths it could result in the execution of arbitrary code with
-    the permissions of the user running the program.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version.
-  
-References:
-    http://nettwerked.mg2.org/advisories/wlc
-
-
-Solution: 
-    All users should upgrade to the latest available version of aspell.
-    # emerge sync
-    # emerge -pv ">=app-text/aspell-0.50.5-r4"
-    # emerge ">=app-text/aspell-0.50.5-r4"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200406-14] aspell: Buffer overflow in word-list-compress");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'aspell: Buffer overflow in word-list-compress');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-text/aspell", unaffected: make_list("ge 0.50.5-r4"), vulnerable: make_list("le 0.50.5-r3")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200406-15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200406-15.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200406-15.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,67 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200406-15.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14526);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200406-15");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200406-15
-(Usermin: Multiple vulnerabilities)
-
-
-    Usermin contains two security vulnerabilities. One fails to properly
-    sanitize email messages that contain malicious HTML or script code and the
-    other could allow an attacker to lock out a valid user by sending an
-    invalid username and password.
-  
-Impact
-
-    By sending a specially crafted e-mail, an attacker can execute arbitrary
-    scripts running in the context of the victim\'s browser. This can be lead to
-    cookie theft and potentially to compromise of user accounts. Furthermore,
-    an attacker could lock out legitimate users by sending invalid login
-    information.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version.
-  
-References:
-    http://www.securityfocus.com/bid/10521
-    http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/75_e.html
-
-
-Solution: 
-    Usermin users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=app-admin/usermin-1.080"
-    # emerge ">=app-admin/usermin-1.080"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200406-15] Usermin: Multiple vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Usermin: Multiple vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-admin/usermin", unaffected: make_list("ge 1.080"), vulnerable: make_list("le 1.070-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200406-16.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200406-16.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200406-16.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,66 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200406-16.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14527);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200406-16");
- script_cve_id("CVE-2004-0492");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200406-16
-(Apache 1.3: Buffer overflow in mod_proxy)
-
-
-    A bug in the proxy_util.c file may lead to a remote buffer overflow. To
-    trigger the vulnerability an attacker would have to get mod_proxy to
-    connect to a malicous server which returns an invalid (negative)
-    Content-Length.
-  
-Impact
-
-    An attacker could cause a Denial of Service as the Apache child handling
-    the request, which will die and under some circumstances execute arbitrary
-    code as the user running Apache, usually "apache".
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version:
-  
-References:
-    http://www.guninski.com/modproxy1.html
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0492
-
-
-Solution: 
-    Apache 1.x users should upgrade to the latest version of Apache:
-    # emerge sync
-    # emerge -pv ">=net-www/apache-1.3.31-r2"
-    # emerge ">=net-www/apache-1.3.31-r2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200406-16] Apache 1.3: Buffer overflow in mod_proxy");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Apache 1.3: Buffer overflow in mod_proxy');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/apache", unaffected: make_list("ge 1.3.31-r2"), vulnerable: make_list("le 1.3.31-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200406-17.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200406-17.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200406-17.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200406-17.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14528);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200406-17");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200406-17
-(IPsec-Tools: authentication bug in racoon)
-
-
-    The KAME IKE daemon racoon is used to authenticate peers during Phase 1
-    when using either preshared keys, GSS-API, or RSA signatures. When using
-    RSA signatures racoon validates the X.509 certificate but not the RSA
-    signature.
-  
-Impact
-
-    By sending a valid and trusted X.509 certificate and any private key an
-    attacker could exploit this vulnerability to perform man-in-the-middle
-    attacks and initiate unauthorized connections.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version.
-  
-References:
-    http://ipsec-tools.sourceforge.net/x509sig.html
-
-
-Solution: 
-    All IPsec-Tools users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=net-firewall/ipsec-tools-0.3.3"
-    # emerge ">=net-firewall/ipsec-tools-0.3.3"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200406-17] IPsec-Tools: authentication bug in racoon");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'IPsec-Tools: authentication bug in racoon');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-firewall/ipsec-tools", unaffected: make_list("ge 0.3.3"), vulnerable: make_list("lt 0.3.3")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200406-18.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200406-18.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200406-18.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200406-18.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14529);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200406-18");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200406-18
-(gzip: Insecure creation of temporary files)
-
-
-    The script gzexe included with gzip contains a bug in the code that handles
-    tempfile creation. If the creation of a temp file fails when using gzexe
-    fails instead of bailing out it executes the command given as argument.
-  
-Impact
-
-    This could lead to priviege escalation by running commands under the rights
-    of the user running the self extracting file.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version.
-  
-
-Solution: 
-    All gzip users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=app-arch/gzip-1.3.3-r4"
-    # emerge ">=app-arch/gzip-1.3.3-r4"
-    Additionally, once the upgrade is complete, all self extracting files
-    created with earlier versions gzexe should be recreated, since the
-    vulnerability is actually embedded in those executables.
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200406-18] gzip: Insecure creation of temporary files");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'gzip: Insecure creation of temporary files');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-arch/gzip", unaffected: make_list("ge 1.3.3-r4"), vulnerable: make_list("le 1.3.3-r3")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200406-19.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200406-19.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200406-19.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,61 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200406-19.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14530);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200406-19");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200406-19
-(giFT-FastTrack: remote denial of service attack)
-
-
-    Alan Fitton found a vulnerability in the giFT-FastTrack plugin in version
-    0.8.6 and earlier. It can be used to remotely crash the giFT daemon.
-  
-Impact
-
-    Attackers may use this vulnerability to perform a Denial of Service attack
-    against the giFT daemon. There is no risk of code execution.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version.
-  
-References:
-    http://gift-fasttrack.berlios.de/
-
-
-Solution: 
-    All users should upgrade to the latest available version of gift-fasttrack:
-    # emerge sync
-    # emerge -pv ">=net-p2p/gift-fasttrack-0.8.7"
-    # emerge ">=net-p2p/gift-fasttrack-0.8.7"
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200406-19] giFT-FastTrack: remote denial of service attack");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'giFT-FastTrack: remote denial of service attack');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-p2p/gift-fasttrack", unaffected: make_list("ge 0.8.7"), vulnerable: make_list("le 0.8.6")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200406-20.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200406-20.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200406-20.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,91 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200406-20.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14531);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200406-20");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200406-20
-(FreeS/WAN, Openswan, strongSwan: Vulnerabilities in certificate handling)
-
-
-    All these IPsec implementations have several bugs in the verify_x509cert()
-    function, which performs certificate validation, that make them vulnerable
-    to malicious PKCS#7 wrapped objects.
-  
-Impact
-
-    With a carefully crafted certificate payload an attacker can successfully
-    authenticate against FreeS/WAN, Openswan, strongSwan or Super-FreeS/WAN, or
-    make the daemon go into an endless loop.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version.
-  
-References:
-    http://lists.openswan.org/pipermail/dev/2004-June/000370.html
-
-
-Solution: 
-    All FreeS/WAN 1.9x users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv "=net-misc/freeswan-1.99-r1"
-    # emerge "=net-misc/freeswan-1.99-r1"
-    All FreeS/WAN 2.x users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=net-misc/freeswan-2.04-r1"
-    # emerge ">=net-misc/freeswan-2.04-r1"
-    All Openswan 1.x users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv "=net-misc/openswan-1.0.6_rc1"
-    # emerge "=net-misc/openswan-1.0.6_rc1"
-    All Openswan 2.x users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=net-misc/openswan-2.1.4"
-    # emerge ">=net-misc/openswan-2.1.4"
-    All strongSwan users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=net-misc/strongswan-2.1.3"
-    # emerge ">=net-misc/strongswan-2.1.3"
-    All Super-FreeS/WAN users should migrate to the latest stable version of
-    Openswan. Note that Portage will force a move for Super-FreeS/WAN users to
-    Openswan.
-    # emerge sync
-    # emerge -pv "=net-misc/openswan-1.0.6_rc1"
-    # emerge "=net-misc/openswan-1.0.6_rc1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200406-20] FreeS/WAN, Openswan, strongSwan: Vulnerabilities in certificate handling");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'FreeS/WAN, Openswan, strongSwan: Vulnerabilities in certificate handling');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-misc/strongswan", unaffected: make_list("ge 2.1.3"), vulnerable: make_list("lt 2.1.3")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "net-misc/super-freeswan", unaffected: make_list(), vulnerable: make_list("le 1.99.7.3")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "net-misc/openswan", unaffected: make_list("ge 2.1.4", "eq 1.0.6_rc1"), vulnerable: make_list("lt 2.1.4")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "net-misc/freeswan", unaffected: make_list("ge 2.04-r1", "eq 1.99-r1"), vulnerable: make_list("lt 2.04-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200406-21.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200406-21.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200406-21.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,71 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200406-21.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14532);
- if(defined_func("script_xref"))script_xref(name:"IAVA", value:"2004-t-0017");
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200406-21");
- script_cve_id("CVE-2004-0523");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200406-21
-(mit-krb5: Multiple buffer overflows in krb5_aname_to_localname)
-
-
-    The library function krb5_aname_to_localname() contains multiple buffer
-    overflows. This is only exploitable if explicit mapping or rules-based
-    mapping is enabled. These are not enabled as default.
-    With explicit mapping enabled, an attacker must authenticate using a
-    principal name listed in the explicit mapping list.
-    With rules-based mapping enabled, an attacker must first be able to create
-    arbitrary principal names either in the local realm Kerberos realm or in a
-    remote realm from which the local realm\'s service are reachable by
-    cross-realm authentication.
-  
-Impact
-
-    An attacker could use these vulnerabilities to execute arbitrary code with
-    the permissions of the user running mit-krb5, which could be the root user.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0523
-    http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-001-an_to_ln.txt
-
-
-Solution: 
-    mit-krb5 users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=app-crypt/mit-krb5-1.3.3-r1"
-    # emerge ">=app-crypt/mit-krb5-1.3.3-r1"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200406-21] mit-krb5: Multiple buffer overflows in krb5_aname_to_localname");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'mit-krb5: Multiple buffer overflows in krb5_aname_to_localname');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-crypt/mit-krb5", unaffected: make_list("ge 1.3.3-r1"), vulnerable: make_list("le 1.3.3")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200406-22.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200406-22.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200406-22.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,60 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200406-22.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14533);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200406-22");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200406-22
-(Pavuk: Remote buffer overflow)
-
-
-    When Pavuk connects to a web server and the server sends back the HTTP
-    status code 305 (Use Proxy), Pavuk copies data from the HTTP Location
-    header in an unsafe manner.  This bug was discovered by Ulf Harnhammar
-    of the Debian Security Audit Project.
-  
-Impact
-
-    An attacker could cause a stack-based buffer overflow which could lead to
-    arbitrary code execution with the rights of the user running Pavuk.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version.
-  
-
-Solution: 
-    All Pavuk users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=net-misc/pavuk-0.9.28-r2"
-    # emerge ">="net-misc/pavuk-0.9.28-r2
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200406-22] Pavuk: Remote buffer overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Pavuk: Remote buffer overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-misc/pavuk", unaffected: make_list("ge 0.9.28-r2"), vulnerable: make_list("le 0.9.28-r1")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-01.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-01.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-01.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-01.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14534);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-01");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-01
-(Esearch: Insecure temp file handling)
-
-
-    The eupdatedb utility uses a temporary file (/tmp/esearchdb.py.tmp) to
-    indicate that the eupdatedb process is running. When run, eupdatedb checks
-    to see if this file exists, but it does not check to see if it is a broken
-    symlink. In the event that the file is a broken symlink, the script will
-    create the file pointed to by the symlink, instead of printing an error and
-    exiting.
-  
-Impact
-
-    An attacker could create a symlink from /tmp/esearchdb.py.tmp to a
-    nonexistent file (such as /etc/nologin), and the file will be created the
-    next time esearchdb is run.
-  
-Workaround
-
-    There is no known workaround at this time. All users should upgrade to the
-    latest available version of esearch.
-  
-
-Solution: 
-    All users should upgrade to the latest available version of esearch, as
-    follows:
-    # emerge sync
-    # emerge -pv ">=app-portage/esearch-0.6.2"
-    # emerge ">=app-portage/esearch-0.6.2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-01] Esearch: Insecure temp file handling");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Esearch: Insecure temp file handling');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-portage/esearch", unaffected: make_list("ge 0.6.2"), vulnerable: make_list("le 0.6.1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-02.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-02.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-02.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,133 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-02.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14535);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-02");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-02
-(Linux Kernel: Multiple vulnerabilities)
-
-Impact
-
-    Arbitrary code with normal non-super-user privileges may be able to exploit
-    any of these vulnerabilities; gaining kernel level access to memory
-    structures and hardware devices. This may be used for further exploitation
-    of the system, to leak sensitive data or to cause a Denial of Service on
-    the affected kernel.
-  
-Workaround
-
-    Although users may not be affected by certain vulnerabilities, all kernels
-    are affected by the CVE-2004-0394, CVE-2004-0427 and CVE-2004-0554 issues
-    which have no workaround. As a result, all users are urged to upgrade their
-    kernels to patched versions.
-  
-
-
-Solution: 
-    Users are encouraged to upgrade to the latest available sources for their
-    system:
-    # emerge sync
-    # emerge -pv your-favorite-sources
-    # emerge your-favorite-sources
-    # # Follow usual procedure for compiling and installing a kernel.
-    # # If you use genkernel, run genkernel as you would do normally.
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-02] Linux Kernel: Multiple vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Linux Kernel: Multiple vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-kernel/planet-ccrma-sources", unaffected: make_list("ge 2.4.21-r10"), vulnerable: make_list("lt 2.4.21-r10")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/win4lin-sources", unaffected: make_list("ge 2.4.26-r2"), vulnerable: make_list("lt 2.4.26-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/mm-sources", unaffected: make_list("ge 2.6.7-r1"), vulnerable: make_list("lt 2.6.7-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ia64-sources", unaffected: make_list("ge 2.4.24-r5"), vulnerable: make_list("lt 2.4.24-r5")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/xbox-sources", unaffected: make_list("ge 2.6.7"), vulnerable: make_list("lt 2.6.7")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/sparc-sources", unaffected: make_list("ge 2.4.26-r2"), vulnerable: make_list("lt 2.4.26-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ppc64-sources", unaffected: make_list("ge 2.6.7"), vulnerable: make_list("lt 2.6.7")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/compaq-sources", unaffected: make_list("ge 2.4.9.32.7-r7"), vulnerable: make_list("lt 2.4.9.32.7-r7")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/pegasos-sources", unaffected: make_list("ge 2.4.26-r2"), vulnerable: make_list("lt 2.4.26-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/rsbac-dev-sources", unaffected: make_list("ge 2.6.7-r1"), vulnerable: make_list("lt 2.6.7-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/uclinux-sources", unaffected: make_list("ge 2.4.26_p0-r2"), vulnerable: make_list("lt 2.4.26_p0-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/gentoo-sources", unaffected: make_list("rge 2.4.19-r17", "rge 2.4.20-r20", "rge 2.4.22-r12", "rge 2.4.25-r5", "ge 2.4.26-r3"), vulnerable: make_list("lt 2.4.26-r3")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ppc-sources", unaffected: make_list("ge 2.4.26-r2"), vulnerable: make_list("lt 2.4.26-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/xfs-sources", unaffected: make_list("ge 2.4.24-r8"), vulnerable: make_list("lt 2.4.24-r8")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/gaming-sources", unaffected: make_list("ge 2.4.20-r14"), vulnerable: make_list("lt 2.4.20-r14")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/vanilla-sources", unaffected: make_list("ge 2.4.27"), vulnerable: make_list("le 2.4.26")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/pac-sources", unaffected: make_list("ge 2.4.23-r8"), vulnerable: make_list("lt 2.4.23-r8")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/rsbac-sources", unaffected: make_list("ge 2.4.26-r2"), vulnerable: make_list("lt 2.4.26-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/vserver-sources", unaffected: make_list("ge 2.4.26.1.3.9-r2"), vulnerable: make_list("lt 2.4.26.1.3.9-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/openmosix-sources", unaffected: make_list("ge 2.4.22-r10"), vulnerable: make_list("lt 2.4.22-r10")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/usermode-sources", unaffected: make_list("rge 2.4.24-r5", "ge 2.4.26-r2"), vulnerable: make_list("lt 2.4.26-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/hardened-sources", unaffected: make_list("ge 2.4.26-r2"), vulnerable: make_list("lt 2.4.26-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/grsec-sources", unaffected: make_list("ge 2.4.26.2.0-r5"), vulnerable: make_list("lt 2.4.26.2.0-r5")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/hppa-sources", unaffected: make_list("ge 2.4.26_p6"), vulnerable: make_list("lt 2.4.26_p6")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/hardened-dev-sources", unaffected: make_list("ge 2.6.7"), vulnerable: make_list("lt 2.6.7")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/mips-sources", unaffected: make_list("ge 2.4.26-r3"), vulnerable: make_list("lt 2.4.26-r3")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/pegasos-dev-sources", unaffected: make_list("ge 2.6.7"), vulnerable: make_list("lt 2.6.7")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/selinux-sources", unaffected: make_list("ge 2.4.26-r2"), vulnerable: make_list("lt 2.4.26-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/gs-sources", unaffected: make_list("ge 2.4.25_pre7-r7"), vulnerable: make_list("lt 2.4.25_pre7-r7")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ck-sources", unaffected: make_list("eq 2.4.26-r1", "ge 2.6.7-r1"), vulnerable: make_list("lt 2.6.7-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/gentoo-dev-sources", unaffected: make_list("ge 2.6.7"), vulnerable: make_list("lt 2.6.7")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/wolk-sources", unaffected: make_list("rge 4.9-r9", "rge 4.11-r6", "ge 4.14-r3"), vulnerable: make_list("lt 4.14-r3")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/alpha-sources", unaffected: make_list("ge 2.4.21-r8"), vulnerable: make_list("lt 2.4.21-r8")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/development-sources", unaffected: make_list("ge 2.6.7"), vulnerable: make_list("lt 2.6.7")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/aa-sources", unaffected: make_list("eq 2.4.23-r2"), vulnerable: make_list("lt 2.4.23-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/hppa-dev-sources", unaffected: make_list("ge 2.6.7"), vulnerable: make_list("lt 2.6.7")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-03.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-03.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-03.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,67 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-03.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14536);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-03");
- script_cve_id("CVE-2004-0493");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-03
-(Apache 2: Remote denial of service attack)
-
-
-    A bug in the protocol.c file handling header lines will cause Apache to
-    allocate memory for header lines starting with TAB or SPACE.
-  
-Impact
-
-    An attacker can exploit this vulnerability to perform a Denial of Service
-    attack by causing Apache to exhaust all memory. On 64 bit systems with more
-    than 4GB of virtual memory a possible integer signedness error could lead
-    to a buffer based overflow causing Apache to crash and under some
-    circumstances execute arbitrary code as the user running Apache, usually
-    "apache".
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version:
-  
-References:
-    http://www.guninski.com/httpd1.html
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0493
-
-
-Solution: 
-    Apache 2 users should upgrade to the latest version of Apache:
-    # emerge sync
-    # emerge -pv ">=net-www/apache-2.0.49-r4"
-    # emerge ">=net-www/apache-2.0.49-r4"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-03] Apache 2: Remote denial of service attack");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Apache 2: Remote denial of service attack');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/apache", unaffected: make_list("ge 2.0.49-r4", "lt 2"), vulnerable: make_list("le 2.0.49-r3")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-04.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-04.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-04.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,61 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-04.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14537);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-04");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-04
-(Pure-FTPd: Potential DoS when maximum connections is reached)
-
-
-    Pure-FTPd contains a bug in the accept_client function handling the setup
-    of new connections.
-  
-Impact
-
-    When the maximum number of connections is reached an attacker could exploit
-    this vulnerability to perform a Denial of Service attack.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version.
-  
-References:
-    http://www.pureftpd.org
-
-
-Solution: 
-    All Pure-FTPd users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=net-ftp/pure-ftpd-1.0.18-r1"
-    # emerge ">=net-ftp/pure-ftpd-1.0.18-r1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-04] Pure-FTPd: Potential DoS when maximum connections is reached");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Pure-FTPd: Potential DoS when maximum connections is reached');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-ftp/pure-ftpd", unaffected: make_list("ge 1.0.18-r1"), vulnerable: make_list("le 1.0.18")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-05.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-05.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-05.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,73 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-05.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14538);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-05");
- script_cve_id("CVE-2004-0419");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-05
-(XFree86, X.org: XDM ignores requestPort setting)
-
-
-    XDM will open TCP sockets for its chooser, even if the
-    DisplayManager.requestPort setting is set to 0. Remote clients can use this
-    port to connect to XDM and request a login window, thus allowing access to
-    the system.
-  
-Impact
-
-    Authorized users may be able to login remotely to a machine running XDM,
-    even if this option is disabled in XDM\'s configuration. Please note that an
-    attacker must have a preexisting account on the machine in order to exploit
-    this vulnerability.
-  
-Workaround
-
-    There is no known workaround at this time. All users should upgrade to the
-    latest available version of X.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0419
-    http://bugs.xfree86.org/show_bug.cgi?id=1376
-
-
-Solution: 
-    If you are using XFree86, you should run the following:
-    # emerge sync
-    # emerge -pv ">=x11-base/xfree-4.3.0-r6"
-    # emerge ">=x11-base/xfree-4.3.0-r6"
-    If you are using X.org\'s X11 server, you should run the following:
-    # emerge sync
-    # emerge -pv ">=x11-base/xorg-x11-6.7.0-r1"
-    # emerge ">=x11-base/xorg-x11-6.7.0-r1"
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-05] XFree86, X.org: XDM ignores requestPort setting");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'XFree86, X.org: XDM ignores requestPort setting');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "x11-base/xfree", unaffected: make_list("ge 4.3.0-r6"), vulnerable: make_list("le 4.3.0-r5")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "x11-base/xorg-x11", unaffected: make_list("ge 6.7.0-r1"), vulnerable: make_list("le 6.7.0")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-06.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-06.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-06.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,68 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-06.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14539);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-06");
- script_cve_id("CVE-2002-1363");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-06
-(libpng: Buffer overflow on row buffers)
-
-
-    Due to a wrong calculation of loop offset values, libpng contains a buffer
-    overflow vulnerability on the row buffers. This vulnerability was initially
-    patched in January 2003 but since it has been discovered that libpng
-    contains the same vulnerability in two other places.
-  
-Impact
-
-    An attacker could exploit this vulnerability to cause programs linked
-    against the library to crash or execute arbitrary code with the permissions
-    of the user running the vulnerable program, which could be the root user.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1363
-
-
-Solution: 
-    All libpng users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=media-libs/libpng-1.2.5-r7"
-    # emerge ">=media-libs/libpng-1.2.5-r7"
-    You should also run revdep-rebuild to rebuild any packages that depend on
-    older versions of libpng :
-    # revdep-rebuild
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-06] libpng: Buffer overflow on row buffers");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'libpng: Buffer overflow on row buffers');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-libs/libpng", unaffected: make_list("ge 1.2.5-r7"), vulnerable: make_list("le 1.2.5-r6")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-07.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-07.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-07.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,65 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-07.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14540);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-07");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-07
-(Shorewall : Insecure temp file handling)
-
-
-    Shorewall uses temporary files and directories in an insecure manner. A
-    local user could create symbolic links at specific locations, eventually
-    overwriting other files on the filesystem with the rights of the shorewall
-    process.
-  
-Impact
-
-    An attacker could exploit this vulnerability to overwrite arbitrary system
-    files with root privileges, resulting in Denial of Service or further
-    exploitation.
-  
-Workaround
-
-    There is no known workaround at this time. All users should upgrade to the
-    latest available version of Shorewall.
-  
-References:
-    http://lists.shorewall.net/pipermail/shorewall-announce/2004-June/000385.html
-
-
-Solution: 
-    All users should upgrade to the latest available version of Shorewall, as
-    follows:
-    # emerge sync
-    # emerge -pv ">=net-firewall/shorewall-1.4.10f"
-    # emerge ">=net-firewall/shorewall-1.4.10f"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-07] Shorewall : Insecure temp file handling");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Shorewall : Insecure temp file handling');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-firewall/shorewall", unaffected: make_list("ge 1.4.10f"), vulnerable: make_list("le 1.4.10c")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-08.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-08.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-08.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,70 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-08.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14541);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-08");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-08
-(Ethereal: Multiple security problems)
-
-
-    There are multiple vulnerabilities in versions of Ethereal earlier than
-    0.10.5, including:
-    In some cases the iSNS dissector could cause Ethereal to abort.
-    If there was no policy name for a handle for SMB SID snooping it could
-    cause a crash.
-    A malformed or missing community string could cause the SNMP dissector
-    to crash.
-  
-Impact
-
-    An attacker could use these vulnerabilities to crash Ethereal or even
-    execute arbitrary code with the permissions of the user running Ethereal,
-    which could be the root user.
-  
-Workaround
-
-    For a temporary workaround you can disable all affected protocol dissectors
-    by selecting Analyze->Enabled Protocols... and deselecting them from the
-    list. For SMB you can disable SID snooping in the SMB protocol preference.
-    However, it is strongly recommended to upgrade to the latest stable
-    version.
-  
-References:
-    http://www.ethereal.com/appnotes/enpa-sa-00015.html
-
-
-Solution: 
-    All Ethereal users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=net-analyzer/ethereal-0.10.5"
-    # emerge ">=net-analyzer/ethereal-0.10.5"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-08] Ethereal: Multiple security problems");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Ethereal: Multiple security problems');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-analyzer/ethereal", unaffected: make_list("ge 0.10.5"), vulnerable: make_list("le 0.10.4")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-09.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-09.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-09.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,66 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-09.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14542);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-09");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-09
-(MoinMoin: Group ACL bypass)
-
-
-    MoinMoin contains a bug in the code handling administrative group ACLs. A
-    user created with the same name as an administrative group gains the
-    privileges of the administrative group.
-  
-Impact
-
-    If an administrative group called AdminGroup existed an attacker could
-    create a user called AdminGroup and gain the privileges of the group
-    AdminGroup. This could lead to unauthorized users gaining administrative
-    access.
-  
-Workaround
-
-    For every administrative group with special privileges create a user with
-    the same name as the group.
-  
-References:
-    http://sourceforge.net/tracker/index.php?func=detail&aid=948103&group_id=8482&atid=108482
-    http://www.osvdb.org/6704
-
-
-Solution: 
-    All users should upgrade to the latest available version of MoinMoin, as
-    follows:
-    # emerge sync
-    # emerge -pv ">=net-ww/moinmoin-1.2.2"
-    # emerge ">=net-ww/moinmoin-1.2.2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-09] MoinMoin: Group ACL bypass");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'MoinMoin: Group ACL bypass');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/moinmoin", unaffected: make_list("ge 1.2.2"), vulnerable: make_list("le 1.2.1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-10.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-10.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-10.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,67 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-10.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14543);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-10");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-10
-(rsync: Directory traversal in rsync daemon)
-
-
-    When rsyncd is used without chroot ("use chroot = false" in the rsyncd.conf
-    file), the paths sent by the client are not checked thoroughly enough. If
-    rsyncd is used with read-write permissions ("read only = false"), this
-    vulnerability can be used to write files anywhere with the rights of the
-    rsyncd daemon. With default Gentoo installations, rsyncd runs in a chroot,
-    without write permissions and with the rights of the "nobody" user.
-  
-Impact
-
-    On affected configurations and if the rsync daemon runs under a privileged
-    user, a remote client can exploit this vulnerability to completely
-    compromise the host.
-  
-Workaround
-
-    You should never set the rsync daemon to run with "use chroot = false". If
-    for some reason you have to run rsyncd without a chroot, then you should
-    not set "read only = false".
-  
-References:
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0426
-
-
-Solution: 
-    All users should update to the latest version of the rsync package.
-    # emerge sync
-    # emerge -pv ">=net-misc/rsync-2.6.0-r2"
-    # emerge ">=net-misc/rsync-2.6.0-r2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-10] rsync: Directory traversal in rsync daemon");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'rsync: Directory traversal in rsync daemon');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-misc/rsync", unaffected: make_list("ge 2.6.0-r2"), vulnerable: make_list("le 2.6.0-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-11.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-11.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-11.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,66 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-11.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14544);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-11");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-11
-(wv: Buffer overflow vulnerability)
-
-
-    A use of strcat without proper bounds checking leads to an exploitable
-    buffer overflow. The vulnerable code is executed when wv encounters an
-    unrecognized token, so a specially crafted file, loaded in wv, can trigger
-    the vulnerable code and execute it\'s own arbitrary code. This exploit is
-    only possible when the user loads the document into HTML view mode.
-  
-Impact
-
-    By inducing a user into running wv on a special file, an attacker can
-    execute arbitrary code with the permissions of the user running the
-    vulnerable program.
-  
-Workaround
-
-    Users should not view untrusted documents with wvHtml or applications using
-    wv. When loading an untrusted document in an application using the wv
-    library, make sure HTML view is disabled.
-  
-References:
-    http://www.idefense.com/application/poi/display?id=115&type=vulnerabilities&flashstatus=true
-
-
-Solution: 
-    All users should upgrade to the latest available version.
-    # emerge sync
-    # emerge -pv ">=app-text/wv-1.0.0-r1"
-    # emerge ">=app-text/wv-1.0.0-r1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-11] wv: Buffer overflow vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'wv: Buffer overflow vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-text/wv", unaffected: make_list("ge 1.0.0-r1"), vulnerable: make_list("lt 1.0.0-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-12.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-12.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,97 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-12.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14545);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-12");
- script_cve_id("CVE-2004-0626");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-12
-(Linux Kernel: Remote DoS vulnerability with IPTables TCP Handling)
-
-
-    An attacker can utilize an erroneous data type in the IPTables TCP option
-    handling code, which lies in an iterator. By making a TCP packet with a
-    header length larger than 127 bytes, a negative integer would be implied in
-    the iterator.
-  
-Impact
-
-    By sending one malformed packet, the kernel could get stuck in a loop,
-    consuming all of the CPU resources and rendering the machine useless,
-    causing a Denial of Service. This vulnerability requires no local access.
-  
-Workaround
-
-    If users do not use the netfilter functionality or do not use any
-    ``--tcp-option\'\' rules they are not vulnerable to this exploit. Users that
-    are may remove netfilter support from their kernel or may remove any
-    ``--tcp-option\'\' rules they might be using. However, all users are urged to
-    upgrade their kernels to patched versions.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0626
-
-
-Solution: 
-    Users are encouraged to upgrade to the latest available sources for their
-    system:
-    # emerge sync
-    # emerge -pv your-favorite-sources
-    # emerge your-favorite-sources
-    # # Follow usual procedure for compiling and installing a kernel.
-    # # If you use genkernel, run genkernel as you would do normally.
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-12] Linux Kernel: Remote DoS vulnerability with IPTables TCP Handling");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Linux Kernel: Remote DoS vulnerability with IPTables TCP Handling');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-kernel/win4lin-sources", unaffected: make_list("ge 2.6.7-r1", "lt 2.6"), vulnerable: make_list("lt 2.6.7-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/rsbac-dev-sources", unaffected: make_list("ge 2.6.7-r1"), vulnerable: make_list("lt 2.6.7-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/xbox-sources", unaffected: make_list("ge 2.6.7-r1", "lt 2.6"), vulnerable: make_list("lt 2.6.7-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/hardened-dev-sources", unaffected: make_list("ge 2.6.7-r1"), vulnerable: make_list("lt 2.6.7-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/aa-sources", unaffected: make_list("ge 2.6.5-r5", "lt 2.6"), vulnerable: make_list("lt 2.6.5-r5")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/gentoo-dev-sources", unaffected: make_list("ge 2.6.7-r7"), vulnerable: make_list("lt 2.6.7-r7")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/usermode-sources", unaffected: make_list("ge 2.6.6-r2", "lt 2.6"), vulnerable: make_list("lt 2.6.6-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/development-sources", unaffected: make_list("ge 2.6.8"), vulnerable: make_list("lt 2.6.8")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/mips-sources", unaffected: make_list("ge 2.6.4-r4", "lt 2.6"), vulnerable: make_list("lt 2.6.4-r4")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/uclinux-sources", unaffected: make_list("ge 2.6.7_p0-r1", "lt 2.6"), vulnerable: make_list("lt 2.6.7_p0")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/mm-sources", unaffected: make_list("ge 2.6.7-r4", "lt 2.6"), vulnerable: make_list("lt 2.6.7-r4")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/pegasos-dev-sources", unaffected: make_list("ge 2.6.7-r1"), vulnerable: make_list("lt 2.6.7-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ck-sources", unaffected: make_list("ge 2.6.7-r2", "lt 2.6"), vulnerable: make_list("lt 2.6.7-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/hppa-dev-sources", unaffected: make_list("ge 2.6.7_p1-r1"), vulnerable: make_list("lt 2.6.7_p1-r1")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-13.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-13.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,85 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14546);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-13");
- script_cve_id("CVE-2004-0594", "CVE-2004-0595");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-13
-(PHP: Multiple security vulnerabilities)
-
-
-    Several security vulnerabilities were found and fixed in version 4.3.8 of
-    PHP. The strip_tags() function, used to sanitize user input, could in
-    certain cases allow tags containing \\0 characters (CVE-2004-0595). When
-    memory_limit is used, PHP might unsafely interrupt other functions
-    (CVE-2004-0594). The ftok and itpc functions were missing safe_mode checks.
-    It was possible to bypass open_basedir restrictions using MySQL\'s LOAD DATA
-    LOCAL function. Furthermore, the IMAP extension was incorrectly allocating
-    memory and alloca() calls were replaced with emalloc() for better stack
-    protection.
-  
-Impact
-
-    Successfully exploited, the memory_limit problem could allow remote
-    excution of arbitrary code. By exploiting the strip_tags vulnerability, it
-    is possible to pass HTML code that would be considered as valid tags by the
-    Microsoft Internet Explorer and Safari browsers. Using ftok, itpc or
-    MySQL\'s LOAD DATA LOCAL, it is possible to bypass PHP configuration
-    restrictions.
-  
-Workaround
-
-    There is no known workaround that would solve all these problems. All users
-    are encouraged to upgrade to the latest available versions.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0594
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0595
-    http://security.e-matters.de/advisories/112004.html
-    http://security.e-matters.de/advisories/122004.html
-
-
-Solution: 
-    All PHP, mod_php and php-cgi users should upgrade to the latest stable
-    version:
-    # emerge sync
-    # emerge -pv ">=dev-php/php-4.3.8"
-    # emerge ">=dev-php/php-4.3.8"
-    # emerge -pv ">=dev-php/mod_php-4.3.8"
-    # emerge ">=dev-php/mod_php-4.3.8"
-    # emerge -pv ">=dev-php/php-cgi-4.3.8"
-    # emerge ">=dev-php/php-cgi-4.3.8"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-13] PHP: Multiple security vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'PHP: Multiple security vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-php/php", unaffected: make_list("ge 4.3.8"), vulnerable: make_list("le 4.3.7-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "dev-php/mod_php", unaffected: make_list("ge 4.3.8"), vulnerable: make_list("le 4.3.7-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "dev-php/php-cgi", unaffected: make_list("ge 4.3.8"), vulnerable: make_list("le 4.3.7-r1")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-14.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-14.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,80 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-14.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14547);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-14");
- script_cve_id("CVE-2004-0608");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-14
-(Unreal Tournament 2003/2004: Buffer overflow in \'secure\' queries)
-
-
-    The Unreal-based game servers support a specific type of query called
-    \'secure\'. Part of the Gamespy protocol, this query is used to ask if the
-    game server is able to calculate an exact response using a provided string.
-    Luigi Auriemma found that sending a long \'secure\' query triggers a buffer
-    overflow in the game server.
-  
-Impact
-
-    By sending a malicious UDP-based \'secure\' query, an attacker could execute
-    arbitrary code on the game server.
-  
-Workaround
-
-    Users can avoid this vulnerability by not using Unreal Tournament to host
-    games as a server. All users running a server should upgrade to the latest
-    versions.
-  
-References:
-    http://aluigi.altervista.org/adv/unsecure-adv.txt
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0608
-
-
-Solution: 
-    All Unreal Tournament users should upgrade to the latest available
-    versions:
-    # emerge sync
-    # emerge -pv ">=games-fps/ut2003-2225-r3"
-    # emerge ">=games-fps/ut2003-2225-r3"
-    # emerge -pv ">=games-server/ut2003-ded-2225-r2"
-    # emerge ">=games-server/ut2003-ded-2225-r2"
-    # emerge -pv ">=games-fps/ut2004-3236"
-    # emerge ">=games-fps/ut2004-3236"
-    # emerge -pv ">=games-fps/ut2004-demo-3120-r4"
-    # emerge ">=games-fps/ut2004-demo-3120-r4"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-14] Unreal Tournament 2003/2004: Buffer overflow in \'secure\' queries");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Unreal Tournament 2003/2004: Buffer overflow in \'secure\' queries');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "games-server/ut2003-ded", unaffected: make_list("ge 2225-r2"), vulnerable: make_list("le 2225-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "games-fps/ut2004", unaffected: make_list("ge 3236"), vulnerable: make_list("lt 3236")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "games-fps/ut2004-demo", unaffected: make_list("ge 3120-r4"), vulnerable: make_list("le 3120-r3")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "games-fps/ut2003", unaffected: make_list("ge 2225-r3"), vulnerable: make_list("le 2225-r2")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-15.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-15.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,68 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-15.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14548);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-15");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-15
-(Opera: Multiple spoofing vulnerabilities)
-
-
-    Opera fails to remove illegal characters from an URI of a link and to check
-    that the target frame of a link belongs to the same website as the link.
-    Opera also updates the address bar before loading a page. Additionally,
-    Opera contains a certificate verification problem.
-  
-Impact
-
-    These vulnerabilities could allow an attacker to impersonate legitimate
-    websites to steal sensitive information from users. This could be done by
-    obfuscating the real URI of a link or by injecting a malicious frame into
-    an arbitrary frame of another browser window.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version.
-  
-References:
-    http://www.securityfocus.com/bid/10517
-    http://secunia.com/advisories/11978/
-    http://secunia.com/advisories/12028/
-    http://www.opera.com/linux/changelogs/753/
-
-
-Solution: 
-    All Opera users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=net-www/opera-7.53"
-    # emerge ">=net-www/opera-7.53"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-15] Opera: Multiple spoofing vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Opera: Multiple spoofing vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/opera", unaffected: make_list("ge 7.53"), vulnerable: make_list("le 7.52")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-16.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-16.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-16.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,132 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-16.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14549);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-16");
- script_cve_id("CVE-2004-0447", "CVE-2004-0496", "CVE-2004-0497", "CVE-2004-0565");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-16
-(Linux Kernel: Multiple DoS and permission vulnerabilities)
-
-Workaround
-
-    2.4 users may not be affected by CVE-2004-0497 if they do not use remote
-    network filesystems and do not have support for any such filesystems in
-    their kernel configuration. All 2.6 users are affected by the /proc
-    attribute issue and the only known workaround is to disable /proc support.
-    The VServer flaw applies only to vserver-sources, and no workaround is
-    currently known for the issue. There is no known fix to CVE-2004-0447,
-    CVE-2004-0496 or CVE-2004-0565 other than to upgrade the kernel to a
-    patched version.
-    As a result, all users affected by any of these vulnerabilities should
-    upgrade their kernels to ensure the integrity of their systems.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0447
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0496
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0497
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0565
-    http://www.securityfocus.com/archive/1/367977
-
-
-Solution: 
-    Users are encouraged to upgrade to the latest available sources for their
-    system:
-    # emerge sync
-    # emerge -pv your-favorite-sources
-    # emerge your-favorite-sources
-    # # Follow usual procedure for compiling and installing a kernel.
-    # # If you use genkernel, run genkernel as you would do normally.
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-16] Linux Kernel: Multiple DoS and permission vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Linux Kernel: Multiple DoS and permission vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-kernel/vanilla-sources", unaffected: make_list("ge 2.4.27"), vulnerable: make_list("le 2.4.26")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/vserver-sources", unaffected: make_list("ge 2.4.26.1.28-r1"), vulnerable: make_list("lt 2.4.26.1.28-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/wolk-sources", unaffected: make_list("rge 4.9-r10", "rge 4.11-r7", "ge 4.14-r4"), vulnerable: make_list("lt 4.14-r4")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/uclinux-sources", unaffected: make_list("rge 2.4.26_p0-r3", "ge 2.6.7_p0-r2"), vulnerable: make_list("lt 2.6.7_p0-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/pegasos-sources", unaffected: make_list("ge 2.4.26-r3"), vulnerable: make_list("lt 2.4.26-r3")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/gentoo-sources", unaffected: make_list("rge 2.4.19-r18", "rge 2.4.20-r21", "rge 2.4.22-r13", "rge 2.4.25-r6", "ge 2.4.26-r5"), vulnerable: make_list("lt 2.4.26-r5")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/hppa-dev-sources", unaffected: make_list("ge 2.6.7_p1-r2"), vulnerable: make_list("lt 2.6.7_p1-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/pegasos-dev-sources", unaffected: make_list("ge 2.6.7-r2"), vulnerable: make_list("lt 2.6.7-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/gentoo-dev-sources", unaffected: make_list("ge 2.6.7-r8"), vulnerable: make_list("lt 2.6.7-r8")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/grsec-sources", unaffected: make_list("ge 2.4.26.2.0-r6"), vulnerable: make_list("lt 2.4.26.2.0-r6")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ppc-sources", unaffected: make_list("ge 2.4.26-r3"), vulnerable: make_list("lt 2.4.26-r3")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/selinux-sources", unaffected: make_list("ge 2.4.26-r2"), vulnerable: make_list("lt 2.4.26-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/mips-sources", unaffected: make_list("ge 2.4.27"), vulnerable: make_list("lt 2.4.27")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/development-sources", unaffected: make_list("ge 2.6.8_rc1"), vulnerable: make_list("lt 2.6.8_rc1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/hardened-sources", unaffected: make_list("ge 2.4.26-r3"), vulnerable: make_list("lt 2.4.26-r3")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/hppa-sources", unaffected: make_list("ge 2.4.26_p6-r1"), vulnerable: make_list("lt 2.4.26_p6-r1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/xbox-sources", unaffected: make_list("rge 2.4.26-r3", "ge 2.6.7-r2"), vulnerable: make_list("lt 2.6.7-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/planet-ccrma-sources", unaffected: make_list("ge 2.4.21-r11"), vulnerable: make_list("lt 2.4.21-r11")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/rsbac-sources", unaffected: make_list("ge 2.4.26-r3"), vulnerable: make_list("lt 2.4.26-r3")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/usermode-sources", unaffected: make_list("rge 2.4.24-r6", "rge 2.4.26-r3", "ge 2.6.6-r4"), vulnerable: make_list("lt 2.6.6-r4")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/openmosix-sources", unaffected: make_list("ge 2.4.22-r11"), vulnerable: make_list("lt 2.4.22-r11")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/aa-sources", unaffected: make_list("rge 2.4.23-r2", "ge 2.6.5-r5"), vulnerable: make_list("lt 2.6.5-r5")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/win4lin-sources", unaffected: make_list("rge 2.4.26-r3", "ge 2.6.7-r2"), vulnerable: make_list("lt 2.6.7-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ck-sources", unaffected: make_list("rge 2.4.26-r1", "ge 2.6.7-r5"), vulnerable: make_list("lt 2.6.7-r5")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/gs-sources", unaffected: make_list("ge 2.4.25_pre7-r8"), vulnerable: make_list("lt 2.4.25_pre7-r8")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/mm-sources", unaffected: make_list("ge 2.6.7-r6"), vulnerable: make_list("lt 2.6.7-r6")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ia64-sources", unaffected: make_list("ge 2.4.24-r7"), vulnerable: make_list("lt 2.4.24-r7")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/compaq-sources", unaffected: make_list("ge 2.4.9.32.7-r8"), vulnerable: make_list("lt 2.4.9.32.7-r8")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/alpha-sources", unaffected: make_list("ge 2.4.21-r9"), vulnerable: make_list("lt 2.4.21-r9")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/sparc-sources", unaffected: make_list("ge 2.4.26-r3"), vulnerable: make_list("lt 2.4.26-r3")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/pac-sources", unaffected: make_list("ge 2.4.23-r9"), vulnerable: make_list("lt 2.4.23-r9")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/rsbac-dev-sources", unaffected: make_list("ge 2.6.7-r2"), vulnerable: make_list("lt 2.6.7-r2")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/hardened-dev-sources", unaffected: make_list("ge 2.6.7-r2"), vulnerable: make_list("lt 2.6.7-r2")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-17.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-17.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-17.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-17.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14550);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-17");
- script_cve_id("CVE-2004-0649");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-17
-(l2tpd: Buffer overflow)
-
-
-    Thomas Walpuski discovered a buffer overflow that may be exploitable by
-    sending a specially crafted packet. In order to exploit the vulnerable
-    code, an attacker would need to fake the establishment of an L2TP tunnel.
-  
-Impact
-
-    A remote attacker may be able to execute arbitrary code with the privileges
-    of the user running l2tpd.
-  
-Workaround
-
-    There is no known workaround for this vulnerability.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0649
-    http://seclists.org/lists/fulldisclosure/2004/Jun/0094.html
-
-
-Solution: 
-    All users are recommended to upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=net-l2tpd-0.69-r2"
-    # emerge ">=net-l2tpd-0.69-r2"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-17] l2tpd: Buffer overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'l2tpd: Buffer overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-dialup/l2tpd", unaffected: make_list("ge 0.69-r2"), vulnerable: make_list("lt 0.69-r2")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-18.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-18.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-18.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,61 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-18.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14551);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-18");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-18
-(mod_ssl: Format string vulnerability)
-
-
-    A bug in ssl_engine_ext.c makes mod_ssl vulnerable to a ssl_log() related
-    format string vulnerability in the mod_proxy hook functions.
-  
-Impact
-
-    Given the right server configuration, an attacker could execute code as the
-    user running Apache, usually "apache".
-  
-Workaround
-
-    A server should not be vulnerable if it is not using both mod_ssl and
-    mod_proxy. Otherwise there is no workaround other than to disable mod_ssl.
-  
-References:
-    http://marc.theaimsgroup.com/?l=apache-modssl&m=109001100906749&w=2
-
-
-Solution: 
-    All mod_ssl users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-www/mod_ssl-2.8.19"
-    # emerge ">=net-www/mod_ssl-2.8.19"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-18] mod_ssl: Format string vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'mod_ssl: Format string vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/mod_ssl", unaffected: make_list("ge 2.8.19"), vulnerable: make_list("le 2.8.18")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-19.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-19.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-19.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,58 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-19.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14552);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-19");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-19
-(Pavuk: Digest authentication helper buffer overflow)
-
-
-    Pavuk contains several buffer overflow vulnerabilities in the code handling
-    digest authentication.
-  
-Impact
-
-    An attacker could cause a buffer overflow, leading to arbitrary code
-    execution with the rights of the user running Pavuk.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version of Pavuk.
-  
-
-Solution: 
-    All Pavuk users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-misc/pavuk-0.9.28-r3"
-    # emerge ">=net-misc/pavuk-0.9.28-r3"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-19] Pavuk: Digest authentication helper buffer overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Pavuk: Digest authentication helper buffer overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-misc/pavuk", unaffected: make_list("ge 0.9.28-r3"), vulnerable: make_list("le 0.9.28-r2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-20.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-20.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-20.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,67 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-20.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14553);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-20");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-20
-(Subversion: Vulnerability in mod_authz_svn)
-
-
-    Users with write access to part of a Subversion repository may bypass read
-    restrictions on any part of that repository. This can be done using an
-    "svn copy" command to copy the portion of a repository the user
-    wishes to read into an area where they have write access.
-    Since copies are versioned, any such copy attempts will be readily
-    apparent.
-  
-Impact
-
-    This is a low-risk vulnerability. It affects only users of Subversion who
-    are running servers inside Apache and using mod_authz_svn. Additionally,
-    this vulnerability may be exploited only by users with write access to some
-    portion of a repository.
-  
-Workaround
-
-    Keep sensitive content separated into different Subversion repositories, or
-    disable the Apache Subversion server and use svnserve instead.
-  
-References:
-    http://svn.collab.net/repos/svn/tags/1.0.6/CHANGES
-
-
-Solution: 
-    All Subversion users should upgrade to the latest available version:
-    # emerge sync
-    # emerge -pv ">=dev-util/subversion-1.0.6"
-    # emerve ">=dev-util/subversion-1.0.6"
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-20] Subversion: Vulnerability in mod_authz_svn");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Subversion: Vulnerability in mod_authz_svn');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-util/subversion", unaffected: make_list("ge 1.0.6"), vulnerable: make_list("le 1.0.4-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-21.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-21.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-21.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,72 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-21.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14554);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-21");
- script_cve_id("CVE-2004-0600", "CVE-2004-0686");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-21
-(Samba: Multiple buffer overflows)
-
-
-    Evgeny Demidov found a buffer overflow in SWAT, located in the base64 data
-    decoder used to handle HTTP basic authentication (CVE-2004-0600). The same
-    flaw is present in the code used to handle the sambaMungedDial attribute
-    value, when using the ldapsam passdb backend. Another buffer overflow was
-    found in the code used to support the \'mangling method = hash\' smb.conf
-    option (CVE-2004-0686). Note that the default Samba value for this option
-    is \'mangling method = hash2\' which is not vulnerable.
-  
-Impact
-
-    The SWAT authentication overflow could be exploited to execute arbitrary
-    code with the rights of the Samba daemon process. The overflow in the
-    sambaMungedDial handling code is not thought to be exploitable. The buffer
-    overflow in \'mangling method = hash\' code could also be used to execute
-    arbitrary code on vulnerable configurations.
-  
-Workaround
-
-    Users disabling SWAT, not using ldapsam passdb backends and not using the
-    \'mangling method = hash\' option are not vulnerable.
-  
-References:
-    http://www.samba.org/samba/whatsnew/samba-3.0.5.html
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0600
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0686
-
-
-Solution: 
-    All Samba users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-fs/samba-3.0.5"
-    # emerge ">=net-fs/samba-3.0.5"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-21] Samba: Multiple buffer overflows");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Samba: Multiple buffer overflows');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-fs/samba", unaffected: make_list("ge 3.0.5"), vulnerable: make_list("le 3.0.4-r1")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-22.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-22.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-22.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,70 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-22.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14555);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-22");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-22
-(phpMyAdmin: Multiple vulnerabilities)
-
-
-    Two serious vulnerabilities exist in phpMyAdmin. The first allows any user
-    to alter the server configuration variables (including host, name, and
-    password) by appending new settings to the array variables that hold the
-    configuration in a GET statement. The second allows users to include
-    arbitrary PHP code to be executed within an eval() statement in table name
-    configuration settings. This second vulnerability is only exploitable if
-    $cfg[\'LeftFrameLight\'] is set to FALSE.
-  
-Impact
-
-    Authenticated users can alter configuration variables for their running
-    copy of phpMyAdmin. The impact of this should be minimal. However, the
-    second vulnerability would allow an authenticated user to execute arbitrary
-    PHP code with the permissions of the webserver, potentially allowing a
-    serious Denial of Service or further remote compromise.
-  
-Workaround
-
-    The second, more serious vulnerability is only exploitable if
-    $cfg[\'LeftFrameLight\'] is set to FALSE. In the default Gentoo installation,
-    this is set to TRUE. There is no known workaround for the first.
-  
-References:
-    http://www.securityfocus.com/archive/1/367486
-
-
-Solution: 
-    All phpMyAdmin users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=dev-db/phpmyadmin-2.5.7_p1"
-    # emerge ">=dev-db/phpmyadmin-2.5.7_p1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-22] phpMyAdmin: Multiple vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'phpMyAdmin: Multiple vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-db/phpmyadmin", unaffected: make_list("ge 2.5.7_p1"), vulnerable: make_list("le 2.5.7")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200407-23.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200407-23.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200407-23.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200407-23.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14556);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200407-23");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200407-23
-(SoX: Multiple buffer overflows)
-
-
-    Ulf Harnhammar discovered two buffer overflows in the sox and play commands
-    when handling WAV files with specially crafted header fields.
-  
-Impact
-
-    By enticing a user to play or convert a specially crafted WAV file an
-    attacker could execute arbitrary code with the permissions of the user
-    running SoX.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version of SoX.
-  
-References:
-    http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1141.html
-
-
-Solution: 
-    All SoX users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=media-sound/sox-12.17.4-r2"
-    # emerge ">=media-sound/sox-12.17.4-r2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200407-23] SoX: Multiple buffer overflows");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'SoX: Multiple buffer overflows');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-sound/sox", unaffected: make_list("ge 12.17.4-r2"), vulnerable: make_list("le 12.17.4-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-01.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-01.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-01.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-01.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14557);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-01");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-01
-(MPlayer: GUI filename handling overflow)
-
-
-    The MPlayer GUI code contains several buffer overflow vulnerabilities, and
-    at least one in the TranslateFilename() function is exploitable.
-  
-Impact
-
-    By enticing a user to play a file with a carefully crafted filename an
-    attacker could execute arbitrary code with the permissions of the user
-    running MPlayer.
-  
-Workaround
-
-    To work around this issue, users can compile MPlayer without GUI support by
-    disabling the gtk USE flag. All users are encouraged to upgrade to the
-    latest available version of MPlayer.
-  
-References:
-    http://www.securityfocus.com/bid/10615/
-    http://www.open-security.org/advisories/5
-
-
-Solution: 
-    All MPlayer users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=media-video/mplayer-1.0_pre4-r7"
-    # emerge ">=media-video/mplayer-1.0_pre4-r7"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-01] MPlayer: GUI filename handling overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'MPlayer: GUI filename handling overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-video/mplayer", unaffected: make_list("ge 1.0_pre4-r7"), vulnerable: make_list("lt 1.0_pre4-r7")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-02.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-02.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-02.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,68 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-02.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14558);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-02");
- script_cve_id("CVE-2004-0591");
- script_xref(name: "CERT", value: "CA-2000-02");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-02
-(Courier: Cross-site scripting vulnerability in SqWebMail)
-
-
-    Luca Legato found that SqWebMail is vulnerable to a cross-site scripting
-    (XSS) attack. An XSS attack allows an attacker to insert malicious code
-    into a web-based application. SqWebMail doesn\'t filter appropriately data
-    coming from message headers before displaying them.
-  
-Impact
-
-    By sending a carefully crafted message, an attacker can inject and execute
-    script code in the victim\'s browser window. This allows to modify the
-    behaviour of the SqWebMail application, and/or leak session information
-    such as cookies to the attacker.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version of Courier.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0591
-    http://www.cert.org/advisories/CA-2000-02.html
-
-
-Solution: 
-    All Courier users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=mail-mta/courier-0.45.6.20040618"
-    # emerge ">=mail-mta/courier-0.45.6.20040618"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-02] Courier: Cross-site scripting vulnerability in SqWebMail");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Courier: Cross-site scripting vulnerability in SqWebMail');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "mail-mta/courier", unaffected: make_list("ge 0.45.6.20040618"), vulnerable: make_list("le 0.45.6")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-03.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-03.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-03.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,68 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-03.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14559);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-03");
- script_cve_id("CVE-2004-0597", "CVE-2004-0598", "CVE-2004-0599");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-03
-(libpng: Numerous vulnerabilities)
-
-
-    libpng contains numerous vulnerabilities including null pointer dereference
-    errors and boundary errors in various functions.
-  
-Impact
-
-    An attacker could exploit these vulnerabilities to cause programs linked
-    against the library to crash or execute arbitrary code with the permissions
-    of the user running the vulnerable program, which could be the root user.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0597
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0598
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0599
-
-
-Solution: 
-    All libpng users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=media-libs/libpng-1.2.5-r8"
-    # emerge ">=media-libs/libpng-1.2.5-r8"
-    You should also run revdep-rebuild to rebuild any packages that depend on
-    older versions of libpng :
-    # revdep-rebuild
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-03] libpng: Numerous vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'libpng: Numerous vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-libs/libpng", unaffected: make_list("ge 1.2.5-r8"), vulnerable: make_list("le 1.2.5-r7")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-04.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-04.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-04.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-04.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14560);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-04");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-04
-(PuTTY: Pre-authentication arbitrary code execution)
-
-
-    PuTTY contains a vulnerability allowing a malicious server to execute
-    arbitrary code on the connecting client before host key verification.
-  
-Impact
-
-    When connecting to a server using the SSH2 protocol an attacker is able to
-    execute arbitrary code with the permissions of the user running PuTTY by
-    sending specially crafted packets to the client during the authentication
-    process but before host key verification.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version of PuTTY.
-  
-References:
-    http://www.coresecurity.com/common/showdoc.php?idx=417&idxseccion=10
-    http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
-
-
-Solution: 
-    All PuTTY users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-misc/putty-0.55"
-    # emerge ">=net-misc/putty-0.55"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-04] PuTTY: Pre-authentication arbitrary code execution");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'PuTTY: Pre-authentication arbitrary code execution');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-misc/putty", unaffected: make_list("ge 0.55"), vulnerable: make_list("le 0.54")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-05.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-05.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-05.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,70 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-05.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14561);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-05");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-05
-(Opera: Multiple new vulnerabilities)
-
-
-    Multiple vulnerabilities have been found in the Opera web browser. Opera
-    fails to deny write access to the "location" browser object. An
-    attacker can overwrite methods in this object and gain script access to any
-    page that uses one of these methods. Furthermore, access to file:// URLs is
-    possible even from pages loaded using other protocols. Finally, spoofing a
-    legitimate web page is still possible, despite the fixes announced in GLSA
-    200407-15.
-  
-Impact
-
-    By enticing an user to visit specially crafted web pages, an attacker can
-    read files located on the victim\'s file system, read emails written or
-    received by M2, Opera\'s mail program, steal cookies, spoof URLs, track user
-    browsing history, etc.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version.
-  
-References:
-    http://www.opera.com/linux/changelogs/754/
-    http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1056.html
-    http://www.greymagic.com/security/advisories/gm008-op/
-
-
-Solution: 
-    All Opera users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=net-www/opera-7.54"
-    # emerge ">=net-www/opera-7.54"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-05] Opera: Multiple new vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Opera: Multiple new vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/opera", unaffected: make_list("ge 7.54"), vulnerable: make_list("le 7.53")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-06.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-06.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-06.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,60 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-06.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14562);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-06");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-06
-(SpamAssassin: Denial of Service vulnerability)
-
-
-    SpamAssassin contains an unspecified Denial of Service vulnerability.
-  
-Impact
-
-    By sending a specially crafted message an attacker could cause a Denial of
-    Service attack against the SpamAssassin service.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version of SpamAssassin.
-  
-References:
-    http://marc.theaimsgroup.com/?l=spamassassin-announce&m=109168121628767&w=2
-
-
-Solution: 
-    All SpamAssassin users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=mail-filter/spamassassin-2.64"
-    # emerge ">=mail-filter/spamassassin-2.64"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-06] SpamAssassin: Denial of Service vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'SpamAssassin: Denial of Service vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "mail-filter/spamassassin", unaffected: make_list("ge 2.64"), vulnerable: make_list("le 2.63-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-07.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-07.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-07.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-07.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14563);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-07");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-07
-(Horde-IMP: Input validation vulnerability for Internet Explorer users)
-
-
-    Horde-IMP fails to properly sanitize email messages that contain malicious
-    HTML or script code so that it is not safe for users of Internet Explorer
-    when using the inline MIME viewer for HTML messages.
-  
-Impact
-
-    By enticing a user to read a specially crafted e-mail, an attacker can
-    execute arbitrary scripts running in the context of the victim\'s browser.
-    This could lead to a compromise of the user\'s webmail account, cookie
-    theft, etc.
-  
-Workaround
-
-    Do not use Internet Explorer to access Horde-IMP.
-  
-References:
-    http://cvs.horde.org/diff.php/imp/docs/CHANGES?r1=1.389.2.106&r2=1.389.2.109&ty=h
-    http://secunia.com/advisories/12202/
-
-
-Solution: 
-    All Horde-IMP users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=horde-imp-3.2.5"
-    # emerge ">=horde-imp-3.2.5"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-07] Horde-IMP: Input validation vulnerability for Internet Explorer users");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Horde-IMP: Input validation vulnerability for Internet Explorer users');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/horde-imp", unaffected: make_list("ge 3.2.5"), vulnerable: make_list("le 3.2.4")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-08.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-08.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-08.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,68 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-08.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14564);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-08");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-08
-(Cfengine: RSA Authentication Heap Corruption)
-
-
-    Two vulnerabilities have been found in cfservd. One is a buffer overflow in
-    the AuthenticationDialogue function and the other is a failure to check the
-    proper return value of the ReceiveTransaction function.
-  
-Impact
-
-    An attacker could use the buffer overflow to execute arbitrary code with
-    the permissions of the user running cfservd, which is usually the root
-    user. However, before such an attack could be mounted, the IP-based ACL
-    would have to be bypassed. With the second vulnerability, an attacker could
-    cause a denial of service attack.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version of Cfengine. (It should be noted
-    that disabling cfservd will work around this particular problem. However,
-    in many cases, doing so will cripple your Cfengine setup. Upgrading is
-    strongly recommended.)
-  
-References:
-    http://www.coresecurity.com/common/showdoc.php?idx=387&idxseccion=10
-
-
-Solution: 
-    All Cfengine users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-misc/cfengine-2.1.8"
-    # emerge ">=net-misc/cfengine-2.1.8"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-08] Cfengine: RSA Authentication Heap Corruption");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Cfengine: RSA Authentication Heap Corruption');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-misc/cfengine", unaffected: make_list("ge 2.1.8", "lt 2.0.0"), vulnerable: make_list("le 2.1.7")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-09.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-09.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-09.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,61 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-09.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14565);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-09");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-09
-(Roundup: Filesystem access vulnerability)
-
-
-    Improper handling of a specially crafted URL allows access to the server\'s
-    filesystem, which could contain sensitive information.
-  
-Impact
-
-    An attacker could view files owned by the user running Roundup. This will
-    never be root however, as Roundup will not run as root.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version of Roundup.
-  
-References:
-    http://secunia.com/advisories/11801/
-
-
-Solution: 
-    All Roundup users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-www/roundup-0.7.6"
-    # emerge ">=net-www/roundup-0.7.6"
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-09] Roundup: Filesystem access vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Roundup: Filesystem access vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/roundup", unaffected: make_list("ge 0.7.6"), vulnerable: make_list("le 0.6.4")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-10.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-10.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-10.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-10.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14566);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-10");
- script_cve_id("CVE-2002-0838");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-10
-(gv: Exploitable Buffer Overflow)
-
-
-    gv contains a buffer overflow vulnerability where an unsafe sscanf() call
-    is used to interpret PDF and PostScript files.
-  
-Impact
-
-    By enticing a user to view a malformed PDF or PostScript file an attacker
-    could execute arbitrary code with the permissions of the user running gv.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version of gv.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0838
-
-
-Solution: 
-    All gv users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=app-text/gv-3.5.8-r4"
-    # emerge ">=app-text/gv-3.5.8-r4"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-10] gv: Exploitable Buffer Overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'gv: Exploitable Buffer Overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-text/gv", unaffected: make_list("ge 3.5.8-r4"), vulnerable: make_list("le 3.5.8-r3")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-11.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-11.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-11.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-11.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14567);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-11");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-11
-( race condition vulnerability)
-
-
-    A race condition can occur in "openvas-adduser" if the user has
-    not configured their TMPDIR variable.
-  
-Impact
-
-    A malicious user could exploit this bug to escalate privileges to the
-    rights of the user running "openvas-adduser".
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version of OpenVAS.
-  
-References:
-    http://secunia.com/advisories/12127/
-
-
-Solution: 
-    All OpenVAS users should upgrade to the latest version:
-    # Not reliable at the moment. Please Google.
-    # emerge sync
-    # emerge -pv ">=net-analyzer/openvas"
-    # emerge ">=net-analyzer/openvas"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-11]  race condition vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: ' race condition vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-analyzer/openvas", unaffected: make_list("ge 2.0.12"), vulnerable: make_list("le 2.0.11")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-12.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-12.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-12.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14568);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-12");
- script_xref(name: "OSVDB", value: "8382");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-12
-(Gaim: MSN protocol parsing function buffer overflow)
-
-
-    Sebastian Krahmer of the SuSE Security Team has discovered a remotely
-    exploitable buffer overflow vulnerability in the code handling MSN protocol
-    parsing.
-  
-Impact
-
-    By sending a carefully-crafted message, an attacker may execute arbitrary
-    code with the permissions of the user running Gaim.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version of Gaim.
-  
-References:
-    http://www.osvdb.org/displayvuln.php?osvdb_id=8382
-
-
-Solution: 
-    All Gaim users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-im/gaim-0.81-r1"
-    # emerge ">=net-im/gaim-0.81-r1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-12] Gaim: MSN protocol parsing function buffer overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Gaim: MSN protocol parsing function buffer overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-im/gaim", unaffected: make_list("ge 0.81-r1"), vulnerable: make_list("le 0.81")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-13.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-13.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,73 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-13.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14569);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-13");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-13
-(kdebase, kdelibs: Multiple security issues)
-
-
-    KDE contains three security issues:
-    Insecure handling of temporary files when running KDE applications
-    outside of the KDE environment
-    DCOPServer creates temporary files in an insecure manner
-    The Konqueror browser allows websites to load webpages into a target
-    frame of any other open frame-based webpage
-  
-Impact
-
-    An attacker could exploit these vulnerabilities to create or overwrite
-    files with the permissions of another user, compromise the account of users
-    running a KDE application and insert arbitrary frames into an otherwise
-    trusted webpage.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version of kdebase.
-  
-References:
-    http://www.kde.org/info/security/advisory-20040811-1.txt
-    http://www.kde.org/info/security/advisory-20040811-2.txt
-    http://www.kde.org/info/security/advisory-20040811-3.txt
-
-
-Solution: 
-    All KDE users should upgrade to the latest versions of kdelibs and kdebase:
-    # emerge sync
-    # emerge -pv ">=kde-base/kdebase-3.2.3-r1"
-    # emerge ">=kde-base/kdebase-3.2.3-r1"
-    # emerge -pv ">=kde-base/kdelibs-3.2.3-r1"
-    # emerge ">=kde-base/kdelibs-3.2.3-r1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-13] kdebase, kdelibs: Multiple security issues");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'kdebase, kdelibs: Multiple security issues');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "kde-base/kdelibs", unaffected: make_list("ge 3.2.3-r1"), vulnerable: make_list("lt 3.2.3-r1")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "kde-base/kdebase", unaffected: make_list("ge 3.2.3-r1"), vulnerable: make_list("lt 3.2.3-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-14.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-14.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,65 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-14.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14570);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-14");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-14
-(acroread: UUDecode filename buffer overflow)
-
-
-    acroread contains two errors in the handling of UUEncoded filenames. First,
-    it fails to check the length of a filename before copying it into a fixed
-    size buffer and, secondly, it fails to check for the backtick shell
-    metacharacter in the filename before executing a command with a shell.
-  
-Impact
-
-    By enticing a user to open a PDF with a specially crafted filename, an
-    attacker could execute arbitrary code or programs with the permissions of
-    the user running acroread.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version of acroread.
-  
-References:
-    http://idefense.com/application/poi/display?id=124&type=vulnerabilities
-    http://idefense.com/application/poi/display?id=125&type=vulnerabilities
-
-
-Solution: 
-    All acroread users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=app-text/acroread-5.09"
-    # emerge ">=app-text/acroread-5.09"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-14] acroread: UUDecode filename buffer overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'acroread: UUDecode filename buffer overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-text/acroread", unaffected: make_list("ge 5.09"), vulnerable: make_list("le 5.08")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-15.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-15.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-15.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14571);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-15");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-15
-(Tomcat: Insecure installation)
-
-
-    The Gentoo ebuild for Tomcat sets the ownership of the Tomcat init scripts
-    as tomcat:tomcat, but those scripts are executed with root privileges when
-    the system is started. This may allow a member of the tomcat group to run
-    arbitrary code with root privileges when the Tomcat init scripts are run.
-  
-Impact
-
-    This could lead to a local privilege escalation or root compromise by
-    authenticated users.
-  
-Workaround
-
-    Users may change the ownership of /etc/init.d/tomcat* and
-    /etc/conf.d/tomcat* to be root:root:
-    # chown -R root:root /etc/init.d/tomcat*
-    # chown -R root:root /etc/conf.d/tomcat*
-  
-
-Solution: 
-    All Tomcat users can upgrade to the latest stable version, or simply apply
-    the workaround:
-    # emerge sync
-    # emerge -pv ">=www-servers/tomcat-5.0.27-r3"
-    # emerge ">=www-servers/tomcat-5.0.27-r3"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-15] Tomcat: Insecure installation");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Tomcat: Insecure installation');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "www-servers/tomcat", unaffected: make_list("ge 5.0.27-r3", "rge 4.1.30-r4", "rge 3.3.2-r2"), vulnerable: make_list("lt 5.0.27-r3")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-16.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-16.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-16.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,61 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-16.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14572);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-16");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-16
-(glibc: Information leak with LD_DEBUG)
-
-
-    Silvio Cesare discovered a potential information leak in glibc. It allows
-    LD_DEBUG on SUID binaries where it should not be allowed. This has various
-    security implications, which may be used to gain confidentional
-    information.
-  
-Impact
-
-    An attacker can gain the list of symbols a SUID application uses and their
-    locations and can then use a trojaned library taking precendence over those
-    symbols to gain information or perform further exploitation.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version of glibc.
-  
-
-Solution: 
-    All glibc users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv your_version
-    # emerge your_version
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-16] glibc: Information leak with LD_DEBUG");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'glibc: Information leak with LD_DEBUG');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-libs/glibc", arch: "ppc64", unaffected: make_list("ge 2.3.4.20040808"), vulnerable: make_list("le 2.3.4.20040605")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-17.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-17.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-17.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,67 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-17.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14573);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-17");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-17
-(rsync: Potential information leakage)
-
-
-    The paths sent by the rsync client are not checked thoroughly enough. It
-    does not affect the normal send/receive filenames that specify what files
-    should be transferred. It does affect certain option paths that cause
-    auxilliary files to be read or written.
-  
-Impact
-
-    When rsyncd is used without chroot ("use chroot = false" in the
-    rsyncd.conf file), this vulnerability could allow the listing of arbitrary
-    files outside module\'s path and allow file overwriting outside module\'s
-    path on rsync server configurations that allows uploading. Both
-    possibilities are exposed only when chroot option is disabled.
-  
-Workaround
-
-    You should never set the rsync daemon to run with "use chroot =
-    false".
-  
-References:
-    http://samba.org/rsync/#security_aug04
-    http://lists.samba.org/archive/rsync-announce/2004/000017.html
-
-
-Solution: 
-    All users should update to the latest version of the rsync package.
-    # emerge sync
-    # emerge -pv ">=net-misc/rsync-2.6.0-r3"
-    # emerge ">=net-misc/rsync-2.6.0-r3"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-17] rsync: Potential information leakage");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'rsync: Potential information leakage');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-misc/rsync", unaffected: make_list("ge 2.6.0-r3"), vulnerable: make_list("le 2.6.0-r2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-18.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-18.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-18.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,67 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-18.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14574);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-18");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-18
-(xine-lib: VCD MRL buffer overflow)
-
-
-    xine-lib contains a bug where it is possible to overflow the vcd:// input
-    source identifier management buffer through carefully crafted playlists.
-  
-Impact
-
-    An attacker may construct a carefully-crafted playlist file which will
-    cause xine-lib to execute arbitrary code with the permissions of the user.
-    In order to conform with the generic naming standards of most Unix-like
-    systems, playlists can have extensions other than .asx (the standard xine
-    playlist format), and made to look like another file (MP3, AVI, or MPEG for
-    example). If an attacker crafts a playlist with a valid header, they can
-    insert a VCD playlist line that can cause a buffer overflow and possible
-    shellcode execution.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version of xine-lib.
-  
-References:
-    http://www.open-security.org/advisories/6
-
-
-Solution: 
-    All xine-lib users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=media-libs/xine-lib-1_rc5-r3"
-    # emerge ">=media-libs/xine-lib-1_rc5-r3"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-18] xine-lib: VCD MRL buffer overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'xine-lib: VCD MRL buffer overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-libs/xine-lib", unaffected: make_list("ge 1_rc5-r3"), vulnerable: make_list("le 1_rc5-r2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-19.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-19.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-19.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,67 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-19.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14575);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-19");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-19
-(courier-imap: Remote Format String Vulnerability)
-
-
-    There is a format string vulnerability in the auth_debug() function which
-    can be exploited remotely, potentially leading to arbitrary code execution
-    as the user running the IMAP daemon (oftentimes root). A remote attacker
-    may send username or password information containing printf() format tokens
-    (such as "%s"), which will crash the server or cause it to
-    execute arbitrary code.
-    This vulnerability can only be exploited if DEBUG_LOGIN is set to something
-    other than 0 in the imapd config file.
-  
-Impact
-
-    If DEBUG_LOGIN is enabled in the imapd configuration, a remote attacker may
-    execute arbitrary code as the root user.
-  
-Workaround
-
-    Set the DEBUG_LOGIN option in /etc/courier-imap/imapd to 0. (This is the
-    default value.)
-  
-References:
-    http://www.idefense.com/application/poi/display?id=131&type=vulnerabilities&flashstatus=true
-
-
-Solution: 
-    All courier-imap users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-mail/courier-imap-3.0.5"
-    # emerge ">=net-mail/courier-imap-3.0.5"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-19] courier-imap: Remote Format String Vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'courier-imap: Remote Format String Vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-mail/courier-imap", unaffected: make_list("ge 3.0.5"), vulnerable: make_list("le 3.0.2-r1")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-20.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-20.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-20.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,66 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-20.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14576);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-20");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-20
-(Qt: Image loader overflows)
-
-
-    There are several unspecified bugs in the QImage class which may cause
-    crashes or allow execution of arbitrary code as the user running the Qt
-    application. These bugs affect the PNG, XPM, BMP, GIF and JPEG image types.
-  
-Impact
-
-    An attacker may exploit these bugs by causing a user to open a
-    carefully-constructed image file in any one of these formats. This may be
-    accomplished through e-mail attachments (if the user uses KMail), or by
-    simply placing a malformed image on a website and then convicing the user
-    to load the site in a Qt-based browser (such as Konqueror).
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version of Qt.
-  
-References:
-    http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:085
-    http://www.trolltech.com/developer/changes/changes-3.3.3.html
-
-
-Solution: 
-    All Qt users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=x11-libs/qt-3.3.3"
-    # emerge ">=x11-libs/qt-3.3.3"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-20] Qt: Image loader overflows");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Qt: Image loader overflows');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "x11-libs/qt", unaffected: make_list("ge 3.3.3"), vulnerable: make_list("le 3.3.2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-21.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-21.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-21.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-21.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14577);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-21");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-21
-(Cacti: SQL injection vulnerability)
-
-
-    Cacti is vulnerable to a SQL injection attack where an attacker may inject
-    SQL into the Username field.
-  
-Impact
-
-    An attacker could compromise the Cacti service and potentially execute
-    programs with the permissions of the user running Cacti. Only systems with
-    php_flag magic_quotes_gpc set to Off are vulnerable. By default, Gentoo
-    Linux installs PHP with this option set to On.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version of Cacti.
-  
-References:
-    http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0717.html
-
-
-Solution: 
-    All users should upgrade to the latest available version of Cacti, as
-    follows:
-    # emerge sync
-    # emerge -pv ">=net-analyzer/cacti-0.8.5a-r1"
-    # emerge ">=net-analyzer/cacti-0.8.5a-r1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-21] Cacti: SQL injection vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Cacti: SQL injection vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-analyzer/cacti", unaffected: make_list("ge 0.8.5a-r1"), vulnerable: make_list("le 0.8.5a")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-22.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-22.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-22.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,90 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-22.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14578);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-22");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-22
-(Mozilla, Firefox, Thunderbird, Galeon, Epiphany: New releases fix vulnerabilities)
-
-
-    Mozilla, Galeon, Epiphany, Mozilla Firefox and Mozilla Thunderbird contain
-    the following vulnerabilities:
-    All Mozilla tools use libpng for graphics. This library contains a
-    buffer overflow which may lead to arbitrary code execution.
-    If a user imports a forged Certificate Authority (CA) certificate, it
-    may overwrite and corrupt the valid CA already installed on the
-    machine.
-    Mozilla, Mozilla Firefox, and other gecko-based browsers also contain a bug
-    in their caching which may allow the SSL icon to remain visible, even when
-    the site in question is an insecure site.
-  
-Impact
-
-    Users of Mozilla, Mozilla Firefox, and other gecko-based browsers are
-    susceptible to SSL certificate spoofing, a Denial of Service against
-    legitimate SSL sites, crashes, and arbitrary code execution. Users of
-    Mozilla Thunderbird are susceptible to crashes and arbitrary code execution
-    via malicious e-mails.
-  
-Workaround
-
-    There is no known workaround for most of these vulnerabilities. All users
-    are advised to upgrade to the latest available version.
-  
-References:
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0763
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0758
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0597
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0598
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0599
-
-
-Solution: 
-    All users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv your-version
-    # emerge your-version
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-22] Mozilla, Firefox, Thunderbird, Galeon, Epiphany: New releases fix vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Mozilla, Firefox, Thunderbird, Galeon, Epiphany: New releases fix vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/epiphany", unaffected: make_list("ge  1.2.7-r1"), vulnerable: make_list("lt  1.2.7-r1")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "net-www/mozilla-firefox-bin", unaffected: make_list("ge 0.9.3"), vulnerable: make_list("lt 0.9.3")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "mail-client/mozilla-thunderbird-bin", unaffected: make_list("ge 0.7.3"), vulnerable: make_list("lt 0.7.3")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "net-www/mozilla-firefox", unaffected: make_list("ge 0.9.3"), vulnerable: make_list("lt 0.9.3")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "net-www/galeon", unaffected: make_list("ge 1.3.17"), vulnerable: make_list("lt 1.3.17")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "net-www/mozilla", unaffected: make_list("ge 1.7.2"), vulnerable: make_list("lt 1.7.2")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "net-www/mozilla-bin", unaffected: make_list("ge 1.7.2"), vulnerable: make_list("lt 1.7.2")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "mail-client/mozilla-thunderbird", unaffected: make_list("ge 0.7.3"), vulnerable: make_list("lt 0.7.3")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-23.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-23.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-23.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,72 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-23.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14579);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-23");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-23
-(kdelibs: Cross-domain cookie injection vulnerability)
-
-
-    kcookiejar contains a vulnerability which may allow a malicious website to
-    set cookies for other websites under the same second-level domain.
-    This vulnerability applies to country-specific secondary top level domains
-    that use more than 2 characters in the secondary part of the domain name,
-    and that use a secondary part other than com, net, mil, org, gov, edu or
-    int. However, certain popular domains, such as co.uk, are not affected.
-  
-Impact
-
-    Users visiting a malicious website using the Konqueror browser may have a
-    session cookie set for them by that site. Later, when the user visits
-    another website under the same domain, the attacker\'s session cookie will
-    be used instead of the cookie issued by the legitimate site. Depending on
-    the design of the legitimate site, this may allow an attacker to gain
-    access to the user\'s session. For further explanation on this type of
-    attack, see the paper titled "Session Fixation Vulnerability in
-    Web-based Applications" (reference 2).
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version of kdelibs.
-  
-References:
-    http://www.kde.org/info/security/advisory-20040823-1.txt
-    http://www.acros.si/papers/session_fixation.pdf
-
-
-Solution: 
-    All kdelibs users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=kde-base/kdelibs-3.2.3-r2"
-    # emerge ">=kde-base/kdelibs-3.2.3-r2"
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-23] kdelibs: Cross-domain cookie injection vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'kdelibs: Cross-domain cookie injection vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "kde-base/kdelibs", unaffected: make_list("ge 3.2.3-r2"), vulnerable: make_list("le 3.2.3-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-24.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-24.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-24.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,145 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-24.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14580);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-24");
- script_cve_id("CVE-2004-0415", "CVE-2004-0685");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-24
-(Linux Kernel: Multiple information leaks)
-
-
-    The Linux kernel allows a local attacker to obtain sensitive kernel
-    information by gaining access to kernel memory via several leaks in the
-    /proc interfaces. These vulnerabilities exist in various drivers which make
-    up a working Linux kernel, some of which are present across all
-    architectures and configurations.
-    CVE-2004-0415 deals with addressing invalid 32 to 64 bit conversions in the
-    kernel, as well as insecure direct access to file offset pointers in kernel
-    code which can be modified by the open(...), lseek(...) and other core
-    system I/O functions by an attacker.
-    CVE-2004-0685 deals with certain USB drivers using uninitialized structures
-    and then using the copy_to_user(...) kernel call to copy these structures.
-    This may leak uninitialized kernel memory, which can contain sensitive
-    information from user applications.
-    Finally, a race condition with the /proc/.../cmdline node was found,
-    allowing environment variables to be read while the process was still
-    spawning. If the race is won, environment variables of the process, which
-    might not be owned by the attacker, can be read.
-  
-Impact
-
-    These vulnerabilities allow a local unprivileged attacker to access
-    segments of kernel memory or environment variables which may contain
-    sensitive information. Kernel memory may contain passwords, data
-    transferred between processes, any memory which applications did not
-    clear upon exiting as well as the kernel cache and kernel buffers.
-    This information may be used to read sensitive data, open other attack
-    vectors for further exploitation or cause a Denial of Service if the
-    attacker can gain superuser access via the leaked information.
-  
-Workaround
-
-    There is no temporary workaround for any of these information leaks other
-    than totally disabling /proc support - otherwise, a kernel upgrade is
-    required. A list of unaffected kernels is provided along with this
-    announcement.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0415
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0685
-
-
-Solution: 
-    Users are encouraged to upgrade to the latest available sources for their
-    system:
-    # emerge sync
-    # emerge -pv your-favorite-sources
-    # emerge your-favorite-sources
-    # # Follow usual procedure for compiling and installing a kernel.
-    # # If you use genkernel, run genkernel as you would normally.
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-24] Linux Kernel: Multiple information leaks");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Linux Kernel: Multiple information leaks');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-kernel/sparc-sources", unaffected: make_list("ge 2.4.27-r1"), vulnerable: make_list("lt 2.4.27-r1")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/uclinux-sources", unaffected: make_list("rge 2.4.26_p0-r6", "ge 2.6.7_p0-r5"), vulnerable: make_list("lt 2.6.7_p0-r5")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/selinux-sources", unaffected: make_list("ge 2.4.26-r3"), vulnerable: make_list("lt 2.4.26-r3")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/pegasos-dev-sources", unaffected: make_list("ge 2.6.8"), vulnerable: make_list("lt 2.6.8")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/hppa-sources", unaffected: make_list("ge 2.4.26_p7-r1"), vulnerable: make_list("lt 2.4.26_p7-r1")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ck-sources", unaffected: make_list("rge 2.4.26-r1", "ge 2.6.7-r5"), vulnerable: make_list("lt 2.6.7-r5")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/mm-sources", unaffected: make_list("ge 2.6.8_rc4-r1"), vulnerable: make_list("lt 2.6.8_rc4-r1")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/xbox-sources", unaffected: make_list("rge 2.4.27-r1", "ge 2.6.7-r5"), vulnerable: make_list("lt 2.6.7-r5")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/hardened-dev-sources", unaffected: make_list("ge 2.6.7-r7"), vulnerable: make_list("lt 2.6.7-r7")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/wolk-sources", unaffected: make_list("rge 4.9-r14", "rge 4.11-r10", "ge 4.14-r7"), vulnerable: make_list("lt 4.14-r7")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/development-sources", unaffected: make_list("ge 2.6.8"), vulnerable: make_list("lt 2.6.8")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/grsec-sources", unaffected: make_list("ge 2.4.27.2.0.1-r1"), vulnerable: make_list("lt 2.4.27.2.0.1-r1")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/alpha-sources", unaffected: make_list("ge 2.4.21-r12"), vulnerable: make_list("lt 2.4.21-r12")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/ia64-sources", unaffected: make_list("ge 2.4.24-r10"), vulnerable: make_list("lt 2.4.24-r10")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/gentoo-sources", unaffected: make_list("rge 2.4.19-r22", "rge 2.4.20-r25", "rge 2.4.22-r16", "rge 2.4.25-r9", "ge 2.4.26-r9"), vulnerable: make_list("lt 2.4.26-r9")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/vserver-sources", unaffected: make_list("ge 2.4.26.1.28-r4"), vulnerable: make_list("lt 2.4.26.1.28-r4")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/gentoo-dev-sources", unaffected: make_list("ge 2.6.7-r12"), vulnerable: make_list("lt 2.6.7-r12")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/openmosix-sources", unaffected: make_list("ge 2.4.24-r4"), vulnerable: make_list("lt 2.4.24-r4")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/aa-sources", unaffected: make_list("rge 2.4.23-r2", "ge 2.6.5-r5"), vulnerable: make_list("lt 2.6.5-r5")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/pac-sources", unaffected: make_list("ge 2.4.23-r12"), vulnerable: make_list("lt 2.4.23-r12")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/gs-sources", unaffected: make_list("ge 2.4.25_pre7-r11"), vulnerable: make_list("lt 2.4.25_pre7-r11")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/hardened-sources", unaffected: make_list("ge 2.4.27-r1"), vulnerable: make_list("lt 2.4.27-r1")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/win4lin-sources", unaffected: make_list("rge 2.4.26-r6", "ge 2.6.7-r2"), vulnerable: make_list("lt 2.6.7-r5")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/vanilla-sources", unaffected: make_list("ge 2.4.27"), vulnerable: make_list("lt 2.4.27")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/mips-sources", unaffected: make_list("rge 2.4.25-r8", "rge 2.4.26-r8", "rge 2.6.4-r8", "rge 2.6.6-r8", "ge 2.6.7-r5"), vulnerable: make_list("lt 2.6.6-r8")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/rsbac-sources", unaffected: make_list("ge 2.4.26-r5"), vulnerable: make_list("lt 2.4.26-r5")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/rsbac-dev-sources", unaffected: make_list("ge 2.6.7-r5"), vulnerable: make_list("lt 2.6.7-r5")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/usermode-sources", unaffected: make_list("rge 2.4.24-r9", "rge 2.4.26-r6", "ge 2.6.6-r6"), vulnerable: make_list("lt 2.6.6-r6")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "sys-kernel/hppa-dev-sources", unaffected: make_list("ge 2.6.7_p14-r1"), vulnerable: make_list("lt 2.6.7_p14-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-25.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-25.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-25.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,68 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-25.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14581);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-25");
- script_xref(name: "OSVDB", value: "8194");
- script_xref(name: "OSVDB", value: "8195");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-25
-(MoinMoin: Group ACL bypass)
-
-
-    MoinMoin contains two unspecified bugs, one allowing anonymous users
-    elevated access when not using ACLs, and the other in the ACL handling in
-    the PageEditor.
-  
-Impact
-
-    Restrictions on anonymous users were not properly enforced. This could lead
-    to unauthorized users gaining administrative access to functions such as
-    "revert" and "delete". Sites are vulnerable whether or
-    not they are using ACLs.
-  
-Workaround
-
-    There is no known workaround.
-  
-References:
-    https://sourceforge.net/project/shownotes.php?group_id=8482&release_id=254801
-    http://www.osvdb.org/displayvuln.php?osvdb_id=8194
-    http://www.osvdb.org/displayvuln.php?osvdb_id=8195
-
-
-Solution: 
-    All users should upgrade to the latest available version of MoinMoin, as
-    follows:
-    # emerge sync
-    # emerge -pv ">=net-ww/moinmoin-1.2.3"
-    # emerge ">=net-ww/moinmoin-1.2.3"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-25] MoinMoin: Group ACL bypass");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'MoinMoin: Group ACL bypass');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/moinmoin", unaffected: make_list("ge 1.2.3"), vulnerable: make_list("le 1.2.2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-26.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-26.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-26.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,66 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-26.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14582);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-26");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-26
-(zlib: Denial of service vulnerability)
-
-
-    zlib contains a bug in the handling of errors in the "inflate()"
-    and "inflateBack()" functions.
-  
-Impact
-
-    An attacker could exploit this vulnerability to launch a Denial of Service
-    attack on any application using the zlib library.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version of zlib.
-  
-References:
-    http://www.openpkg.org/security/OpenPKG-SA-2004.038-zlib.html
-
-
-Solution: 
-    All zlib users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=sys-libs/zlib-1.2.1-r3"
-    # emerge ">=sys-libs/zlib-1.2.1-r3"
-    You should also run revdep-rebuild to rebuild any packages that depend on
-    older versions of zlib :
-    # revdep-rebuild
-    Please note that any packages which have the zlib library compiled statically will not show up using revdep-rebuild.
-    You will need to locate those packages manually and then remerge them.
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-26] zlib: Denial of service vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'zlib: Denial of service vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-libs/zlib", unaffected: make_list("ge 1.2.1-r3"), vulnerable: make_list("le 1.2.1-r2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200408-27.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200408-27.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200408-27.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,68 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14583);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200408-27");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200408-27
-(Gaim: New vulnerabilities)
-
-
-    Gaim fails to do proper bounds checking when:
-    Handling MSN messages (partially fixed with GLSA 200408-12).
-    Handling rich text format messages.
-    Resolving local hostname.
-    Receiving long URLs.
-    Handling groupware messages.
-    Allocating memory for webpages with fake content-length header.
-    Furthermore Gaim fails to escape filenames when using drag and drop
-    installation of smiley themes.
-  
-Impact
-
-    These vulnerabilites could allow an attacker to crash Gaim or execute
-    arbitrary code or commands with the permissions of the user running Gaim.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version of Gaim.
-  
-References:
-    http://gaim.sourceforge.net/security/index.php
-
-
-Solution: 
-    All gaim users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-im/gaim-0.81-r5"
-    # emerge ">=net-im/gaim-0.81-r5"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200408-27] Gaim: New vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Gaim: New vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-im/gaim", unaffected: make_list("ge 0.81-r5"), vulnerable: make_list("lt 0.81-r5")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-01.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-01.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-01.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-01.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14648);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-01");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-01
-(vpopmail: Multiple vulnerabilities)
-
-
-    vpopmail is vulnerable to several unspecified SQL injection exploits.
-    Furthermore when using Sybase as the backend database vpopmail is
-    vulnerable to a buffer overflow and format string exploit.
-  
-Impact
-
-    These vulnerabilities could allow an attacker to execute code with the
-    permissions of the user running vpopmail.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version of vpopmail.
-  
-References:
-    http://sourceforge.net/forum/forum.php?forum_id=400873
-    http://www.securityfocus.com/archive/1/371913/2004-08-15/2004-08-21/0
-
-
-Solution: 
-    All vpopmail users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-mail/vpopmail-5.4.6"
-    # emerge ">=net-mail/vpopmail-5.4.6"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-01] vpopmail: Multiple vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'vpopmail: Multiple vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-mail/vpopmail", unaffected: make_list("ge 5.4.6"), vulnerable: make_list("lt 5.4.6")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-02.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-02.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-02.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,67 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-02.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14649);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-02");
- script_cve_id("CVE-2004-0457");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-02
-(MySQL: Insecure temporary file creation in mysqlhotcopy)
-
-
-    Jeroen van Wolffelaar discovered that the MySQL database hot copy utility
-    (mysqlhotcopy.sh), when using the scp method, uses temporary files with
-    predictable names. A malicious local user with write access to the /tmp
-    directory could create a symbolic link pointing to a file, which may then
-    be overwritten. In cases where mysqlhotcopy is run as root, a malicious
-    user could create a symlink to a critical file such as /etc/passwd and
-    cause it to be overwritten.
-  
-Impact
-
-    A local attacker could use this vulnerability to destroy other users\' data
-    or corrupt and destroy system files, possibly leading to a denial of
-    service condition.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0457
-
-
-Solution: 
-    All MySQL users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=dev-db/mysql-4.0.20-r1"
-    # emerge ">=dev-db/mysql-4.0.20-r1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-02] MySQL: Insecure temporary file creation in mysqlhotcopy");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'MySQL: Insecure temporary file creation in mysqlhotcopy');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-db/mysql", unaffected: make_list("ge 4.0.20-r1"), vulnerable: make_list("le 4.0.20")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-03.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-03.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-03.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,60 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-03.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14650);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-03");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-03
-(Python 2.2: Buffer overflow in getaddrinfo())
-
-
-    If IPV6 is disabled in Python 2.2, getaddrinfo() is not able to handle IPV6
-    DNS requests properly and a buffer overflow occurs.
-  
-Impact
-
-    An attacker can execute arbitrary code as the user running python.
-  
-Workaround
-
-    Users with IPV6 enabled are not affected by this vulnerability.
-  
-References:
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0150
-    http://www.osvdb.org/4172
-
-
-Solution: 
-    All Python 2.2 users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=dev-lang/python-2.2.2"
-    # emerge ">=dev-lang/python-2.2.2"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-03] Python 2.2: Buffer overflow in getaddrinfo()");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Python 2.2: Buffer overflow in getaddrinfo()');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-lang/python", unaffected: make_list("ge 2.2.2", "lt 2.2"), vulnerable: make_list("lt 2.2.2")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-04.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-04.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-04.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-04.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14651);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-04");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-04
-(Squid: Denial of service when using NTLM authentication)
-
-
-    Squid 2.5.x versions contain a bug in the functions ntlm_fetch_string() and
-    ntlm_get_string() which lack checking the int32_t offset "o" for
-    negative values.
-  
-Impact
-
-    A remote attacker could cause a denial of service situation by sending
-    certain malformed NTLMSSP packets if NTLM authentication is enabled.
-  
-Workaround
-
-    Disable NTLM authentication by removing any "auth_param ntlm program
-    ..." directives from squid.conf or use ntlm_auth from Samba-3.x.
-  
-References:
-    http://www1.uk.squid-cache.org/squid/Versions/v2/2.5/bugs/#squid-2.5.STABLE6-ntlm_fetch_string
-
-
-Solution: 
-    All Squid users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=net-www/squid-2.5.6-r2"
-    # emerge ">=net-www/squid-2.5.6-r2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-04] Squid: Denial of service when using NTLM authentication");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Squid: Denial of service when using NTLM authentication');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "www-proxy/squid", unaffected: make_list("ge 2.5.6-r2", "lt 2.5"), vulnerable: make_list("le 2.5.6-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-05.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-05.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-05.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,72 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-05.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14652);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-05");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-05
-(Gallery: Arbitrary command execution)
-
-
-    The upload handling code in Gallery places uploaded files in a temporary
-    directory. After 30 seconds, these files are deleted if they are not valid
-    images. However, since the file exists for 30 seconds, a carefully crafted
-    script could be initiated by the remote attacker during this 30 second
-    timeout. Note that the temporary directory has to be located inside the
-    webroot and an attacker needs to have upload rights either as an
-    authenticated user or via "EVERYBODY".
-  
-Impact
-
-    An attacker could run arbitrary code as the user running PHP.
-  
-Workaround
-
-    There are several workarounds to this vulnerability:
-    Make sure that your temporary directory is not contained in the
-    webroot; by default it is located outside the webroot.
-    Disable upload rights to all albums for "EVERYBODY"; upload
-    is disabled by default.
-    Disable debug and dev mode; these settings are disabled by
-    default.
-    Disable allow_url_fopen in php.ini.
-  
-References:
-    http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0757.html
-    http://gallery.menalto.com/modules.php?op=modload&name=News&file=article&sid=134&mode=thread&order=0&thold=0
-
-
-Solution: 
-    All Gallery users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=www-apps/gallery-1.4.4_p2"
-    # emerge ">=www-apps/gallery-1.4.4_p2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-05] Gallery: Arbitrary command execution");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Gallery: Arbitrary command execution');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "www-apps/gallery", unaffected: make_list("ge 1.4.4_p2"), vulnerable: make_list("lt 1.4.4_p2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-06.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-06.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-06.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-06.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14653);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-06");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-06
-(eGroupWare: Multiple XSS vulnerabilities)
-
-
-    Joxean Koret recently discovered multiple cross site scripting
-    vulnerabilities in various modules for the eGroupWare suite. This includes
-    the calendar, address book, messenger and ticket modules.
-  
-Impact
-
-    These vulnerabilities give an attacker the ability to inject and execute
-    malicious script code, potentially compromising the victim\'s browser.
-  
-Workaround
-
-    There is no known workaround at this time. All users are encouraged to
-    upgrade to the latest available version of eGroupWare.
-  
-References:
-    https://sourceforge.net/forum/forum.php?forum_id=401807
-    http://www.securityfocus.com/archive/1/372603/2004-08-21/2004-08-27/0
-
-
-Solution: 
-    All eGroupWare users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=www-apps/egroupware-1.0.00.004"
-    # emerge ">=www-apps/egroupware-1.0.00.004"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-06] eGroupWare: Multiple XSS vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'eGroupWare: Multiple XSS vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "www-apps/egroupware", unaffected: make_list("ge 1.0.00.004"), vulnerable: make_list("le 1.0.00.003")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-07.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-07.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-07.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-07.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14661);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-07");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-07
-(xv: Buffer overflows in image handling)
-
-
-    Multiple buffer overflow and integer handling vulnerabilities have been
-    discovered in xv\'s image processing code. These vulnerabilities have been
-    found in the xvbmp.c, xviris.c, xvpcx.c and xvpm.c source files.
-  
-Impact
-
-    An attacker might be able to embed malicious code into an image, which
-    would lead to the execution of arbitrary code under the privileges of the
-    user viewing the image.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.securityfocus.com/archive/1/372345/2004-08-15/2004-08-21/0
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0802
-
-
-Solution: 
-    All xv users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=media-gfx/xv-3.10a-r7"
-    # emerge ">=media-gfx/xv-3.10a-r7"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-07] xv: Buffer overflows in image handling");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'xv: Buffer overflows in image handling');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-gfx/xv", unaffected: make_list("ge 3.10a-r7"), vulnerable: make_list("lt 3.10a-r7")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-08.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-08.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-08.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,67 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-08.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14662);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-08");
- script_cve_id("CVE-2004-0755");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-08
-(Ruby: CGI::Session creates files insecurely)
-
-
-    The CGI::Session::FileStore implementation (and presumably
-    CGI::Session::PStore), which allow data associated with a particular
-    Session instance to be written to a file, writes to a file in /tmp with no
-    regard for secure permissions. As a result, the file is left with whatever
-    the default umask permissions are, which commonly would allow other local
-    users to read the data from that session file.
-  
-Impact
-
-    Depending on the default umask, any data stored using these methods could
-    be read by other users on the system.
-  
-Workaround
-
-    By changing the default umask on the system to not permit read access to
-    other users (e.g. 0700), one can prevent these files from being readable by
-    other users.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0755
-
-
-Solution: 
-    All Ruby users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=dev-lang/ruby-your_version"
-    # emerge ">=dev-lang/ruby-your_version"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-08] Ruby: CGI::Session creates files insecurely");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Ruby: CGI::Session creates files insecurely');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-lang/ruby", unaffected: make_list("rge 1.6.8-r11", "rge 1.8.0-r7", "ge 1.8.2_pre2"), vulnerable: make_list("lt 1.8.2_pre2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-09.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-09.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-09.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,77 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-09.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14666);
- if(defined_func("script_xref"))script_xref(name:"IAVA", value:"2004-t-0027");
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-09");
- script_cve_id("CVE-2004-0642", "CVE-2004-0643", "CVE-2004-0644", "CVE-2004-0772");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-09
-(MIT krb5: Multiple vulnerabilities)
-
-
-    The implementation of the Key Distribution Center (KDC) and the MIT krb5
-    library contain double-free vulnerabilities, making client programs as well
-    as application servers vulnerable.
-    The ASN.1 decoder library is vulnerable to a denial of service attack,
-    including the KDC.
-  
-Impact
-
-    The double-free vulnerabilities could allow an attacker to execute
-    arbitrary code on a KDC host and hosts running krb524d or vulnerable
-    services. In the case of a KDC host, this can lead to a compromise of the
-    entire Kerberos realm. Furthermore, an attacker impersonating a legitimate
-    KDC or application server can potentially execute arbitrary code on
-    authenticating clients.
-    An attacker can cause a denial of service for a KDC or application server
-    and clients, the latter if impersonating a legitimate KDC or application
-    server.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt
-    http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-003-asn1.txt
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0642
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0643
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0644
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0772
-
-
-Solution: 
-    All mit-krb5 users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=app-crypt/mit-krb5-1.3.4"
-    # emerge ">=app-crypt/mit-krb5-1.3.4"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-09] MIT krb5: Multiple vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'MIT krb5: Multiple vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-crypt/mit-krb5", unaffected: make_list("ge 1.3.4"), vulnerable: make_list("lt 1.3.4")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-10.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-10.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-10.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,60 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-10.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14669);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-10");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-10
-(multi-gnome-terminal: Information leak)
-
-
-    multi-gnome-terminal contains debugging code that has been known to output
-    active keystrokes to a potentially unsafe location. Output has been seen to
-    show up in the \'.xsession-errors\' file in the users home directory. Since
-    this file is world-readable on many machines, this bug has the potential to
-    leak sensitive information to anyone using the system.
-  
-Impact
-
-    Any authorized user on the local machine has the ability to read any
-    critical data that has been entered into the terminal, including passwords.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-
-Solution: 
-    All multi-gnome-terminal users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=x11-terms/multi-gnome-terminal-1.6.2-r1"
-    # emerge ">=x11-terms/multi-gnome-terminal-1.6.2-r1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-10] multi-gnome-terminal: Information leak");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'multi-gnome-terminal: Information leak');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "x11-terms/multi-gnome-terminal", unaffected: make_list("ge 1.6.2-r1"), vulnerable: make_list("lt 1.6.2-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-11.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-11.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-11.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,60 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-11.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14675);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-11");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-11
-(star: Suid root vulnerability)
-
-
-    A suid root vulnerability exists in versions of star that are configured to
-    use ssh for remote tape access.
-  
-Impact
-
-    Attackers with local user level access could potentially gain root level
-    access.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    https://lists.berlios.de/pipermail/star-users/2004-August/000239.html
-
-
-Solution: 
-    All star users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=app-arch/star-1.5_alpha46"
-    # emerge ">=app-arch/star-1.5_alpha46"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-11] star: Suid root vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'star: Suid root vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-arch/star", unaffected: make_list("ge star-1.5_alpha46"), vulnerable: make_list("lt star-1.5_alpha46")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-12.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-12.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,79 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14677);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-12");
- script_cve_id("CVE-2004-0817", "CVE-2004-0802");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-12
-(ImageMagick, imlib, imlib2: BMP decoding buffer overflows)
-
-
-    Due to improper bounds checking, ImageMagick and imlib are vulnerable to a
-    buffer overflow when decoding runlength-encoded bitmaps. This bug can be
-    exploited using a specially-crafted BMP image and could potentially allow
-    remote code execution when this image is decoded by the user.
-  
-Impact
-
-    A specially-crafted runlength-encoded BMP could lead ImageMagick and imlib
-    to crash or potentially execute arbitrary code.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0817
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0802
-    http://studio.imagemagick.org/pipermail/magick-developers/2004-August/002011.html
-    http://securitytracker.com/alerts/2004/Aug/1011104.html
-    http://securitytracker.com/alerts/2004/Aug/1011105.html
-
-
-Solution: 
-    All ImageMagick users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=media-gfx/imagemagick-6.0.7.1"
-    # emerge ">=media-gfx/imagemagick-6.0.7.1"
-    All imlib users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=media-libs/imlib-1.9.14-r2"
-    # emerge ">=media-libs/imlib-1.9.14-r2"
-    All imlib2 users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=media-libs/imlib2-1.1.2"
-    # emerge ">=media-libs/imlib2-1.1.2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-12] ImageMagick, imlib, imlib2: BMP decoding buffer overflows");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'ImageMagick, imlib, imlib2: BMP decoding buffer overflows');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-libs/imlib", unaffected: make_list("ge 1.9.14-r2"), vulnerable: make_list("lt 1.9.14-r2")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "media-gfx/imagemagick", unaffected: make_list("ge 6.0.7.1"), vulnerable: make_list("lt 6.0.7.1")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "media-libs/imlib2", unaffected: make_list("ge 1.1.2"), vulnerable: make_list("lt 1.1.2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-13.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-13.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,69 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-13.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14694);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-13");
- script_cve_id("CVE-2004-0694", "CVE-2004-0745", "CVE-2004-0769", "CVE-2004-0771");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-13
-(LHa: Multiple vulnerabilities)
-
-
-    The command line argument as well as the archive parsing code of LHa lack
-    sufficient bounds checking. Furthermore, a shell meta character command
-    execution vulnerability exists in LHa, since it does no proper filtering on
-    directory names.
-  
-Impact
-
-    Using a specially crafted command line argument or archive, an attacker can
-    cause a buffer overflow and could possibly run arbitrary code. The shell
-    meta character command execution could lead to the execution of arbitrary
-    commands by an attacker using directories containing shell meta characters
-    in their names.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0694
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0745
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0769
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0771
-
-
-Solution: 
-    All LHa users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=app-arch/lha-114i-r4"
-    # emerge ">=app-arch/lha-114i-r4"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-13] LHa: Multiple vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'LHa: Multiple vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-arch/lha", unaffected: make_list("ge 114i-r4"), vulnerable: make_list("le 114i-r3")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-14.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-14.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-14.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2004 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14695);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-14");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-14
-(Samba: Remote printing vulnerability)
-
-
-    Due to a bug in the printer_notify_info() function, authorized users could
-    potentially crash the Samba server by sending improperly handled print
-    change notification requests in an invalid order. Windows XP SP2 clients
-    can trigger this behavior by sending a FindNextPrintChangeNotify() request
-    before previously sending a FindFirstPrintChangeNotify() request.
-  
-Impact
-
-    A remote authorized user could potentially crash a Samba server after
-    issuing these out of sequence requests.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://samba.org/samba/history/samba-3.0.6.html
-    http://www.securityfocus.com/archive/1/373619
-
-
-Solution: 
-    All Samba users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-fs/samba-3.0.6"
-    # emerge ">=net-fs/samba-3.0.6"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2004 Michel Arboi");
- script_name(english: "[GLSA-200409-14] Samba: Remote printing vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Samba: Remote printing vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-fs/samba", unaffected: make_list("ge 3.0.6"), vulnerable: make_list("lt 3.0.6")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-15.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-15.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,72 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-15.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14705);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-15");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-15
-(Webmin, Usermin: Multiple vulnerabilities in Usermin)
-
-
-    There is an input validation bug in the webmail feature of Usermin.
-    Additionally, the Webmin and Usermin installation scripts write to
-    /tmp/.webmin without properly checking if it exists first.
-  
-Impact
-
-    The first vulnerability allows a remote attacker to inject arbitrary shell
-    code in a specially-crafted e-mail. This could lead to remote code
-    execution with the privileges of the user running Webmin or Usermin.
-    The second could allow local users who know Webmin or Usermin is going to
-    be installed to have arbitrary files be overwritten by creating a symlink
-    by the name /tmp/.webmin that points to some target file, e.g. /etc/passwd.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://secunia.com/advisories/12488/
-    http://www.webmin.com/uchanges.html
-
-
-Solution: 
-    All Usermin users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=app-admin/usermin-1.090"
-    # emerge ">=app-admin/usermin-1.090"
-    All Webmin users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=app-admin/webmin-1.160"
-    # emerge ">=app-admin/webmin-1.160"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-15] Webmin, Usermin: Multiple vulnerabilities in Usermin");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Webmin, Usermin: Multiple vulnerabilities in Usermin');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-admin/usermin", unaffected: make_list("ge 1.090"), vulnerable: make_list("lt 1.090")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "app-admin/webmin", unaffected: make_list("ge 1.160"), vulnerable: make_list("lt 1.160")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-16.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-16.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-16.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,68 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-16.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14710);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-16");
- script_cve_id("CVE-2004-0807", "CVE-2004-0808");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-16
-(Samba: Denial of Service vulnerabilities)
-
-
-    There is a defect in smbd\'s ASN.1 parsing. A bad packet received during the
-    authentication request could throw newly-spawned smbd processes into an
-    infinite loop (CVE-2004-0807). Another defect was found in nmbd\'s
-    processing of mailslot packets, where a bad NetBIOS request could crash the
-    nmbd process (CVE-2004-0808).
-  
-Impact
-
-    A remote attacker could send specially crafted packets to trigger both
-    defects. The ASN.1 parsing issue can be exploited to exhaust all available
-    memory on the Samba host, potentially denying all service to that server.
-    The nmbd issue can be exploited to crash the nmbd process, resulting in a
-    Denial of Service condition on the Samba server.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0807
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0808
-
-
-Solution: 
-    All Samba 3.x users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-fs/samba-3.0.7"
-    # emerge ">=net-fs/samba-3.0.7"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-16] Samba: Denial of Service vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Samba: Denial of Service vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-fs/samba", unaffected: make_list("ge 3.0.7", "lt 3.0"), vulnerable: make_list("lt 3.0.7")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-17.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-17.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-17.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-17.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14725);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-17");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-17
-(SUS: Local root vulnerability)
-
-
-    Leon Juranic found a bug in the logging functionality of SUS that can lead
-    to local privilege escalation. A format string vulnerability exists in the
-    log() function due to an incorrect call to the syslog() function.
-  
-Impact
-
-    An attacker with local user privileges can potentially exploit this
-    vulnerability to gain root access.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://pdg.uow.edu.au/sus/CHANGES
-    http://www.securityfocus.com/archive/1/375109/2004-09-11/2004-09-17/0
-
-
-Solution: 
-    All SUS users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=app-admin/sus-2.0.2-r1"
-    # emerge ">=app-admin/sus-2.0.2-r1"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-17] SUS: Local root vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'SUS: Local root vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-admin/sus", unaffected: make_list("ge 2.0.2-r1"), vulnerable: make_list("lt 2.0.2-r1")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-18.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-18.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-18.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,67 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-18.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14746);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-18");
- script_cve_id("CVE-2004-0806");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-18
-(cdrtools: Local root vulnerability in cdrecord if set SUID root)
-
-
-    Max Vozeler discovered that the cdrecord utility, when set to SUID root,
-    fails to drop root privileges before executing a user-supplied RSH program.
-    By default, Gentoo does not ship the cdrecord utility as SUID root and
-    therefore is not vulnerable. However, many users (and CD-burning
-    front-ends) set this manually after installation.
-  
-Impact
-
-    A local attacker could specify a malicious program using the $RSH
-    environment variable and have it executed by the SUID cdrecord, resulting
-    in root privileges escalation.
-  
-Workaround
-
-    As a workaround, you could remove the SUID rights from your cdrecord
-    utility :
-    # chmod a-s /usr/bin/cdrecord
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0806
-
-
-Solution: 
-    All cdrtools users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=app-cdr/cdrtools-2.01_alpha37-r1"
-    # emerge ">=app-cdr/cdrtools-2.01_alpha37-r1"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-18] cdrtools: Local root vulnerability in cdrecord if set SUID root");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'cdrtools: Local root vulnerability in cdrecord if set SUID root');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-cdr/cdrtools", unaffected: make_list("ge 2.01_alpha37-r1", "rge 2.01_alpha28-r2"), vulnerable: make_list("le 2.01_alpha37")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-19.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-19.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-19.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,66 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-19.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14745);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-19");
- script_cve_id("CVE-2004-0794");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-19
-(Heimdal: ftpd root escalation)
-
-
-    Przemyslaw Frasunek discovered several flaws in lukemftpd, which also apply
-    to Heimdal ftpd\'s out-of-band signal handling code.
-    Additionally, a potential vulnerability that could lead to Denial of
-    Service by the Key Distribution Center (KDC) has been fixed in this
-    version.
-  
-Impact
-
-    A remote attacker could be able to run arbitrary code with escalated
-    privileges, which can result in a total compromise of the server.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.pdc.kth.se/heimdal/advisory/2004-09-13/
-    http://www.frasunek.com/lukemftpd.txt
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0794
-
-
-Solution: 
-    All Heimdal users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=app-crypt/heimdal-0.6.3"
-    # emerge ">=app-crypt/heimdal-0.6.3"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-19] Heimdal: ftpd root escalation");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Heimdal: ftpd root escalation');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-crypt/heimdal", unaffected: make_list("ge 0.6.3"), vulnerable: make_list("lt 0.6.3")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-20.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-20.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-20.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-20.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14747);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-20");
- script_cve_id("CVE-2004-0805");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-20
-(mpg123: Buffer overflow vulnerability)
-
-
-    mpg123 contains a buffer overflow in the code that handles layer2
-    decoding of media files.
-  
-Impact
-
-    An attacker can possibly exploit this bug with a specially-crafted mp3 or mp2 file
-    to execute arbitrary code with the permissions of the user running mpg123.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.securityfocus.com/archive/1/374433/2004-09-05/2004-09-11/0
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0805
-
-
-Solution: 
-    All mpg123 users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=media-sound/mpg123-0.59s-r4"
-    # emerge ">=media-sound/mpg123-0.59s-r4"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-20] mpg123: Buffer overflow vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'mpg123: Buffer overflow vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-sound/mpg123", unaffected: make_list("ge 0.59s-r4"), vulnerable: make_list("le 0.59s-r3")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-21.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-21.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-21.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,83 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-21.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14766);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-21");
- script_cve_id("CVE-2004-0747", "CVE-2004-0748", "CVE-2004-0751", "CVE-2004-0786", "CVE-2004-0809");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-21
-(Apache 2, mod_dav: Multiple vulnerabilities)
-
-
-    A potential infinite loop has been found in the input filter of mod_ssl
-    (CVE-2004-0748) as well as a possible segmentation fault in the
-    char_buffer_read function if reverse proxying to a SSL server is being used
-    (CVE-2004-0751). Furthermore, mod_dav, as shipped in Apache httpd 2 or
-    mod_dav 1.0.x for Apache 1.3, contains a NULL pointer dereference which can
-    be triggered remotely (CVE-2004-0809). The third issue is an input
-    validation error found in the IPv6 URI parsing routines within the apr-util
-    library (CVE-2004-0786). Additionally a possible buffer overflow has been
-    reported when expanding environment variables during the parsing of
-    configuration files (CVE-2004-0747).
-  
-Impact
-
-    A remote attacker could cause a Denial of Service either by aborting a SSL
-    connection in a special way, resulting in CPU consumption, by exploiting
-    the segmentation fault in mod_ssl or the mod_dav flaw. A remote attacker
-    could also crash a httpd child process by sending a specially crafted URI.
-    The last vulnerabilty could be used by a local user to gain the privileges
-    of a httpd child, if the server parses a carefully prepared .htaccess file.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0747
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0748
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0751
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0786
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0809
-
-
-Solution: 
-    All Apache 2 users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-www/apache-2.0.51"
-    # emerge ">=net-www/apache-2.0.51"
-    All mod_dav users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-www/mod_dav-1.0.3-r2"
-    # emerge ">=net-www/mod_dav-1.0.3-r2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-21] Apache 2, mod_dav: Multiple vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Apache 2, mod_dav: Multiple vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/mod_dav", unaffected: make_list("ge 1.0.3-r2"), vulnerable: make_list("le 1.0.3-r1")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "net-www/apache", unaffected: make_list("ge 2.0.51", "lt 2.0"), vulnerable: make_list("lt 2.0.51")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-22.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-22.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-22.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,61 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-22.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14767);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-22");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-22
-(phpGroupWare: XSS vulnerability in wiki module)
-
-
-    Due to an input validation error, the wiki module in the phpGroupWare suite
-    is vulnerable to cross site scripting attacks.
-  
-Impact
-
-    This vulnerability gives an attacker the ability to inject and execute
-    malicious script code, potentially compromising the victim\'s browser.
-  
-Workaround
-
-    The is no known workaround at this time.
-  
-References:
-    http://downloads.phpgroupware.org/changelog
-    http://secunia.com/advisories/12466/
-
-
-Solution: 
-    All phpGroupWare users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=www-apps/phpgroupware-0.9.16.003"
-    # emerge ">=www-apps/phpgroupware-0.9.16.003"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-22] phpGroupWare: XSS vulnerability in wiki module");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'phpGroupWare: XSS vulnerability in wiki module');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "www-apps/phpgroupware", unaffected: make_list("ge 0.9.16.003"), vulnerable: make_list("lt 0.9.16.003")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-23.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-23.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-23.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-23.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14774);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-23");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-23
-(SnipSnap: HTTP response splitting)
-
-
-    SnipSnap contains various HTTP response splitting vulnerabilities that
-    could potentially compromise the sites data. Some of these attacks include
-    web cache poisoning, cross-user defacement, hijacking pages with sensitive
-    user information, and cross-site scripting. This vulnerability is due to
-    the lack of illegal input checking in the software.
-  
-Impact
-
-    A malicious user could inject and execute arbitrary script code,
-    potentially compromising the victim\'s data or browser.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://snipsnap.org/space/start/2004-09-14/1#SnipSnap_1.0b1_(uttoxeter)_released
-
-
-Solution: 
-    All SnipSnap users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=dev-java/snipsnap-bin-1.0_beta1"
-    # emerge ">=dev-java/snipsnap-bin-1.0beta1"
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-23] SnipSnap: HTTP response splitting");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'SnipSnap: HTTP response splitting');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-java/snipsnap-bin", unaffected: make_list("ge 1.0_beta1"), vulnerable: make_list("lt 1.0_beta1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-24.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-24.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-24.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,69 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-24.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14779);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-24");
- script_cve_id("CVE-2004-0801");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-24
-(Foomatic: Arbitrary command execution in foomatic-rip filter)
-
-
-    There is a vulnerability in the foomatic-filters package. This
-    vulnerability is due to insufficient checking of command-line parameters
-    and environment variables in the foomatic-rip filter.
-  
-Impact
-
-    This vulnerability may allow both local and remote attackers to execute
-    arbitrary commands on the print server with the permissions of the spooler
-    (oftentimes the "lp" user).
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.linuxprinting.org/pipermail/foomatic-devel/2004q3/001996.html
-    http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:094
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0801
-
-
-Solution: 
-    All foomatic users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-print/foomatic-3.0.2"
-    # emerge ">=net-print/foomatic-3.0.2"
-    PLEASE NOTE: You should update foomatic, instead of foomatic-filters. This
-    will help to ensure that all other foomatic components remain functional.
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-24] Foomatic: Arbitrary command execution in foomatic-rip filter");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Foomatic: Arbitrary command execution in foomatic-rip filter');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-print/foomatic", unaffected: make_list("ge 3.0.2"), vulnerable: make_list("le 3.0.1")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "net-print/foomatic-filters", unaffected: make_list("ge 3.0.2"), vulnerable: make_list("le 3.0.1")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-25.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-25.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-25.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-25.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14780);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-25");
- script_cve_id("CVE-2004-0558");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-25
-(CUPS: Denial of service vulnerability)
-
-
-    Alvaro Martinez Echevarria discovered a hole in the CUPS Internet Printing
-    Protocol (IPP) implementation that allows remote attackers to cause CUPS to
-    stop listening on the IPP port.
-  
-Impact
-
-    A remote user with malicious intent can easily cause a denial of service to
-    the CUPS daemon by sending a specially-crafted UDP datagram packet to the
-    IPP port.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.cups.org/str.php?L863
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0558
-
-
-Solution: 
-    All CUPS users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-print/cups-1.1.20-r2"
-    # emerge ">=net-print/cups-1.1.20-r2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-25] CUPS: Denial of service vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'CUPS: Denial of service vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-print/cups", unaffected: make_list("ge 1.1.20-r2"), vulnerable: make_list("lt 1.1.20-r2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-26.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-26.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-26.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,90 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-26.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14781);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-26");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-26
-(Mozilla, Firefox, Thunderbird, Epiphany: New releases fix vulnerabilities)
-
-
-    Mozilla-based products are vulnerable to multiple security issues. Firstly
-    routines handling the display of BMP images and VCards contain an integer
-    overflow and a stack buffer overrun. Specific pages with long links, when
-    sent using the "Send Page" function, and links with non-ASCII
-    hostnames could both cause heap buffer overruns.
-    Several issues were found and fixed in JavaScript rights handling:
-    untrusted script code could read and write to the clipboard, signed scripts
-    could build confusing grant privileges dialog boxes, and when dragged onto
-    trusted frames or windows, JavaScript links could access information and
-    rights of the target frame or window. Finally, Mozilla-based mail clients
-    (Mozilla and Mozilla Thunderbird) are vulnerable to a heap overflow caused
-    by invalid POP3 mail server responses.
-  
-Impact
-
-    An attacker might be able to run arbitrary code with the rights of the user
-    running the software by enticing the user to perform one of the following
-    actions: view a specially-crafted BMP image or VCard, use the "Send
-    Page" function on a malicious page, follow links with malicious
-    hostnames, drag multiple JavaScript links in a row to another window, or
-    connect to an untrusted POP3 mail server. An attacker could also use a
-    malicious page with JavaScript to disclose clipboard contents or abuse
-    previously-given privileges to request XPI installation privileges through
-    a confusing dialog.
-  
-Workaround
-
-    There is no known workaround covering all vulnerabilities.
-  
-References:
-    http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3
-    http://www.us-cert.gov/cas/techalerts/TA04-261A.html
-
-
-Solution: 
-    All users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv your-version
-    # emerge your-version
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-26] Mozilla, Firefox, Thunderbird, Epiphany: New releases fix vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Mozilla, Firefox, Thunderbird, Epiphany: New releases fix vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/epiphany", unaffected: make_list("ge 1.2.9-r1"), vulnerable: make_list("lt 1.2.9-r1")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "net-www/mozilla-firefox-bin", unaffected: make_list("ge 1.0_pre"), vulnerable: make_list("lt 1.0_pre")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "mail-client/mozilla-thunderbird-bin", unaffected: make_list("ge 0.8"), vulnerable: make_list("lt 0.8")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "mail-client/mozilla-thunderbird", unaffected: make_list("ge 0.8"), vulnerable: make_list("lt 0.8")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "net-www/mozilla", unaffected: make_list("ge 1.7.3"), vulnerable: make_list("lt 1.7.3")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "net-www/mozilla-bin", unaffected: make_list("ge 1.7.3"), vulnerable: make_list("lt 1.7.3")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "net-www/mozilla-firefox", unaffected: make_list("ge 1.0_pre"), vulnerable: make_list("lt 1.0_pre")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-27.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-27.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-27.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,65 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-27.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14790);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-27");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-27
-(glFTPd: Local buffer overflow vulnerability)
-
-
-    The glFTPd server is vulnerable to a buffer overflow in the \'dupescan\'
-    program. This vulnerability is due to an unsafe strcpy() call which can
-    cause the program to crash when a large argument is passed.
-  
-Impact
-
-    A local user with malicious intent can pass a parameter to the dupescan
-    program that exceeds the size of the buffer, causing it to overflow. This
-    can lead the program to crash, and potentially allow arbitrary code
-    execution with the permissions of the user running glFTPd, which could be
-    the root user.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.securityfocus.com/archive/1/375775/2004-09-17/2004-09-23/0
-    http://www.glftpd.com/modules.php?op=modload&name=News&file=article&sid=23&mode=thread&order=0&thold=0
-
-
-Solution: 
-    All glFTPd users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-ftp/glftpd-1.32-r1"
-    # emerge ">=net-ftp/glftpd-1.32-r1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-27] glFTPd: Local buffer overflow vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'glFTPd: Local buffer overflow vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-ftp/glftpd", unaffected: make_list("ge 1.32-r1"), vulnerable: make_list("lt 1.32-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-28.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-28.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-28.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,78 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-28.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14791);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-28");
- script_cve_id("CVE-2004-0753", "CVE-2004-0782", "CVE-2004-0783", "CVE-2004-0788");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-28
-(GTK+ 2, gdk-pixbuf: Multiple image decoding vulnerabilities)
-
-
-    A vulnerability has been discovered in the BMP image preprocessor
-    (CVE-2004-0753). Furthermore, Chris Evans found a possible integer overflow
-    in the pixbuf_create_from_xpm() function, resulting in a heap overflow
-    (CVE-2004-0782). He also found a potential stack-based buffer overflow in
-    the xpm_extract_color() function (CVE-2004-0783). A possible integer
-    overflow has also been found in the ICO decoder.
-  
-Impact
-
-    With a specially crafted BMP image an attacker could cause an affected
-    application to enter an infinite loop when that image is being processed.
-    Also, by making use of specially crafted XPM or ICO images an attacker
-    could trigger the overflows, which potentially allows the execution of
-    arbitrary code.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0753
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0782
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0783
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0788
-    http://bugzilla.gnome.org/show_bug.cgi?id=150601
-
-
-Solution: 
-    All GTK+ 2 users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=x11-libs/gtk+-2.4.9-r1"
-    # emerge ">=x11-libs/gtk+-2.4.9-r1"
-    All GdkPixbuf users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=media-libs/gdk-pixbuf-0.22.0-r3"
-    # emerge ">=media-libs/gdk-pixbuf-0.22.0-r3"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-28] GTK+ 2, gdk-pixbuf: Multiple image decoding vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'GTK+ 2, gdk-pixbuf: Multiple image decoding vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-libs/gdk-pixbuf", unaffected: make_list("ge 0.22.0-r3"), vulnerable: make_list("lt 0.22.0-r3")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "x11-libs/gtk+", unaffected: make_list("ge 2.4.9-r1", "lt 2.0.0"), vulnerable: make_list("lt 2.4.9-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-29.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-29.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-29.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,60 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-29.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14797);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-29");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-29
-(FreeRADIUS: Multiple Denial of Service vulnerabilities)
-
-
-    There are undisclosed defects in the way FreeRADIUS handles incorrect
-    received packets.
-  
-Impact
-
-    A remote attacker could send specially-crafted packets to the FreeRADIUS
-    server to deny service to other users by crashing the server.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.freeradius.org/security.html
-
-
-Solution: 
-    All FreeRADIUS users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-dialup/freeradius-1.0.1"
-    # emerge ">=net-dialup/freeradius-1.0.1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-29] FreeRADIUS: Multiple Denial of Service vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'FreeRADIUS: Multiple Denial of Service vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-dialup/freeradius", unaffected: make_list("ge 1.0.1"), vulnerable: make_list("lt 1.0.1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-30.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-30.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-30.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,67 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-30.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14798);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-30");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-30
-(xine-lib: Multiple vulnerabilities)
-
-
-    xine-lib contains two stack-based overflows and one heap-based overflow. In
-    the code reading VCD disc labels, the ISO disc label is copied into an
-    unprotected stack buffer of fixed size. Also, there is a buffer overflow in
-    the code that parses subtitles and prepares them for display (XSA-2004-4).
-    Finally, xine-lib contains a heap-based overflow in the DVD sub-picture
-    decoder (XSA-2004-5).
-     (Please note that the VCD MRL issue mentioned in XSA-2004-4 was fixed
-    with GLSA 200408-18.)
-  
-Impact
-
-    With carefully-crafted VCDs, DVDs, MPEGs or subtitles, an attacker may
-    cause xine-lib to execute arbitrary code with the permissions of the user.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.securityfocus.com/archive/1/375485/2004-09-02/2004-09-08/0
-    http://www.securityfocus.com/archive/1/375482/2004-09-02/2004-09-08/0
-
-
-Solution: 
-    All xine-lib users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=media-libs/xine-lib-1_rc6"
-    # emerge ">=media-libs/xine-lib-1_rc6"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-30] xine-lib: Multiple vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'xine-lib: Multiple vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-libs/xine-lib", unaffected: make_list("ge 1_rc6"), vulnerable: make_list("le 1_rc5-r3")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-31.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-31.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-31.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-31.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14799);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-31");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-31
-(jabberd 1.x: Denial of Service vulnerability)
-
-
-    Jose Antonio Calvo found a defect in routines handling XML parsing of
-    incoming data. jabberd 1.x may crash upon reception of invalid data on any
-    socket connection on which XML is parsed.
-  
-Impact
-
-    A remote attacker may send a specific sequence of bytes to an open socket
-    to crash the jabberd server, resulting in a Denial of Service.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.jabber.org/pipermail/jabberd/2004-September/002004.html
-    http://www.jabber.org/pipermail/jadmin/2004-September/018046.html
-
-
-Solution: 
-    All jabberd users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-im/jabberd-1.4.3-r4"
-    # emerge ">=net-im/jabberd-1.4.3-r4"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-31] jabberd 1.x: Denial of Service vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'jabberd 1.x: Denial of Service vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-im/jabberd", unaffected: make_list("ge 1.4.3-r4"), vulnerable: make_list("le 1.4.3-r3")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-32.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-32.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-32.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,66 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-32.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14809);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-32");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-32
-(getmail: Filesystem overwrite vulnerability)
-
-
-    David Watson discovered a vulnerability in getmail when it is configured to
-    run as root and deliver mail to the maildirs/mbox files of untrusted local
-    users. A malicious local user can then exploit a race condition, or a
-    similar symlink attack, and potentially cause getmail to create or
-    overwrite files in any directory on the system.
-  
-Impact
-
-    An untrusted local user could potentially create or overwrite files in any
-    directory on the system. This vulnerability may also be exploited to have
-    arbitrary commands executed as root.
-  
-Workaround
-
-    Do not run getmail as a privileged user; or, in version 4, use an external
-    MDA with explicitly configured user and group privileges.
-  
-References:
-    http://www.qcc.ca/~charlesc/software/getmail-4/CHANGELOG
-    http://article.gmane.org/gmane.mail.getmail.user/1430
-
-
-Solution: 
-    All getmail users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-mail/getmail-4.2.0"
-    # emerge ">=net-mail/getmail-4.2.0"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-32] getmail: Filesystem overwrite vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'getmail: Filesystem overwrite vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-mail/getmail", unaffected: make_list("ge 4.2.0"), vulnerable: make_list("lt 4.2.0")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-33.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-33.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-33.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-33.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14811);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-33");
- script_cve_id("CVE-2004-0811");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-33
-(Apache: Exposure of protected directories)
-
-
-    A bug in the way Apache handles the Satisfy directive, which is used to
-    require that certain conditions (client host, client authentication, etc)
-    be met before access to a certain directory is granted, could allow the
-    exposure of protected directories to unauthorized clients.
-  
-Impact
-
-    Directories containing protected data could be exposed to all visitors to
-    the webserver.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://issues.apache.org/bugzilla/show_bug.cgi?id=31315
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0811
-
-
-Solution: 
-    All Apache users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-www/apache-2.0.51-r1"
-    # emerge ">=net-www/apache-2.0.51-r1"
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-33] Apache: Exposure of protected directories");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Apache: Exposure of protected directories');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/apache", unaffected: make_list("ge 2.0.51-r1", "lt 2.0.51"), vulnerable: make_list("eq 2.0.51")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-34.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-34.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-34.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,77 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-34.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(14821);
- if(defined_func("script_xref"))script_xref(name:"IAVA", value:"2005-t-0015");
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-34");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-34
-(X.org, XFree86: Integer and stack overflows in libXpm)
-
-
-    Chris Evans has discovered multiple integer and stack overflow
-    vulnerabilities in the X Pixmap library, libXpm, which is a part of the X
-    Window System. These overflows can be exploited by the execution of a
-    malicious XPM file, which can crash applications that are dependent on
-    libXpm.
-  
-Impact
-
-    A carefully-crafted XPM file could crash applications that are linked
-    against libXpm, potentially allowing the execution of arbitrary code with
-    the privileges of the user running the application.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://freedesktop.org/pipermail/xorg/2004-September/003196.html
-    http://freedesktop.org/pipermail/xorg/2004-September/003172.html
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0687
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0688
-
-
-Solution: 
-    All X.org users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=x11-base/xorg-x11-6.7.0-r2"
-    # emerge ">=x11-base/xorg-x11-6.7.0-r2"
-    All XFree86 users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=x11-base/xfree-4.3.0-r7"
-    # emerge ">=x11-base/xfree-4.3.0-r7"
-    Note: Usage of XFree86 is deprecated on the AMD64, HPPA, IA64, MIPS, PPC
-    and SPARC architectures: XFree86 users on those architectures should switch
-    to X.org rather than upgrading XFree86.
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-34] X.org, XFree86: Integer and stack overflows in libXpm");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'X.org, XFree86: Integer and stack overflows in libXpm');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "x11-base/xorg-x11", unaffected: make_list("rge 6.7.0-r2", "ge 6.8.0-r1"), vulnerable: make_list("lt 6.7.0-r2", "eq 6.8.0")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "x11-base/xfree", arch: "AMD64 HPPA IA64 MIPS PPC SPARC", unaffected: make_list(), vulnerable: make_list("lt 4.3.0-r7")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200409-35.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200409-35.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200409-35.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,65 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200409-35.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15406);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200409-35");
- script_cve_id("CVE-2004-0749");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200409-35
-(Subversion: Metadata information leak)
-
-
-    There is a bug in mod_authz_svn that causes it to reveal logged metadata
-    regarding commits to protected areas.
-  
-Impact
-
-    Protected files themselves will not be revealed, but an attacker could use
-    the metadata to reveal the existence of protected areas, such as paths,
-    file versions, and the commit logs from those areas.
-  
-Workaround
-
-    Rather than using mod_authz_svn, move protected areas into seperate
-    repositories and use native Apache authentication to make these
-    repositories unreadable.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0749
-    http://subversion.tigris.org/security/CAN-2004-0749-advisory.txt
-
-
-Solution: 
-    All Subversion users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=dev-util/subversion-1.0.8"
-    # emerge ">=dev-util/subversion-1.0.8"
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200409-35] Subversion: Metadata information leak");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Subversion: Metadata information leak');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-util/subversion", unaffected: make_list("ge 1.0.8"), vulnerable: make_list("lt 1.0.8")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-01.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-01.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-01.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-01.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15407);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-01");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-01
-(sharutils: Buffer overflows in shar.c and unshar.c)
-
-
-    sharutils contains two buffer overflows. Ulf Harnhammar discovered a buffer
-    overflow in shar.c, where the length of data returned by the wc command is
-    not checked. Florian Schilhabel discovered another buffer overflow in
-    unshar.c.
-  
-Impact
-
-    An attacker could exploit these vulnerabilities to execute arbitrary code
-    as the user running one of the sharutils programs.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=265904
-
-
-Solution: 
-    All sharutils users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=app-arch/sharutils-4.2.1-r10"
-    # emerge ">=app-arch/sharutils-4.2.1-r10"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-01] sharutils: Buffer overflows in shar.c and unshar.c");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'sharutils: Buffer overflows in shar.c and unshar.c');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-arch/sharutils", unaffected: make_list("ge 4.2.1-r10"), vulnerable: make_list("le 4.2.1-r9")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-02.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-02.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-02.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,66 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-02.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15418);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-02");
- script_cve_id("CVE-2003-0924");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-02
-(Netpbm: Multiple temporary file issues)
-
-
-    Utilities contained in the Netpbm package prior to the 9.25 version contain
-    defects in temporary file handling. They create temporary files with
-    predictable names without checking first that the target file doesn\'t
-    already exist.
-  
-Impact
-
-    A local attacker could create symbolic links in the temporary files
-    directory, pointing to a valid file somewhere on the filesystem. When a
-    user or a tool calls one of the affected utilities, this would result in
-    file overwriting with the rights of the user running the utility.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0924
-    http://www.kb.cert.org/vuls/id/487102
-
-
-Solution: 
-    All Netpbm users should upgrade to an unaffected version:
-    # emerge sync
-    # emerge -pv ">=media-libs/netpbm-10.0"
-    # emerge ">=media-libs/netpbm-10.0"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-02] Netpbm: Multiple temporary file issues");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Netpbm: Multiple temporary file issues');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-libs/netpbm", unaffected: make_list("ge 10.0"), vulnerable: make_list("le 9.12-r4")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-03.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-03.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-03.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,68 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-03.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15424);
- if(defined_func("script_xref"))script_xref(name:"IAVA", value:"2001-t-0008");
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-03");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-03
-(NetKit-telnetd: buffer overflows in telnet and telnetd)
-
-
-    A possible buffer overflow exists in the parsing of option strings by the
-    telnet daemon, where proper bounds checking is not applied when writing to
-    a buffer. Additionaly, another possible buffer overflow has been found by
-    Josh Martin in the handling of the environment variable HOME.
-  
-Impact
-
-    A remote attacker sending a specially-crafted options string to the telnet
-    daemon could be able to run arbitrary code with the privileges of the user
-    running the telnet daemon, usually root. Furthermore, an attacker could
-    make use of an overlong HOME variable to cause a buffer overflow in the
-    telnet client, potentially leading to the local execution of arbitrary
-    code.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0554
-    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=264846
-
-
-Solution: 
-    All NetKit-telnetd users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-misc/netkit-telnetd-0.17-r4"
-    # emerge ">=net-misc/netkit-telnetd-0.17-r4"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-03] NetKit-telnetd: buffer overflows in telnet and telnetd");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'NetKit-telnetd: buffer overflows in telnet and telnetd');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-misc/netkit-telnetd", unaffected: make_list("ge 0.17-r4"), vulnerable: make_list("le 0.17-r3")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-04.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-04.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-04.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,78 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-04.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15429);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-04");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-04
-(PHP: Memory disclosure and arbitrary location file upload)
-
-
-    Stefano Di Paola discovered two bugs in PHP. The first is a parse error in
-    php_variables.c that could allow a remote attacker to view the contents of
-    the target machine\'s memory. Additionally, an array processing error in the
-    SAPI_POST_HANDLER_FUNC() function inside rfc1867.c could lead to the
-    $_FILES array being overwritten.
-  
-Impact
-
-    A remote attacker could exploit the first vulnerability to view memory
-    contents. On a server with a script that provides file uploads, an attacker
-    could exploit the second vulnerability to upload files to an arbitrary
-    location. On systems where the HTTP server is allowed to write in a
-    HTTP-accessible location, this could lead to remote execution of arbitrary
-    commands with the rights of the HTTP server.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://secunia.com/advisories/12560/
-    http://www.securityfocus.com/archive/1/375294
-    http://www.securityfocus.com/archive/1/375370
-
-
-Solution: 
-    All PHP, mod_php and php-cgi users should upgrade to the latest stable
-    version:
-    # emerge sync
-    # emerge -pv ">=dev-php/php-4.3.9"
-    # emerge ">=dev-php/php-4.3.9"
-    # emerge -pv ">=dev-php/mod_php-4.3.9"
-    # emerge ">=dev-php/mod_php-4.3.9"
-    # emerge -pv ">=dev-php/php-cgi-4.3.9"
-    # emerge ">=dev-php/php-cgi-4.3.9"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-04] PHP: Memory disclosure and arbitrary location file upload");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'PHP: Memory disclosure and arbitrary location file upload');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-php/php", unaffected: make_list("ge 4.3.9 "), vulnerable: make_list("lt 4.3.9")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "dev-php/php-cgi", unaffected: make_list("ge 4.3.9"), vulnerable: make_list("lt 4.3.9")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "dev-php/mod_php", unaffected: make_list("ge 4.3.9"), vulnerable: make_list("lt 4.3.9")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-05.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-05.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-05.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15431);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-05");
- script_cve_id("CVE-2004-0884");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-05
-(Cyrus-SASL: Buffer overflow and SASL_PATH vulnerabilities)
-
-
-    Cyrus-SASL contains a remote buffer overflow in the digestmda5.c file.
-    Additionally, under certain conditions it is possible for a local user to
-    exploit a vulnerability in the way the SASL_PATH environment variable is
-    honored (CVE-2004-0884).
-  
-Impact
-
-    An attacker might be able to execute arbitrary code with the Effective ID
-    of the application calling the Cyrus-SASL libraries.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0884
-
-
-Solution: 
-    All Cyrus-SASL users should upgrade to the latest stable version:
-    # emerge sync
-    # emerge -pv ">=dev-libs/cyrus-sasl-2.1.18-r2"
-    # emerge ">=dev-libs/cyrus-sasl-2.1.18-r2"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-05] Cyrus-SASL: Buffer overflow and SASL_PATH vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Cyrus-SASL: Buffer overflow and SASL_PATH vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-libs/cyrus-sasl", unaffected: make_list("ge 2.1.18-r2"), vulnerable: make_list("le 2.1.18-r1")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-06.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-06.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-06.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,60 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-06.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15444);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-06");
- script_cve_id("CVE-2004-0923");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-06
-(CUPS: Leakage of sensitive information)
-
-
-    When printing to a SMB-shared printer requiring authentication, CUPS leaks
-    the user name and password to a logfile.
-  
-Impact
-
-    A local user could gain knowledge of sensitive authentication data.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0923
-
-
-Solution: 
-    All CUPS users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-print/cups-1.1.20-r3"
-    # emerge ">=net-print/cups-1.1.20-r3"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-06] CUPS: Leakage of sensitive information");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'CUPS: Leakage of sensitive information');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-print/cups", unaffected: make_list("rge 1.1.20-r3", "ge 1.1.21-r1"), vulnerable: make_list("le 1.1.20-r2", "eq 1.1.21")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-07.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-07.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-07.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-07.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15445);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-07");
- script_cve_id("CVE-2000-1137");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-07
-(ed: Insecure temporary file handling)
-
-
-    ed insecurely creates temporary files in world-writeable directories with
-    predictable names. Given that ed is used in various system shell scripts,
-    they are by extension affected by the same vulnerability.
-  
-Impact
-
-    A local attacker could create symbolic links in the temporary files
-    directory, pointing to a valid file somewhere on the filesystem. When ed is
-    called, this would result in file access with the rights of the user
-    running the utility, which could be the root user.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1137
-
-
-Solution: 
-    All ed users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=sys-apps/ed-0.2-r4"
-    # emerge ">=sys-apps/ed-0.2-r4"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-07] ed: Insecure temporary file handling");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'ed: Insecure temporary file handling');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-apps/ed", unaffected: make_list("ge 0.2-r4"), vulnerable: make_list("le 0.2-r3")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-08.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-08.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-08.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-08.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15446);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-08");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-08
-(ncompress: Buffer overflow)
-
-
-    compress and uncompress do not properly check bounds on command line
-    options, including the filename. Large parameters would trigger a buffer
-    overflow.
-  
-Impact
-
-    By supplying a carefully crafted filename or other option, an attacker
-    could execute arbitrary code on the system. A local attacker could only
-    execute code with his own rights, but since compress and uncompress are
-    called by various daemon programs, this might also allow a remote attacker
-    to execute code with the rights of the daemon making use of ncompress.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.kb.cert.org/vuls/id/176363
-
-
-Solution: 
-    All ncompress users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=app-arch/ncompress-4.2.4-r1"
-    # emerge ">=app-arch/ncompress-4.2.4-r1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-08] ncompress: Buffer overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'ncompress: Buffer overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-arch/ncompress", unaffected: make_list("ge 4.2.4-r1"), vulnerable: make_list("le 4.2.4")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-09.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-09.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-09.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,66 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-09.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15447);
- if(defined_func("script_xref"))script_xref(name:"IAVA", value:"2005-t-0015");
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-09");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-09
-(LessTif: Integer and stack overflows in libXpm)
-
-
-    Chris Evans has discovered various integer and stack overflows in libXpm,
-    which is shipped as a part of the X Window System. LessTif, an application
-    that includes this library, is susceptible to the same issues.
-  
-Impact
-
-    A carefully-crafted XPM file could crash applications that are linked
-    against libXpm, such as LessTif, potentially allowing the execution of
-    arbitrary code with the privileges of the user running the application.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0687
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0688
-    http://www.gentoo.org/security/en/glsa/glsa-200409-34.xml
-    http://www.lesstif.org/ReleaseNotes.html
-
-
-Solution: 
-    All LessTif users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=x11-libs/lesstif-0.93.97"
-    # emerge ">=x11-libs/lesstif-0.93.97"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-09] LessTif: Integer and stack overflows in libXpm");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'LessTif: Integer and stack overflows in libXpm');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "x11-libs/lesstif", unaffected: make_list("ge 0.93.97"), vulnerable: make_list("lt 0.93.97")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-10.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-10.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-10.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,61 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-10.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15448);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-10");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-10
-(gettext: Insecure temporary file handling)
-
-
-    gettext insecurely creates temporary files in world-writeable
-    directories with predictable names.
-  
-Impact
-
-    A local attacker could create symbolic links in the temporary files
-    directory, pointing to a valid file somewhere on the filesystem. When
-    gettext is called, this would result in file access with the rights of
-    the user running the utility, which could be the root user.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.securityfocus.com/advisories/7263
-
-
-Solution: 
-    All gettext users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=sys-devel/gettext-0.14.1-r1"
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-10] gettext: Insecure temporary file handling");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'gettext: Insecure temporary file handling');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-devel/gettext", unaffected: make_list("ge 0.14.1-r1", "rge 0.12.1-r2"), vulnerable: make_list("lt 0.14.1-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-11.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-11.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-11.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,72 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-11.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15472);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-11");
- script_cve_id("CVE-2004-0803");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-11
-(tiff: Buffer overflows in image decoding)
-
-
-    Chris Evans found heap-based overflows in RLE decoding routines in
-    tif_next.c, tif_thunder.c and potentially tif_luv.c.
-  
-Impact
-
-    A remote attacker could entice a user to view a carefully crafted TIFF
-    image file, which would potentially lead to execution of arbitrary code
-    with the rights of the user viewing the image. This affects any program
-    that makes use of the tiff library, including GNOME and KDE web browsers or
-    mail readers.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0803
-
-
-Solution: 
-    All tiff library users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=media-libs/tiff-3.6.1-r2"
-    # emerge ">=media-libs/tiff-3.6.1-r2"
-    xv makes use of the tiff library and needs to be recompiled to receive the
-    new patched version of the library. All xv users should also upgrade to the
-    latest version:
-    # emerge sync
-    # emerge -pv ">=media-gfx/xv-3.10a-r8"
-    # emerge ">=media-gfx/xv-3.10a-r8"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-11] tiff: Buffer overflows in image decoding");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'tiff: Buffer overflows in image decoding');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-gfx/xv", unaffected: make_list("ge 3.10a-r8"), vulnerable: make_list("le 3.10a-r7")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "media-libs/tiff", unaffected: make_list("ge 3.6.1-r2"), vulnerable: make_list("lt 3.6.1-r2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-12.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-12.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-12.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15473);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-12");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-12
-(WordPress: HTTP response splitting and XSS vulnerabilities)
-
-
-    Due to the lack of input validation in the administration panel
-    scripts, WordPress is vulnerable to HTTP response splitting and
-    cross-site scripting attacks.
-  
-Impact
-
-    A malicious user could inject arbitrary response data, leading to
-    content spoofing, web cache poisoning and other cross-site scripting or
-    HTTP response splitting attacks. This could result in compromising the
-    victim\'s data or browser.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://wordpress.org/development/2004/12/one-point-two-two/
-
-
-Solution: 
-    All WordPress users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=www-apps/wordpress-1.2.2"
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-12] WordPress: HTTP response splitting and XSS vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'WordPress: HTTP response splitting and XSS vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "www-apps/wordpress", unaffected: make_list("ge 1.2.2"), vulnerable: make_list("lt 1.2.2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-13.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-13.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,60 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-13.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15476);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-13");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-13
-(BNC: Input validation flaw)
-
-
-    A flaw exists in the input parsing of BNC where part of the sbuf_getmsg()
-    function handles the backspace character incorrectly.
-  
-Impact
-
-    A remote user could issue commands using fake authentication credentials
-    and possibly gain access to scripts running on the client side.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.gotbnc.com/changes.html#2.8.9
-
-
-Solution: 
-    All BNC users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-irc/bnc-2.8.9"
-    # emerge ">=net-irc/bnc-2.8.9"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-13] BNC: Input validation flaw");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'BNC: Input validation flaw');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-irc/bnc", unaffected: make_list("ge 2.8.9"), vulnerable: make_list("lt 2.8.9")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-14.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-14.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-14.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15511);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-14");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-14
-(phpMyAdmin: Vulnerability in MIME-based transformation system)
-
-
-    A defect was found in phpMyAdmin\'s MIME-based transformation system, when
-    used with "external" transformations.
-  
-Impact
-
-    A remote attacker could exploit this vulnerability to execute arbitrary
-    commands on the server with the rights of the HTTP server user.
-  
-Workaround
-
-    Enabling PHP safe mode ("safe_mode = On" in php.ini) may serve as a
-    temporary workaround.
-  
-References:
-    http://sourceforge.net/forum/forum.php?forum_id=414281
-    http://secunia.com/advisories/12813/
-
-
-Solution: 
-    All phpMyAdmin users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=dev-db/phpmyadmin-2.6.0_p2"
-    # emerge ">=dev-db/phpmyadmin-2.6.0_p2"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-14] phpMyAdmin: Vulnerability in MIME-based transformation system");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'phpMyAdmin: Vulnerability in MIME-based transformation system');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-db/phpmyadmin", unaffected: make_list("ge 2.6.0_p2"), vulnerable: make_list("lt 2.6.0_p2")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-15.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-15.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,67 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-15.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15512);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-15");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-15
-(Squid: Remote DoS vulnerability)
-
-
-    A parsing error exists in the SNMP module of Squid where a
-    specially-crafted UDP packet can potentially cause the server to restart,
-    closing all current connections. This vulnerability only exists in versions
-    of Squid compiled with the \'snmp\' USE flag.
-  
-Impact
-
-    An attacker can repeatedly send these malicious UDP packets to the Squid
-    server, leading to a denial of service.
-  
-Workaround
-
-    Disable SNMP support or filter the port that has SNMP processing (default
-    is 3401) to allow only SNMP data from trusted hosts.
-    To disable SNMP support put the entry snmp_port 0 in the squid.conf
-    configuration file.
-    To allow only the local interface to process SNMP, add the entry
-    "snmp_incoming_address 127.0.0.1" in the squid.conf configuration file.
-  
-References:
-    http://www.idefense.com/application/poi/display?id=152&type=vulnerabilities&flashstatus=true
-
-
-Solution: 
-    All Squid users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=www-proxy/squid-2.5.7"
-    # emerge ">=www-proxy/squid-2.5.7"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-15] Squid: Remote DoS vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Squid: Remote DoS vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "www-proxy/squid", unaffected: make_list("ge 2.5.7"), vulnerable: make_list("lt 2.5.7")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-16.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-16.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-16.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-16.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15513);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-16");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-16
-(PostgreSQL: Insecure temporary file use in make_oidjoins_check)
-
-
-    The make_oidjoins_check script insecurely creates temporary files in
-    world-writeable directories with predictable names.
-  
-Impact
-
-    A local attacker could create symbolic links in the temporary files
-    directory, pointing to a valid file somewhere on the filesystem. When
-    make_oidjoins_check is called, this would result in file overwrite with the
-    rights of the user running the utility, which could be the root user.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.trustix.org/errata/2004/0050/
-
-
-Solution: 
-    All PostgreSQL users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=dev-db/postgresql-7.4.5-r2"
-    # emerge ">=dev-db/postgresql-7.4.5-r2"
-    Upgrade notes: PostgreSQL 7.3.x users should upgrade to the latest
-    available 7.3.x version to retain database compatibility.
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-16] PostgreSQL: Insecure temporary file use in make_oidjoins_check");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'PostgreSQL: Insecure temporary file use in make_oidjoins_check');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-db/postgresql", unaffected: make_list("ge 7.4.5-r2", "rge 7.3.7-r2"), vulnerable: make_list("le 7.4.5-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-17.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-17.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-17.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,77 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-17.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15526);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-17");
- script_cve_id("CVE-2004-0752");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-17
-(OpenOffice.org: Temporary files disclosure)
-
-
-    On start-up, OpenOffice.org 1.1.2 creates a temporary directory with
-    insecure permissions. When a document is saved, a compressed copy of it can
-    be found in that directory.
-  
-Impact
-
-    A malicious local user could obtain the temporary files and thus read
-    documents belonging to other users.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0752
-    http://www.openoffice.org/issues/show_bug.cgi?id=33357
-
-
-Solution: 
-    All affected OpenOffice.org users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=app-office/openoffice-1.1.3"
-    # emerge ">=app-office/openoffice-1.1.3"
-    All affected OpenOffice.org binary users should upgrade to the latest
-    version:
-    # emerge sync
-    # emerge -pv ">=app-office/openoffice-bin-1.1.3"
-    # emerge ">=app-office/openoffice-bin-1.1.3"
-    All affected OpenOffice.org Ximian users should upgrade to the latest
-    version:
-    # emerge sync
-    # emerge -pv ">=app-office/openoffice-ximian-1.3.4"
-    # emerge ">=app-office/openoffice-1.3.4"
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-17] OpenOffice.org: Temporary files disclosure");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'OpenOffice.org: Temporary files disclosure');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-office/openoffice", unaffected: make_list("lt 1.1.2", "ge 1.1.3"), vulnerable: make_list("eq 1.1.2")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "app-office/openoffice-ximian", unaffected: make_list("lt 1.1.60", "ge 1.3.4"), vulnerable: make_list("eq 1.1.60", "eq 1.1.61")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "app-office/openoffice-bin", unaffected: make_list("lt 1.1.2", "ge 1.1.3"), vulnerable: make_list("eq 1.1.2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-18.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-18.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-18.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,70 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-18.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15527);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-18");
- script_cve_id("CVE-2004-0967");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-18
-(Ghostscript: Insecure temporary file use in multiple scripts)
-
-
-    The pj-gs.sh, ps2epsi, pv.sh and sysvlp.sh scripts create temporary files
-    in world-writeable directories with predictable names.
-  
-Impact
-
-    A local attacker could create symbolic links in the temporary files
-    directory, pointing to a valid file somewhere on the filesystem. When an
-    affected script is called, this would result in the file to be overwritten
-    with the rights of the user running the script, which could be the root
-    user.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0967
-
-
-Solution: 
-    Ghostscript users on all architectures except PPC should upgrade to the
-    latest version:
-    # emerge sync
-    # emerge -pv ">=app-text/ghostscript-7.07.1-r7"
-    # emerge ">=app-text/ghostscript-7.07.1-r7"
-    Ghostscript users on the PPC architecture should upgrade to the latest
-    stable version on their architecture:
-    # emerge sync
-    # emerge -pv ">=app-text/ghostscript-7.05.6-r2"
-    # emerge ">=app-text/ghostscript-7.05.6-r2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-18] Ghostscript: Insecure temporary file use in multiple scripts");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Ghostscript: Insecure temporary file use in multiple scripts');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-text/ghostscript", unaffected: make_list("ge 7.07.1-r7", "rge 7.05.6-r2"), vulnerable: make_list("lt 7.07.1-r7")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-19.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-19.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-19.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-19.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15538);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-19");
- script_cve_id("CVE-2004-0968");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-19
-(glibc: Insecure tempfile handling in catchsegv script)
-
-
-    The catchsegv script creates temporary files in world-writeable directories
-    with predictable names.
-  
-Impact
-
-    A local attacker could create symbolic links in the temporary files
-    directory, pointing to a valid file somewhere on the filesystem. When
-    catchsegv script is called, this would result in the file being overwritten
-    with the rights of the user running the utility, which could be the root
-    user.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0968
-
-
-Solution: 
-    All glibc users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv sys-libs/glibc
-    # emerge sys-libs/glibc
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-19] glibc: Insecure tempfile handling in catchsegv script");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'glibc: Insecure tempfile handling in catchsegv script');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-libs/glibc", unaffected: make_list("rge 2.2.5-r9", "rge 2.3.2-r12", "rge 2.3.3.20040420-r2", "rge 2.3.4.20040619-r2", "ge 2.3.4.20040808-r1"), vulnerable: make_list("le 2.3.4.20040808")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-20.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-20.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-20.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,69 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15539);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-20");
- script_cve_id("CVE-2004-0888", "CVE-2004-0889");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-20
-(Xpdf, CUPS: Multiple integer overflows)
-
-
-    Chris Evans discovered multiple integer overflow issues in Xpdf.
-  
-Impact
-
-    An attacker could entice an user to open a specially-crafted PDF file,
-    potentially resulting in execution of arbitrary code with the rights of the
-    user running Xpdf. By enticing an user to directly print the PDF file to a
-    CUPS printer, an attacker could also crash the CUPS spooler or execute
-    arbitrary code with the rights of the CUPS spooler, which is usually the
-    "lp" user.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0888
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0889
-
-
-Solution: 
-    All Xpdf users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=app-text/xpdf-3.00-r5"
-    All CUPS users should also upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=net-print/cups-1.1.20-r5"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-20] Xpdf, CUPS: Multiple integer overflows");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Xpdf, CUPS: Multiple integer overflows');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-text/xpdf", unaffected: make_list("ge 3.00-r5"), vulnerable: make_list("le 3.00-r4")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "net-print/cups", unaffected: make_list("ge 1.1.20-r5"), vulnerable: make_list("le 1.1.20-r4")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-21.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-21.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-21.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,70 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-21.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15545);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-21");
- script_cve_id("CVE-2004-0885");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-21
-(Apache 2, mod_ssl: Bypass of SSLCipherSuite directive)
-
-
-    A flaw has been found in mod_ssl where the "SSLCipherSuite" directive could
-    be bypassed in certain configurations if it is used in a directory or
-    location context to restrict the set of allowed cipher suites.
-  
-Impact
-
-    A remote attacker could gain access to a location using any cipher suite
-    allowed by the server/virtual host configuration, disregarding the
-    restrictions by "SSLCipherSuite" for that location.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0885
-    http://issues.apache.org/bugzilla/show_bug.cgi?id=31505
-
-
-Solution: 
-    All Apache 2 users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-www/apache-2.0.52"
-    # emerge ">=net-www/apache-2.0.52"
-    All mod_ssl users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-www/mod_ssl-2.8.20"
-    # emerge ">=net-www/mod_ssl-2.8.20"
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-21] Apache 2, mod_ssl: Bypass of SSLCipherSuite directive");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Apache 2, mod_ssl: Bypass of SSLCipherSuite directive');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/mod_ssl", unaffected: make_list("ge 2.8.20"), vulnerable: make_list("lt 2.8.20")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "net-www/apache", unaffected: make_list("ge 2.0.52", "lt 2.0"), vulnerable: make_list("lt 2.0.52")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-22.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-22.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-22.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,78 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15558);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-22");
- script_cve_id("CVE-2004-0835", "CVE-2004-0836", "CVE-2004-0837");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-22
-(MySQL: Multiple vulnerabilities)
-
-
-    The following vulnerabilities were found and fixed in MySQL:
-    Oleksandr Byelkin found that ALTER TABLE ... RENAME checks CREATE/INSERT
-    rights of the old table instead of the new one (CVE-2004-0835). Another
-    privilege checking bug allowed users to grant rights on a database they had
-    no rights on.
-    Dean Ellis found a defect where multiple threads ALTERing the MERGE tables
-    to change the UNION could cause the server to crash (CVE-2004-0837).
-    Another crash was found in MATCH ... AGAINST() queries with missing closing
-    double quote.
-    Finally, a buffer overrun in the mysql_real_connect function was found by
-    Lukasz Wojtow (CVE-2004-0836).
-  
-Impact
-
-    The privilege checking issues could be used by remote users to bypass their
-    rights on databases. The two crashes issues could be exploited by a remote
-    user to perform a Denial of Service attack on MySQL server. The buffer
-    overrun issue could also be exploited as a Denial of Service attack, and
-    may allow to execute arbitrary code with the rights of the MySQL daemon
-    (typically, the "mysql" user).
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837
-    http://bugs.mysql.com/bug.php?id=3933
-    http://bugs.mysql.com/bug.php?id=3870
-
-
-Solution: 
-    All MySQL users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=dev-db/mysql-4.0.21"
-    # emerge ">=dev-db/mysql-4.0.21"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-22] MySQL: Multiple vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'MySQL: Multiple vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-db/mysql", unaffected: make_list("ge 4.0.21"), vulnerable: make_list("lt 4.0.21")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-23.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-23.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-23.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,67 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15559);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-23");
- script_cve_id("CVE-2004-0891");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-23
-(Gaim: Multiple vulnerabilities)
-
-
-    A possible buffer overflow exists in the code processing MSN SLP messages
-    (CVE-2004-0891). memcpy() was used without validating the size of the
-    buffer, and an incorrect buffer was used as destination under certain
-    circumstances. Additionally, memory allocation problems were found in the
-    processing of MSN SLP messages and the receiving of files. These issues
-    could lead Gaim to try to allocate more memory than available, resulting in
-    the crash of the application.
-  
-Impact
-
-    A remote attacker could crash Gaim and possibly execute arbitrary code by
-    exploiting the buffer overflow.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0891
-    http://gaim.sourceforge.net/security/
-
-
-Solution: 
-    All Gaim users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-im/gaim-1.0.2"
-    # emerge ">=net-im/gaim-1.0.2"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-23] Gaim: Multiple vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Gaim: Multiple vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-im/gaim", unaffected: make_list("ge 1.0.2"), vulnerable: make_list("lt 1.0.2")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-24.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-24.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-24.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15560);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-24");
- script_cve_id("CVE-2004-0971");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-24
-(MIT krb5: Insecure temporary file use in send-pr.sh)
-
-
-    The send-pr.sh script creates temporary files in world-writeable
-    directories with predictable names.
-  
-Impact
-
-    A local attacker could create symbolic links in the temporary files
-    directory, pointing to a valid file somewhere on the filesystem. When
-    send-pr.sh is called, this would result in the file being overwritten
-    with the rights of the user running the utility, which could be the
-    root user.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0971
-
-
-Solution: 
-    All MIT krb5 users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=app-crypt/mit-krb5-1.3.4-r1"
-    # emerge ">=app-crypt/mit-krb5-1.3.4-r1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-24] MIT krb5: Insecure temporary file use in send-pr.sh");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'MIT krb5: Insecure temporary file use in send-pr.sh');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-crypt/mit-krb5", unaffected: make_list("ge 1.3.5-r1", "rge 1.3.4-r1"), vulnerable: make_list("le 1.3.5")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-25.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-25.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-25.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-25.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15567);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-25");
- script_cve_id("CVE-2004-0974");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-25
-(Netatalk: Insecure tempfile handling in etc2ps.sh)
-
-
-    The etc2ps.sh script creates temporary files in world-writeable directories
-    with predictable names.
-  
-Impact
-
-    A local attacker could create symbolic links in the temporary files
-    directory, pointing to a valid file somewhere on the filesystem. When
-    etc2ps.sh is executed, this would result in the file being overwritten with
-    the rights of the user running the utility, which could be the root user.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0974
-
-
-Solution: 
-    All Netatalk users should upgrade to the latest version:
-    # emerge sync
-    # emerge -pv ">=net-fs/netatalk-1.6.4-r1"
-    # emerge ">=net-fs/netatalk-1.6.4-r1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-25] Netatalk: Insecure tempfile handling in etc2ps.sh");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Netatalk: Insecure tempfile handling in etc2ps.sh');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-fs/netatalk", unaffected: make_list("ge 1.6.4-r1"), vulnerable: make_list("lt 1.6.4-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-26.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-26.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-26.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,65 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-26.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15568);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-26");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-26
-(socat: Format string vulnerability)
-
-
-    socat contains a syslog() based format string vulnerablility in the
-    \'_msg()\' function of \'error.c\'. Exploitation of this bug is only possible
-    when socat is run with the \'-ly\' option, causing it to log messages to
-    syslog.
-  
-Impact
-
-    Remote exploitation is possible when socat is used as a HTTP proxy client
-    and connects to a malicious server. Local privilege escalation can be
-    achieved when socat listens on a UNIX domain socket. Potential execution of
-    arbitrary code with the privileges of the socat process is possible with
-    both local and remote exploitations.
-  
-Workaround
-
-    Disable logging to syslog by not using the \'-ly\' option when starting
-    socat.
-  
-References:
-    http://www.dest-unreach.org/socat/advisory/socat-adv-1.html
-
-
-Solution: 
-    All socat users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=net-misc/socat-1.4.0.3"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-26] socat: Format string vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'socat: Format string vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-misc/socat", unaffected: make_list("ge 1.4.0.3"), vulnerable: make_list("lt 1.4.0.3")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-27.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-27.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-27.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-27.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15579);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-27");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-27
-(mpg123: Buffer overflow vulnerabilities)
-
-
-    Buffer overflow vulnerabilities in the getauthfromURL() and http_open()
-    functions have been reported by Carlos Barros. Additionally, the Gentoo
-    Linux Sound Team fixed additional boundary checks which were found to be
-    lacking.
-  
-Impact
-
-    By enticing a user to open a malicious playlist or URL or making use of a
-    specially-crafted symlink, an attacker could possibly execute arbitrary
-    code with the rights of the user running mpg123.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.barrossecurity.com/advisories/mpg123_getauthfromurl_bof_advisory.txt
-
-
-Solution: 
-    All mpg123 users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=media-sound/mpg123-0.59s-r5"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-27] mpg123: Buffer overflow vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'mpg123: Buffer overflow vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-sound/mpg123", unaffected: make_list("ge 0.59s-r5"), vulnerable: make_list("lt 0.59s-r5")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-28.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-28.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-28.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,60 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-28.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15580);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-28");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-28
-(rssh: Format string vulnerability)
-
-
-    Florian Schilhabel from the Gentoo Linux Security Audit Team found a format
-    string vulnerability in rssh syslogging of failed commands.
-  
-Impact
-
-    Using a malicious command, it may be possible for a remote authenticated
-    user to execute arbitrary code on the target machine with user rights,
-    effectively bypassing any restriction of rssh.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.pizzashack.org/rssh/security.shtml
-
-
-Solution: 
-    All rssh users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=app-shells/rssh-2.2.2"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-28] rssh: Format string vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'rssh: Format string vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-shells/rssh", unaffected: make_list("ge 2.2.2"), vulnerable: make_list("lt 2.2.2")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-29.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-29.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-29.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,65 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-29.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15581);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-29");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-29
-(PuTTY: Pre-authentication buffer overflow)
-
-
-    PuTTY fails to do proper bounds checking on SSH2_MSG_DEBUG packets. The
-    "stringlen" parameter value is incorrectly checked due to signedness
-    issues. Note that this vulnerability is similar to the one described in
-    GLSA 200408-04 but not the same.
-  
-Impact
-
-    When PuTTY connects to a server using the SSH2 protocol, an attacker may be
-    able to send specially crafted packets to the client, resulting in the
-    execution of arbitrary code with the permissions of the user running PuTTY.
-    Note that this is possible during the authentication process but before
-    host key verification.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.idefense.com/application/poi/display?id=155
-    http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
-
-
-Solution: 
-    All PuTTY users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=net-misc/putty-0.56"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-29] PuTTY: Pre-authentication buffer overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'PuTTY: Pre-authentication buffer overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-misc/putty", unaffected: make_list("ge 0.56"), vulnerable: make_list("le 0.55")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-30.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-30.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-30.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,73 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15582);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-30");
- script_cve_id("CVE-2004-0888", "CVE-2004-0889");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-30
-(GPdf, KPDF, KOffice: Vulnerabilities in included xpdf)
-
-
-    GPdf, KPDF and KOffice all include xpdf code to handle PDF files. xpdf is
-    vulnerable to multiple integer overflows, as described in GLSA 200410-20.
-  
-Impact
-
-    An attacker could entice a user to open a specially-crafted PDF file,
-    potentially resulting in execution of arbitrary code with the rights of the
-    user running the affected utility.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0888
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0889
-
-
-Solution: 
-    All GPdf users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=app-text/gpdf-0.132-r2"
-    All KDE users should upgrade to the latest version of kdegraphics:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=kde-base/kdegraphics-3.3.0-r2"
-    All KOffice users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=app-office/koffice-1.3.3-r2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-30] GPdf, KPDF, KOffice: Vulnerabilities in included xpdf");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'GPdf, KPDF, KOffice: Vulnerabilities in included xpdf');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-office/koffice", unaffected: make_list("ge 1.3.4-r1", "rge 1.3.3-r2"), vulnerable: make_list("lt 1.3.4-r1")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "app-text/gpdf", unaffected: make_list("ge 2.8.0-r2", "rge 0.132-r2"), vulnerable: make_list("lt 2.8.0-r2")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "kde-base/kdegraphics", unaffected: make_list("ge 3.3.1-r2", "rge 3.3.0-r2", "rge 3.2.3-r2"), vulnerable: make_list("lt 3.3.1-r2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200410-31.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200410-31.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200410-31.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200410-31.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15587);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200410-31");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200410-31
-(Archive::Zip: Virus detection evasion)
-
-
-    Archive::Zip can be used by email scanning software (like amavisd-new) to
-    uncompress attachments before virus scanning. By modifying the uncompressed
-    size of archived files in the global header of the ZIP file, it is possible
-    to fool Archive::Zip into thinking some files inside the archive have zero
-    length.
-  
-Impact
-
-    An attacker could send a carefully crafted ZIP archive containing a virus
-    file and evade detection on some email virus-scanning software relying on
-    Archive::Zip for decompression.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.idefense.com/application/poi/display?id=153
-    http://rt.cpan.org/NoAuth/Bug.html?id=8077
-
-
-Solution: 
-    All Archive::Zip users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=dev-perl/Archive-Zip-1.14"
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200410-31] Archive::Zip: Virus detection evasion");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Archive::Zip: Virus detection evasion');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-perl/Archive-Zip", unaffected: make_list("ge 1.14"), vulnerable: make_list("lt 1.14")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-01.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-01.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-01.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,61 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-01.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2004 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15589);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-01");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-01
-(ppp: Remote denial of service vulnerability)
-
-
-    The pppd server improperly verifies header fields, making it vulnerable to
-    denial of service attacks.
-  
-Impact
-
-    An attacker can cause the pppd server to access memory that it isn\'t
-    allowed to, causing the server to crash. No code execution is possible with
-    this vulnerability, because no data is getting copied.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.securityfocus.com/archive/1/379450
-
-
-Solution: 
-    All ppp users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=net-dialup/ppp-2.4.2-r7"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2004 Michel Arboi");
- script_name(english: "[GLSA-200411-01] ppp: Remote denial of service vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'ppp: Remote denial of service vulnerability');
- exit(0);
-}
-
-exit(0); # Gentoo now claims it's not an issue
-include('qpkg.inc');
-if (qpkg_check(package: "net-dialup/ppp", unaffected: make_list("ge 2.4.2-r7"), vulnerable: make_list("lt 2.4.2-r7")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-02.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-02.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-02.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,57 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-02.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15590);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-02");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-02
-(Cherokee: Format string vulnerability)
-
-
-    Florian Schilhabel from the Gentoo Linux Security Audit Team found a format
-    string vulnerability in the cherokee_logger_ncsa_write_string() function.
-  
-Impact
-
-    Using a specially crafted URL when authenticating via auth_pam, a malicious
-    user may be able to crash the server or execute arbitrary code on the
-    target machine with permissions of the user running Cherokee.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-
-Solution: 
-    All Cherokee users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=www-servers/cherokee-0.4.17.1"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-02] Cherokee: Format string vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Cherokee: Format string vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "www-servers/cherokee", unaffected: make_list("ge 0.4.17.1"), vulnerable: make_list("le 0.4.17")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-03.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-03.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-03.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-03.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15606);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-03");
- script_cve_id("CVE-2004-0940");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-03
-(Apache 1.3: Buffer overflow vulnerability in mod_include)
-
-
-    A possible buffer overflow exists in the get_tag() function of
-    mod_include.c.
-  
-Impact
-
-    If Server Side Includes (SSI) are enabled, a local attacker may be able to
-    run arbitrary code with the rights of an httpd child process by making use
-    of a specially-crafted document with malformed SSI.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0940
-    http://www.apacheweek.com/features/security-13
-
-
-Solution: 
-    All Apache users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=net-www/apache-1.3.32-r1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-03] Apache 1.3: Buffer overflow vulnerability in mod_include");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Apache 1.3: Buffer overflow vulnerability in mod_include');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/apache", unaffected: make_list("ge 1.3.32-r1"), vulnerable: make_list("lt 1.3.32-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-04.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-04.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-04.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-04.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15607);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-04");
- script_cve_id("CVE-2004-0834");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-04
-(Speedtouch USB driver: Privilege escalation vulnerability)
-
-
-    The Speedtouch USB driver contains multiple format string vulnerabilities
-    in modem_run, pppoa2 and pppoa3. This flaw is due to an improperly made
-    syslog() system call.
-  
-Impact
-
-    A malicious local user could exploit this vulnerability by causing a buffer
-    overflow, and potentially allowing the execution of arbitrary code with
-    escalated privileges.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0834
-    http://speedtouch.sourceforge.net/index.php?/news.en.html
-
-
-Solution: 
-    All Speedtouch USB driver users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=net-dialup/speedtouch-1.3.1"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-04] Speedtouch USB driver: Privilege escalation vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Speedtouch USB driver: Privilege escalation vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-dialup/speedtouch", unaffected: make_list("ge 1.3.1"), vulnerable: make_list("lt 1.3.1")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-05.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-05.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-05.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-05.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15610);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-05");
- script_cve_id("CVE-2004-0989");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-05
-(libxml2: Remotely exploitable buffer overflow)
-
-
-    Multiple buffer overflows have been detected in the nanoftp and nanohttp
-    modules. These modules are responsible for parsing URLs with ftp
-    information, and resolving names via DNS.
-  
-Impact
-
-    An attacker could exploit an application that uses libxml2 by forcing it to
-    parse a specially-crafted XML file, potentially causing remote execution of
-    arbitrary code.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.securityfocus.com/archive/1/379383
-    http://www.xmlsoft.org/ChangeLog.html
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0989
-
-
-Solution: 
-    All libxml2 users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=dev-libs/libxml2-2.6.15"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-05] libxml2: Remotely exploitable buffer overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'libxml2: Remotely exploitable buffer overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-libs/libxml2", unaffected: make_list("ge 2.6.15"), vulnerable: make_list("lt 2.6.15")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-06.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-06.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-06.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,60 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-06.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15608);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-06");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-06
-(MIME-tools: Virus detection evasion)
-
-
-    MIME-tools doesn\'t correctly parse attachment boundaries with an empty name
-    (boundary="").
-  
-Impact
-
-    An attacker could send a carefully crafted email and evade detection on
-    some email virus-scanning programs using MIME-tools for attachment
-    decoding.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://lists.roaringpenguin.com/pipermail/mimedefang/2004-October/024959.html
-
-
-Solution: 
-    All MIME-tools users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=dev-perl/MIME-tools-5.415"
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-06] MIME-tools: Virus detection evasion");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'MIME-tools: Virus detection evasion');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-perl/MIME-tools", unaffected: make_list("ge 5.415"), vulnerable: make_list("lt 5.415")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-07.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-07.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-07.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,66 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-07.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15612);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-07");
- script_cve_id("CVE-2004-0992");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-07
-(Proxytunnel: Format string vulnerability)
-
-
-    Florian Schilhabel of the Gentoo Linux Security Audit project found a
-    format string vulnerability in Proxytunnel. When the program is started in
-    daemon mode (-a [port]), it improperly logs invalid proxy answers to
-    syslog.
-  
-Impact
-
-    A malicious remote server could send specially-crafted invalid answers to
-    exploit the format string vulnerability, potentially allowing the execution
-    of arbitrary code on the tunnelling host with the rights of the Proxytunnel
-    process.
-  
-Workaround
-
-    You can mitigate the issue by only allowing connections to trusted remote
-    servers.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0992
-    http://proxytunnel.sourceforge.net/news.html
-
-
-Solution: 
-    All Proxytunnel users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=net-misc/proxytunnel-1.2.3"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-07] Proxytunnel: Format string vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Proxytunnel: Format string vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-misc/proxytunnel", unaffected: make_list("ge 1.2.3"), vulnerable: make_list("lt 1.2.3")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-08.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-08.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-08.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-08.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15619);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-08");
- script_cve_id("CVE-2004-0990");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-08
-(GD: Integer overflow)
-
-
-    infamous41md found an integer overflow in the memory allocation procedure
-    of the GD routine that handles loading PNG image files.
-  
-Impact
-
-    A remote attacker could entice a user to load a carefully crafted PNG image
-    file in a GD-powered application, or send a PNG image to a web application
-    which uses GD PNG decoding functions. This could potentially lead to
-    execution of arbitrary code with the rights of the program loading the
-    image.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.securityfocus.com/archive/1/379382
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0990
-
-
-Solution: 
-    All GD users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=media-libs/gd-2.0.32"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-08] GD: Integer overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'GD: Integer overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-libs/gd", unaffected: make_list("ge 2.0.32"), vulnerable: make_list("lt 2.0.32")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-09.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-09.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-09.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-09.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15634);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-09");
- script_cve_id("CVE-2004-1001");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-09
-(shadow: Unauthorized modification of account information)
-
-
-    Martin Schulze reported a flaw in the passwd_check() function in
-    "libmisc/pwdcheck.c" which is used by chfn and chsh.
-  
-Impact
-
-    A logged-in local user with an expired password may be able to use chfn and
-    chsh to change his standard shell or GECOS information (full name, phone
-    number...) without being required to change his password.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://ftp.pld.org.pl/software/shadow/NEWS
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1001
-
-
-Solution: 
-    All shadow users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=sys-apps/shadow-4.0.5-r1"
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-09] shadow: Unauthorized modification of account information");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'shadow: Unauthorized modification of account information');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-apps/shadow", unaffected: make_list("ge 4.0.5-r1"), vulnerable: make_list("lt 4.0.5-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-10.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-10.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-10.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,59 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-10.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15644);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-10");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-10
-(Gallery: Cross-site scripting vulnerability)
-
-
-    Jim Paris has discovered a cross-site scripting vulnerability in Gallery.
-  
-Impact
-
-    By sending a carefully crafted URL, an attacker can inject and execute
-    script code in the victim\'s browser window, and potentially compromise the
-    users gallery.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://gallery.menalto.com/modules.php?op=modload&name=News&file=article&sid=142&mode=thread&order=0&thold=0
-
-
-Solution: 
-    All Gallery users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=www-apps/gallery-1.4.4_p4"
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-10] Gallery: Cross-site scripting vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Gallery: Cross-site scripting vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "www-apps/gallery", unaffected: make_list("ge 1.4.4_p4"), vulnerable: make_list("lt 1.4.4_p4")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-11.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-11.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-11.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-11.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15645);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-11");
- script_cve_id("CVE-2004-0981");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-11
-(ImageMagick: EXIF buffer overflow)
-
-
-    ImageMagick fails to do proper bounds checking when handling image files
-    with EXIF information.
-  
-Impact
-
-    An attacker could use an image file with specially-crafted EXIF information
-    to cause arbitrary code execution with the permissions of the user running
-    ImageMagick.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0981
-    http://www.imagemagick.org/www/Changelog.html
-    http://secunia.com/advisories/12995/
-
-
-Solution: 
-    All ImageMagick users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=media-gfx/imagemagick-6.1.3.2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-11] ImageMagick: EXIF buffer overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'ImageMagick: EXIF buffer overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-gfx/imagemagick", unaffected: make_list("ge 6.1.3.2"), vulnerable: make_list("lt 6.1.3.2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-12.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-12.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,60 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-12.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15646);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-12");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-12
-(zgv: Multiple buffer overflows)
-
-
-    Multiple arithmetic overflows have been detected in the image processing
-    code of zgv.
-  
-Impact
-
-    An attacker could entice a user to open a specially-crafted image file,
-    potentially resulting in execution of arbitrary code with the rights of the
-    user running zgv.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.securityfocus.com/archive/1/379472
-
-
-Solution: 
-    All zgv users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=media-gfx/zgv-5.8"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-12] zgv: Multiple buffer overflows");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'zgv: Multiple buffer overflows');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-gfx/zgv", unaffected: make_list("ge 5.8"), vulnerable: make_list("lt 5.8")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-13.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-13.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-13.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15647);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-13");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-13
-(Portage, Gentoolkit: Temporary file vulnerabilities)
-
-
-    dispatch-conf and qpkg use predictable filenames for temporary files.
-  
-Impact
-
-    A local attacker could create symbolic links in the temporary files
-    directory, pointing to a valid file somewhere on the filesystem. When an
-    affected script is called, this would result in the file to be overwritten
-    with the rights of the user running the dispatch-conf or qpkg, which could
-    be the root user.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-
-Solution: 
-    All Portage users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=sys-apps/portage-2.0.51-r3"
-    All Gentoolkit users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=app-portage/gentoolkit-0.2.0_pre8-r1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-13] Portage, Gentoolkit: Temporary file vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Portage, Gentoolkit: Temporary file vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-apps/portage", unaffected: make_list("ge 2.0.51-r3"), vulnerable: make_list("le 2.0.51-r2")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "app-portage/gentoolkit", unaffected: make_list("ge 0.2.0_pre10-r1", "rge 0.2.0_pre8-r1"), vulnerable: make_list("le 0.2.0_pre10")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-14.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-14.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-14.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15648);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-14");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-14
-(Kaffeine, gxine: Remotely exploitable buffer overflow)
-
-
-    KF of Secure Network Operations has discovered an overflow that occurs during the Content-Type header processing of Kaffeine. The vulnerable code in Kaffeine is reused from gxine, making gxine vulnerable as well.
-  
-Impact
-
-    An attacker could create a specially-crafted Content-type header from a malicious HTTP server, and crash a user\'s instance of Kaffeine or gxine, potentially allowing the execution of arbitrary code.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://securitytracker.com/alerts/2004/Oct/1011936.html
-    http://sourceforge.net/tracker/index.php?func=detail&aid=1060299&group_id=9655&atid=109655
-
-
-Solution: 
-    All Kaffeine users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=media-video/kaffeine-0.4.3b-r1"
-    All gxine users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=media-video/gxine-0.3.3-r1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-14] Kaffeine, gxine: Remotely exploitable buffer overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Kaffeine, gxine: Remotely exploitable buffer overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-video/kaffeine", unaffected: make_list("ge 0.5_rc1-r1", "rge 0.4.3b-r1"), vulnerable: make_list("lt 0.5_rc1-r1")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "media-video/gxine", unaffected: make_list("ge 0.3.3-r1"), vulnerable: make_list("lt 0.3.3-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-15.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-15.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,65 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-15.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15649);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-15");
- script_cve_id("CVE-2004-0969", "CVE-2004-0975");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-15
-(OpenSSL, Groff: Insecure tempfile handling)
-
-
-    groffer and the der_chop script create temporary files in world-writeable directories with predictable names.
-  
-Impact
-
-    A local attacker could create symbolic links in the temporary files directory, pointing to a valid file somewhere on the filesystem. When groffer or der_chop is executed, this would result in the file being overwritten with the rights of the user running the utility, which could be the root user.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0969
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0975
-
-
-Solution: 
-    All Groff users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=sys-apps/groff-1.19.1-r2"
-    All OpenSSL users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7d-r2"
-    Note: /etc/ssl/misc/der_chop is protected by Portage as a configuration file. Don\'t forget to use etc-update and overwrite the old version with the new one.
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-15] OpenSSL, Groff: Insecure tempfile handling");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'OpenSSL, Groff: Insecure tempfile handling');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-apps/groff", unaffected: make_list("ge 1.19.1-r2"), vulnerable: make_list("lt 1.19.1-r2")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "dev-libs/openssl", unaffected: make_list("ge 0.9.7d-r2"), vulnerable: make_list("lt 0.9.7d-r2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-16.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-16.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-16.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,57 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-16.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15691);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-16");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-16
-(zip: Path name buffer overflow)
-
-
-    zip does not check the resulting path length when doing recursive folder compression.
-  
-Impact
-
-    An attacker could exploit this by enticing another user or web application to create an archive including a specially-crafted path name, potentially resulting in the execution of arbitrary code with the permissions of the user running zip.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.hexview.com/docs/20041103-1.txt
-
-
-Solution: 
-    All zip users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=app-arch/zip-2.3-r4"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-16] zip: Path name buffer overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'zip: Path name buffer overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-arch/zip", unaffected: make_list("ge 2.3-r4"), vulnerable: make_list("le 2.3-r3")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-17.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-17.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-17.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,54 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-17.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15692);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-17");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-17
-(mtink: Insecure tempfile handling)
-
-
-    Tavis Ormandy from Gentoo Linux discovered that mtink uses insecure permissions on temporary files.
-  
-Impact
-
-    A local attacker could create symbolic links in the temporary files directory, pointing to a valid file somewhere on the filesystem. When mtink is executed, this would result in the file being overwritten with the rights of the user running the utility, which could be the root user.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-
-Solution: 
-    All mtink users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=net-print/mtink-1.0.5"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-17] mtink: Insecure tempfile handling");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'mtink: Insecure tempfile handling');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-print/mtink", unaffected: make_list("ge 1.0.5"), vulnerable: make_list("lt 1.0.5")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-18.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-18.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-18.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,59 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-18.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15693);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-18");
- script_cve_id("CVE-2004-0942");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-18
-(Apache 2.0: Denial of Service by memory consumption)
-
-
-    Chintan Trivedi discovered a vulnerability in Apache httpd 2.0 that is caused by improper enforcing of the field length limit in the header-parsing code.
-  
-Impact
-
-    By sending a large amount of specially-crafted HTTP GET requests a remote attacker could cause a Denial of Service of the targeted system.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0942
-    http://www.apacheweek.com/features/security-20
-
-
-Solution: 
-    All Apache 2.0 users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=net-www/apache-2.0.52-r1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-18] Apache 2.0: Denial of Service by memory consumption");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Apache 2.0: Denial of Service by memory consumption');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-www/apache", unaffected: make_list("ge 2.0.52-r1", "lt 2.0"), vulnerable: make_list("lt 2.0.52-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-19.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-19.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-19.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,60 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-19.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15694);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-19");
- script_cve_id("CVE-2004-0456");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-19
-(Pavuk: Multiple buffer overflows)
-
-
-    Pavuk contains several buffer overflow vulnerabilities in the code handling digest authentication and HTTP header processing. This issue is similar to GLSA 200407-19, but contains more vulnerabilities.
-  
-Impact
-
-    A remote attacker could cause a buffer overflow, leading to arbitrary code execution with the rights of the user running Pavuk.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.gentoo.org/security/en/glsa/glsa-200407-19.xml
-    http://secunia.com/advisories/13120/
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0456
-
-
-Solution: 
-    All Pavuk users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=net-misc/pavuk-0.9.31"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-19] Pavuk: Multiple buffer overflows");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Pavuk: Multiple buffer overflows');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-misc/pavuk", unaffected: make_list("ge 0.9.31"), vulnerable: make_list("lt 0.9.31")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-20.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-20.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-20.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,59 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-20.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15695);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-20");
- script_cve_id("CVE-2004-0980");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-20
-(ez-ipupdate: Format string vulnerability)
-
-
-    Ulf Harnhammar from the Debian Security Audit Project discovered a format string vulnerability in ez-ipupdate.
-  
-Impact
-
-    An attacker could exploit this to execute arbitrary code with the permissions of the user running ez-ipupdate, which could be the root user.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0980
-    http://lists.netsys.com/pipermail/full-disclosure/2004-November/028590.html
-
-
-Solution: 
-    All ez-ipupdate users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=net-dns/ez-ipupdate-3.0.11_beta8-r1"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-20] ez-ipupdate: Format string vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'ez-ipupdate: Format string vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-dns/ez-ipupdate", unaffected: make_list("ge 3.0.11_beta8-r1"), vulnerable: make_list("le 3.0.11_beta8")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-21.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-21.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-21.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,66 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-21.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15696);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-21");
- script_cve_id("CVE-2004-0930", "CVE-2004-0882");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-21
-(Samba: Multiple vulnerabilities)
-
-
-    Samba fails to do proper bounds checking when handling
-    TRANSACT2_QFILEPATHINFO replies. Additionally an input validation flaw
-    exists in ms_fnmatch.c when matching filenames that contain wildcards.
-  
-Impact
-
-    An attacker may be able to execute arbitrary code with the permissions
-    of the user running Samba. A remote attacker may also be able to cause
-    an abnormal consumption of CPU resources, resulting in slower
-    performance of the server or even a Denial of Service.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.samba.org/samba/security/CAN-2004-0930.html
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0930
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0882
-    http://security.e-matters.de/advisories/132004.html
-
-
-Solution: 
-    All Samba users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=net-fs/samba-3.0.8"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-21] Samba: Multiple vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Samba: Multiple vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-fs/samba", unaffected: make_list("ge 3.0.8", "lt 3.0"), vulnerable: make_list("lt 3.0.8")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-22.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-22.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-22.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,71 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-22.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15723);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-22");
- script_cve_id("CVE-2004-0972");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-22
-(Davfs2, lvm-user: Insecure tempfile handling)
-
-
-    Florian Schilhabel from the Gentoo Linux Security Audit Team found
-    that Davfs2 insecurely created .pid files in /tmp. Furthermore, Trustix
-    Secure Linux found that the lvmcreate_initrd script, included in the
-    lvm-user Gentoo package, also creates temporary files in
-    world-writeable directories with predictable names.
-  
-Impact
-
-    A local attacker could create symbolic links in the temporary
-    files directory, pointing to a valid file somewhere on the filesystem.
-    When Davfs2 or lvmcreate_initrd is called, this would result in the
-    file being overwritten with the rights of the user running the
-    software, which could be the root user.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0972
-
-
-Solution: 
-    All Davfs2 users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=net-fs/davfs2-0.2.2-r1"
-    All lvm-user users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=sys-fs/lvm-user-1.0.7-r2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-22] Davfs2, lvm-user: Insecure tempfile handling");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Davfs2, lvm-user: Insecure tempfile handling');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-fs/lvm-user", unaffected: make_list("ge 1.0.7-r2"), vulnerable: make_list("lt 1.0.7-r2")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "net-fs/davfs2", unaffected: make_list("ge 0.2.2-r1"), vulnerable: make_list("lt 0.2.2-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-23.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-23.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-23.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-23.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15724);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-23");
- script_cve_id("CVE-2004-0983");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-23
-(Ruby: Denial of Service issue)
-
-
-    Ruby\'s developers found and fixed an issue in the CGI module that
-    can be triggered remotely and cause an infinite loop.
-  
-Impact
-
-    A remote attacker could trigger the vulnerability through an
-    exposed Ruby web application and cause the server to use unnecessary
-    CPU resources, potentially resulting in a Denial of Service.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0983
-
-
-Solution: 
-    All Ruby 1.6.x users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=dev-lang/ruby-1.6.8-r12"
-    All Ruby 1.8.x users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=dev-lang/ruby-1.8.2_pre3"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-23] Ruby: Denial of Service issue");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Ruby: Denial of Service issue');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-lang/ruby", unaffected: make_list("rge 1.6.8-r12", "ge 1.8.2_pre3"), vulnerable: make_list("lt 1.8.2_pre3")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-24.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-24.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-24.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,61 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-24.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15725);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-24");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-24
-(BNC: Buffer overflow vulnerability)
-
-
-    Leon Juranic discovered that BNC fails to do proper bounds
-    checking when checking server response.
-  
-Impact
-
-    An attacker could exploit this to cause a Denial of Service and
-    potentially execute arbitary code with the permissions of the user
-    running BNC.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://gotbnc.com/changes.html
-    http://security.lss.hr/en/index.php?page=details&ID=LSS-2004-11-03
-
-
-Solution: 
-    All BNC users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=net-irc/bnc-2.9.1"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-24] BNC: Buffer overflow vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'BNC: Buffer overflow vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-irc/bnc", unaffected: make_list("ge 2.9.1"), vulnerable: make_list("lt 2.9.1")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-25.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-25.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-25.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-25.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15736);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-25");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-25
-(SquirrelMail: Encoded text XSS vulnerability)
-
-
-    SquirrelMail fails to properly sanitize certain strings when
-    decoding specially-crafted headers.
-  
-Impact
-
-    By enticing a user to read a specially-crafted e-mail, an attacker
-    can execute arbitrary scripts running in the context of the victim\'s
-    browser. This could lead to a compromise of the user\'s webmail account,
-    cookie theft, etc.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://article.gmane.org/gmane.mail.squirrelmail.user/21169
-
-
-Solution: 
-    All SquirrelMail users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=mail-client/squirrelmail-1.4.3a-r2"
-    Note: Users with the vhosts USE flag set should manually use
-    webapp-config to finalize the update.
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-25] SquirrelMail: Encoded text XSS vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'SquirrelMail: Encoded text XSS vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "mail-client/squirrelmail", unaffected: make_list("ge 1.4.3a-r2"), vulnerable: make_list("lt 1.4.3a-r2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-26.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-26.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-26.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,65 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-26.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15754);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-26");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-26
-(GIMPS, SETI at home, ChessBrain: Insecure installation)
-
-
-    GIMPS, SETI at home and ChessBrain ebuilds install user-owned binaries and
-    init scripts which are executed with root privileges.
-  
-Impact
-
-    This could lead to a local privilege escalation or root compromise.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-
-Solution: 
-    All GIMPS users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=app-sci/gimps-23.9-r1"
-    All SETI at home users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=app-sci/setiathome-3.03-r2"
-    All ChessBrain users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=app-sci/chessbrain-20407-r1"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-26] GIMPS, SETI at home, ChessBrain: Insecure installation");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'GIMPS, SETI at home, ChessBrain: Insecure installation');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-sci/gimps", unaffected: make_list("ge 23.9-r1"), vulnerable: make_list("le 23.9")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "app-sci/setiathome", unaffected: make_list("ge 3.08-r4", "rge 3.03-r2"), vulnerable: make_list("le 3.08-r3")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "app-sci/chessbrain", unaffected: make_list("ge 20407-r1"), vulnerable: make_list("le 20407")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-27.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-27.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-27.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,68 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-27.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15768);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-27");
- script_cve_id("CVE-2004-1030", "CVE-2004-1031", "CVE-2004-1032", "CVE-2004-1033");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-27
-(Fcron: Multiple vulnerabilities)
-
-
-    Due to design errors in the fcronsighup program, Fcron may allow a
-    local user to bypass access restrictions (CVE-2004-1031), view the
-    contents of root owned files (CVE-2004-1030), remove arbitrary files or
-    create empty files (CVE-2004-1032), and send a SIGHUP to any process. A
-    vulnerability also exists in fcrontab which may allow local users to
-    view the contents of fcron.allow and fcron.deny (CVE-2004-1033).
-  
-Impact
-
-    A local attacker could exploit these vulnerabilities to perform a
-    Denial of Service on the system running Fcron.
-  
-Workaround
-
-    Make sure the fcronsighup and fcrontab binaries are only
-    executable by trusted users.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1030
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1031
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1032
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1033
-
-
-Solution: 
-    All Fcron users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=sys-apps/fcron-2.0.2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-27] Fcron: Multiple vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Fcron: Multiple vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-apps/fcron", unaffected: make_list("rge 2.0.2", "ge 2.9.5.1"), vulnerable: make_list("le 2.9.5")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-28.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-28.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-28.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,66 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-28.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15776);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-28");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-28
-(X.Org, XFree86: libXpm vulnerabilities)
-
-
-    Several issues were discovered in libXpm, including integer
-    overflows, out-of-bounds memory accesses, insecure path traversal and
-    an endless loop.
-  
-Impact
-
-    An attacker could craft a malicious pixmap file and entice a user
-    to use it with an application linked against libXpm. This could lead to
-    Denial of Service or arbitrary code execution.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0914
-
-
-Solution: 
-    All X.Org users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=x11-base/xorg-x11-6.7.0-r3"
-    All XFree86 users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=x11-base/xfree-x11-4.3.0-r8"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-28] X.Org, XFree86: libXpm vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'X.Org, XFree86: libXpm vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "x11-base/xorg-x11", unaffected: make_list("ge 6.8.0-r3", "rge 6.7.0-r3"), vulnerable: make_list("lt 6.8.0-r3")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "x11-base/xfree", unaffected: make_list("ge 4.3.0-r8"), vulnerable: make_list("lt 4.3.0-r8")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-29.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-29.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-29.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,65 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-29.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15777);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-29");
- script_cve_id("CVE-2004-0947", "CVE-2004-1027");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-29
-(unarj: Long filenames buffer overflow and a path traversal vulnerability)
-
-
-    unarj has a bounds checking vulnerability within the handling of
-    long filenames in archives. It also fails to properly sanitize paths
-    when extracting an archive (if the "x" option is used to preserve
-    paths).
-  
-Impact
-
-    An attacker could trigger a buffer overflow or a path traversal by
-    enticing a user to open an archive containing specially-crafted path
-    names, potentially resulting in the overwrite of files or execution of
-    arbitrary code with the permissions of the user running unarj.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0947
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1027
-
-
-Solution: 
-    All unarj users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=app-arch/unarj-2.63a-r2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-29] unarj: Long filenames buffer overflow and a path traversal vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'unarj: Long filenames buffer overflow and a path traversal vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-arch/unarj", unaffected: make_list("ge 2.63a-r2"), vulnerable: make_list("lt 2.63a-r2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-30.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-30.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-30.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-30.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15792);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-30");
- script_cve_id("CVE-2004-0888");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-30
-(pdftohtml: Vulnerabilities in included Xpdf)
-
-
-    Xpdf is vulnerable to multiple integer overflows, as described in
-    GLSA 200410-20.
-  
-Impact
-
-    An attacker could entice a user to convert a specially-crafted PDF
-    file, potentially resulting in execution of arbitrary code with the
-    rights of the user running pdftohtml.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0888
-
-
-Solution: 
-    All pdftohtml users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=app-text/pdftohtml-0.36-r1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-30] pdftohtml: Vulnerabilities in included Xpdf");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'pdftohtml: Vulnerabilities in included Xpdf');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-text/pdftohtml", unaffected: make_list("ge 0.36-r1"), vulnerable: make_list("le 0.36")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-31.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-31.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-31.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,61 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-31.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15818);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-31");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-31
-(ProZilla: Multiple vulnerabilities)
-
-
-    ProZilla contains several exploitable buffer overflows in the code
-    handling the network protocols.
-  
-Impact
-
-    A remote attacker could setup a malicious server and entice a user to
-    retrieve files from that server using ProZilla. This could lead to the
-    execution of arbitrary code with the rights of the user running
-    ProZilla.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-
-Solution: 
-    Currently, there is no released version of ProZilla that contains a fix
-    for these issues. The original author did not respond to our queries,
-    the code contains several other problems and more secure alternatives
-    exist. Therefore, the ProZilla package has been hard-masked prior to
-    complete removal from Portage, and current users are advised to unmerge
-    the package.
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-31] ProZilla: Multiple vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'ProZilla: Multiple vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "www-client/prozilla", unaffected: make_list(), vulnerable: make_list("le 1.3.7.3")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-32.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-32.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-32.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,87 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-32.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15826);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-32");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-32
-(phpBB: Remote command execution)
-
-
-    phpBB contains a vulnerability in the highlighting code and
-    several vulnerabilities in the username handling code.
-  
-Impact
-
-    An attacker can exploit the highlighting vulnerability to access
-    the PHP exec() function without restriction, allowing them to run
-    arbitrary commands with the rights of the web server user (for example
-    the apache user). Furthermore, the username handling vulnerability
-    might be abused to execute SQL statements on the phpBB database.
-  
-Workaround
-
-    There is a one-line patch which will remediate the remote
-    execution vulnerability.
-    Locate the following block of code in
-    viewtopic.php:
-    //
-    // Was a highlight request part of the URI?
-    //
-    $highlight_match = $highlight = \'\';
-    if (isset($HTTP_GET_VARS[\'highlight\']))
-    {
-       // Split words and phrases
-       $words = explode(\' \', trim(htmlspecialchars(urldecode($HTTP_GET_VARS[\'highlight\']))));
-       for($i = 0; $i < sizeof($words); $i++)
-       {
-    Replace with the following:
-    //
-    // Was a highlight request part of the URI?
-    //
-    $highlight_match = $highlight = \'\';
-    if (isset($HTTP_GET_VARS[\'highlight\']))
-    {
-       // Split words and phrases
-       $words = explode(\' \', trim(htmlspecialchars($HTTP_GET_VARS[\'highlight\'])));
-       for($i = 0; $i < sizeof($words); $i++)
-       {
-  
-References:
-    http://www.phpbb.com/phpBB/viewtopic.php?t=240513
-
-
-Solution: 
-    All phpBB users should upgrade to the latest version to fix all
-    known vulnerabilities:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=www-apps/phpbb-2.0.11"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-32] phpBB: Remote command execution");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'phpBB: Remote command execution');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "www-apps/phpbb", unaffected: make_list("ge 2.0.11"), vulnerable: make_list("le 2.0.10")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-33.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-33.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-33.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-33.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15827);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-33");
- script_cve_id("CVE-2004-1037");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-33
-(TWiki: Arbitrary command execution)
-
-
-    The TWiki search function, which uses a shell command executed via
-    the Perl backtick operator, does not properly escape shell
-    metacharacters in the user-provided search string.
-  
-Impact
-
-    An attacker can insert malicious commands into a search request,
-    allowing the execution of arbitrary commands with the privileges of the
-    user running TWiki (usually the Web server user).
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://twiki.org/cgi-bin/view/Codev/SecurityAlertExecuteCommandsWithSearch
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1037
-
-
-Solution: 
-    All TWiki users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=www-apps/twiki-20040902"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-33] TWiki: Arbitrary command execution");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'TWiki: Arbitrary command execution');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "www-apps/twiki", unaffected: make_list("ge 20040902 "), vulnerable: make_list("lt 20040902 ")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-34.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-34.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-34.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,67 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-34.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15833);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-34");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-34
-(Cyrus IMAP Server: Multiple remote vulnerabilities)
-
-
-    Multiple vulnerabilities have been discovered in the argument
-    parsers of the \'partial\' and \'fetch\' commands of the Cyrus IMAP Server
-    (CVE-2004-1012, CVE-2004-1013). There are also buffer overflows in the
-    \'imap magic plus\' code that are vulnerable to exploitation as well
-    (CVE-2004-1011, CVE-2004-1015).
-  
-Impact
-
-    An attacker can exploit these vulnerabilities to execute arbitrary
-    code with the rights of the user running the Cyrus IMAP Server.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1011
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1012
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1013
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1015
-    http://security.e-matters.de/advisories/152004.html
-    http://asg.web.cmu.edu/cyrus/download/imapd/changes.html
-
-
-Solution: 
-    All Cyrus-IMAP Server users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=net-mail/cyrus-imapd-2.2.10"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-34] Cyrus IMAP Server: Multiple remote vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Cyrus IMAP Server: Multiple remote vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-mail/cyrus-imapd", unaffected: make_list("ge 2.2.10"), vulnerable: make_list("lt 2.2.10")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-35.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-35.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-35.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,62 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-35.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15837);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-35");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-35
-(phpWebSite: HTTP response splitting vulnerability)
-
-
-    Due to lack of proper input validation, phpWebSite has been found to be
-    vulnerable to HTTP response splitting attacks.
-  
-Impact
-
-    A malicious user could inject arbitrary response data, leading to
-    content spoofing, web cache poisoning and other cross-site scripting or
-    HTTP response splitting attacks. This could result in compromising the
-    victim\'s data or browser.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.securityfocus.com/archive/1/380894
-    http://phpwebsite.appstate.edu/index.php?module=announce&ANN_user_op=view&ANN_id=863
-
-
-Solution: 
-    All phpWebSite users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=www-apps/phpwebsite-0.9.3_p4-r2"
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-35] phpWebSite: HTTP response splitting vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'phpWebSite: HTTP response splitting vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "www-apps/phpwebsite", unaffected: make_list("ge 0.9.3_p4-r2"), vulnerable: make_list("lt 0.9.3_p4-r2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-36.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-36.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-36.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,66 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-36.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15840);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-36");
- script_cve_id("CVE-2004-1055");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-36
-(phpMyAdmin: Multiple XSS vulnerabilities)
-
-
-    Cedric Cochin has discovered multiple cross-site scripting
-    vulnerabilities in phpMyAdmin. These vulnerabilities can be exploited
-    through the PmaAbsoluteUri parameter, the zero_rows parameter in
-    read_dump.php, the confirm form, or an error message generated by the
-    internal phpMyAdmin parser.
-  
-Impact
-
-    By sending a specially-crafted request, an attacker can inject and
-    execute malicious script code, potentially compromising the victim\'s
-    browser.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1055
-    http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-3
-    http://www.netvigilance.com/html/advisory0005.htm
-
-
-Solution: 
-    All phpMyAdmin users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=dev-db/phpmyadmin-2.6.0_p3"
-  
-
-Risk factor : Low
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-36] phpMyAdmin: Multiple XSS vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'phpMyAdmin: Multiple XSS vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-db/phpmyadmin", unaffected: make_list("ge 2.6.0_p3"), vulnerable: make_list("lt 2.6.0_p3")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-37.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-37.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-37.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,59 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-37.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15843);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-37");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-37
-(Open DC Hub: Remote code execution)
-
-
-    Donato Ferrante discovered a buffer overflow vulnerability in the
-    RedirectAll command of the Open DC Hub.
-  
-Impact
-
-    Upon exploitation, a remote user with administrative privileges
-    can execute arbitrary code on the system running the Open DC Hub.
-  
-Workaround
-
-    Only give administrative rights to trusted users.
-  
-References:
-    http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1115.html
-
-
-Solution: 
-    All Open DC Hub users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=net-p2p/opendchub-0.7.14-r2"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-37] Open DC Hub: Remote code execution");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Open DC Hub: Remote code execution');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-p2p/opendchub", unaffected: make_list("ge 0.7.14-r2"), vulnerable: make_list("lt 0.7.14-r2")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200411-38.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200411-38.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200411-38.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,82 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200411-38.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15846);
- if(defined_func("script_xref"))script_xref(name:"IAVA", value:"2004-b-0015");
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200411-38");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200411-38
-(Sun and Blackdown Java: Applet privilege escalation)
-
-
-    All Java plug-ins are subject to a vulnerability allowing
-    unrestricted Java package access.
-  
-Impact
-
-    A remote attacker could embed a malicious Java applet in a web
-    page and entice a victim to view it. This applet can then bypass
-    security restrictions and execute any command or access any file with
-    the rights of the user running the web browser.
-  
-Workaround
-
-    As a workaround you could disable Java applets on your web
-    browser.
-  
-References:
-    http://www.idefense.com/application/poi/display?id=158&type=vulnerabilities
-    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1029
-    http://www.blackdown.org/java-linux/java2-status/security/Blackdown-SA-2004-01.txt
-
-
-Solution: 
-    All Sun JDK users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=dev-java/sun-jdk-1.4.2.06"
-    All Sun JRE users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=dev-java/sun-jre-bin-1.4.2.06"
-    All Blackdown JDK users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=dev-java/blackdown-jdk-1.4.2.01"
-    All Blackdown JRE users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=dev-java/blackdown-jre-1.4.2.01"
-    Note: You should unmerge all vulnerable versions to be fully
-    protected.
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200411-38] Sun and Blackdown Java: Applet privilege escalation");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Sun and Blackdown Java: Applet privilege escalation');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-java/sun-jre-bin", arch: "x86,amd64", unaffected: make_list("ge 1.4.2.06"), vulnerable: make_list("lt 1.4.2.06")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "dev-java/blackdown-jdk", arch: "x86,amd64", unaffected: make_list("ge 1.4.2.01"), vulnerable: make_list("lt 1.4.2.01")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "dev-java/sun-jdk", arch: "x86,amd64", unaffected: make_list("ge 1.4.2.06"), vulnerable: make_list("lt 1.4.2.06")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "dev-java/blackdown-jre", arch: "x86,amd64", unaffected: make_list("ge 1.4.2.01"), vulnerable: make_list("lt 1.4.2.01")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200412-01.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200412-01.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200412-01.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,67 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200412-01.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15903);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200412-01");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200412-01
-(rssh, scponly: Unrestricted command execution)
-
-
-    Jason Wies discovered that when receiving an authorized command from an
-    authorized user, rssh and scponly do not filter command-line options
-    that can be used to execute any command on the target host.
-  
-Impact
-
-    Using a malicious command, it is possible for a remote authenticated
-    user to execute any command (or upload and execute any file) on the
-    target machine with user rights, effectively bypassing any restriction
-    of scponly or rssh.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.securityfocus.com/archive/1/383046/2004-11-30/2004-12-06/0
-
-
-Solution: 
-    All scponly users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=net-misc/scponly-4.0"
-    All rssh users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=app-shells/rssh/rssh-2.2.3"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200412-01] rssh, scponly: Unrestricted command execution");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'rssh, scponly: Unrestricted command execution');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-misc/scponly", unaffected: make_list("ge 4.0"), vulnerable: make_list("lt 4.0")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "app-shells/rssh", unaffected: make_list("ge 2.2.3"), vulnerable: make_list("le 2.2.2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200412-02.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200412-02.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200412-02.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,66 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200412-02.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15906);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200412-02");
- script_cve_id("CVE-2004-0803", "CVE-2004-0804", "CVE-2004-0886");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200412-02
-(PDFlib: Multiple overflows in the included TIFF library)
-
-
-    The TIFF library is subject to several known vulnerabilities (see
-    GLSA 200410-11). Most of these overflows also apply to PDFlib.
-  
-Impact
-
-    A remote attacker could entice a user or web application to
-    process a carefully crafted PDF file or TIFF image using a
-    PDFlib-powered program. This can potentially lead to the execution of
-    arbitrary code with the rights of the program processing the file.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.pdflib.com/products/pdflib/info/PDFlib-5.0.4p1-changes.txt
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0803
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0804
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0886
-    http://www.gentoo.org/security/en/glsa/glsa-200410-11.xml
-
-
-Solution: 
-    All PDFlib users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=media-libs/pdflib-5.0.4_p1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200412-02] PDFlib: Multiple overflows in the included TIFF library");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'PDFlib: Multiple overflows in the included TIFF library');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-libs/pdflib", unaffected: make_list("ge 5.0.4_p1"), vulnerable: make_list("lt 5.0.4_p1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200412-03.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200412-03.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200412-03.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200412-03.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15913);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200412-03");
- script_cve_id("CVE-2004-1026");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200412-03
-(imlib: Buffer overflows in image decoding)
-
-
-    Pavel Kankovsky discovered that several overflows found in the
-    libXpm library (see GLSA 200409-34) also applied to imlib. He also
-    fixed a number of other potential flaws.
-  
-Impact
-
-    A remote attacker could entice a user to view a carefully-crafted
-    image file, which would potentially lead to execution of arbitrary code
-    with the rights of the user viewing the image. This affects any program
-    that makes use of the imlib library.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.gentoo.org/security/en/glsa/glsa-200409-34.xml
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1026
-
-
-Solution: 
-    All imlib users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=media-libs/imlib-1.9.14-r3"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200412-03] imlib: Buffer overflows in image decoding");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'imlib: Buffer overflows in image decoding');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "media-libs/imlib", unaffected: make_list("ge 1.9.14-r3"), vulnerable: make_list("le 1.9.14-r2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200412-04.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200412-04.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200412-04.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200412-04.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15921);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200412-04");
- script_cve_id("CVE-2004-0976");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200412-04
-(Perl: Insecure temporary file creation)
-
-
-    Some Perl modules create temporary files in world-writable
-    directories with predictable names.
-  
-Impact
-
-    A local attacker could create symbolic links in the temporary
-    files directory, pointing to a valid file somewhere on the filesystem.
-    When a Perl script is executed, this would result in the file being
-    overwritten with the rights of the user running the utility, which
-    could be the root user.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0976
-    http://www.trustix.org/errata/2004/0050/
-
-
-Solution: 
-    All Perl users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=perl-5.8.5-r2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200412-04] Perl: Insecure temporary file creation");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Perl: Insecure temporary file creation');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-lang/perl", unaffected: make_list("rge 5.8.5-r2", "ge 5.8.6-r1"), vulnerable: make_list("lt 5.8.5-r2", "eq 5.8.6")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200412-05.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200412-05.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200412-05.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,59 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200412-05.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15922);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200412-05");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200412-05
-(mirrorselect: Insecure temporary file creation)
-
-
-    Ervin Nemeth discovered that mirrorselect creates temporary files in
-    world-writable directories with predictable names.
-  
-Impact
-
-    A local attacker could create symbolic links in the temporary files
-    directory, pointing to a valid file somewhere on the filesystem. When
-    mirrorselect is executed, this would result in the file being
-    overwritten with the rights of the user running the utility, which
-    could be the root user.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-
-Solution: 
-    All mirrorselect users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=app-portage/mirrorselect-0.89"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200412-05] mirrorselect: Insecure temporary file creation");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'mirrorselect: Insecure temporary file creation');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-portage/mirrorselect", unaffected: make_list("ge 0.89"), vulnerable: make_list("lt 0.89")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200412-06.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200412-06.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200412-06.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,61 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200412-06.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15933);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200412-06");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200412-06
-(PHProjekt: setup.php vulnerability)
-
-
-    Martin Muench, from it.sec, found a flaw in the setup.php file.
-  
-Impact
-
-    Successful exploitation of the flaw allows a remote attacker
-    without admin rights to make unauthorized changes to PHProjekt
-    configuration.
-  
-Workaround
-
-    As a workaround, you could replace the existing setup.php file in
-    PHProjekt root directory by the one provided on the PHProjekt Advisory
-    (see References).
-  
-References:
-    http://www.phprojekt.com/modules.php?op=modload&name=News&file=article&sid=189&mode=thread&order=0
-
-
-Solution: 
-    All PHProjekt users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=www-apps/phprojekt-4.2-r1"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200412-06] PHProjekt: setup.php vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'PHProjekt: setup.php vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "www-apps/phprojekt", unaffected: make_list("ge 4.2-r1"), vulnerable: make_list("lt 4.2-r1")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200412-07.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200412-07.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200412-07.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,60 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200412-07.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15954);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200412-07");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200412-07
-(file: Arbitrary code execution)
-
-
-    A possible stack overflow has been found in the ELF header parsing
-    code of file.
-  
-Impact
-
-    An attacker may be able to create a specially crafted ELF file
-    which, when processed with file, may allow the execution of arbitrary
-    code.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://securitytracker.com/id?1012433
-
-
-Solution: 
-    All file users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=sys-apps/file-4.12"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200412-07] file: Arbitrary code execution");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'file: Arbitrary code execution');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "sys-apps/file", unaffected: make_list("ge 4.12"), vulnerable: make_list("lt 4.12")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200412-08.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200412-08.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200412-08.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,65 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200412-08.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15955);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200412-08");
- script_cve_id("CVE-2004-0946", "CVE-2004-1014");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200412-08
-(nfs-utils: Multiple remote vulnerabilities)
-
-
-    Arjan van de Ven has discovered a buffer overflow on 64-bit
-    architectures in \'rquota_server.c\' of nfs-utils (CVE-2004-0946). A
-    remotely exploitable flaw on all architectures also exists in the
-    \'statd.c\' file of nfs-utils (CVE-2004-1014), which can be triggered by
-    a mishandled SIGPIPE.
-  
-Impact
-
-    A remote attacker could potentially cause a Denial of Service, or
-    even execute arbitrary code (64-bit architectures only) on a remote NFS
-    server.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0946
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1014
-
-
-Solution: 
-    All nfs-utils users should upgarde to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=net-fs/nfs-utils-1.0.6-r6"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200412-08] nfs-utils: Multiple remote vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'nfs-utils: Multiple remote vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-fs/nfs-utils", unaffected: make_list("ge 1.0.6-r6"), vulnerable: make_list("lt 1.0.6-r6")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200412-09.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200412-09.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200412-09.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,63 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200412-09.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15969);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200412-09");
- script_cve_id("CVE-2004-1079");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200412-09
-(ncpfs: Buffer overflow in ncplogin and ncpmap)
-
-
-    Karol Wiesek discovered a buffer overflow in the handling of the
-    \'-T\' option in the ncplogin and ncpmap utilities, which are both
-    installed as SUID root by default.
-  
-Impact
-
-    A local attacker could trigger the buffer overflow by calling one
-    of these utilities with a carefully crafted command line, potentially
-    resulting in execution of arbitrary code with root privileges.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://lists.netsys.com/pipermail/full-disclosure/2004-November/029563.html
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1079
-
-
-Solution: 
-    All ncpfs users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=net-fs/ncpfs-2.2.5"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200412-09] ncpfs: Buffer overflow in ncplogin and ncpmap");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'ncpfs: Buffer overflow in ncplogin and ncpmap');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-fs/ncpfs", unaffected: make_list("ge 2.2.5"), vulnerable: make_list("lt 2.2.5")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200412-10.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200412-10.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200412-10.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,70 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200412-10.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15971);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200412-10");
- script_cve_id("CVE-2004-1138");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200412-10
-(Vim, gVim: Vulnerable options in modelines)
-
-
-    Gentoo\'s Vim maintainer, Ciaran McCreesh, found several
-    vulnerabilities related to the use of options in Vim modelines. Options
-    like \'termcap\', \'printdevice\', \'titleold\', \'filetype\', \'syntax\',
-    \'backupext\', \'keymap\', \'patchmode\' or \'langmenu\' could be abused.
-  
-Impact
-
-    A local attacker could write a malicious file in a world readable
-    location which, when opened in a modeline-enabled Vim, could trigger
-    arbitrary commands with the rights of the user opening the file,
-    resulting in privilege escalation. Please note that modelines are
-    disabled by default in the /etc/vimrc file provided in Gentoo.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1138
-
-
-Solution: 
-    All Vim users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=app-editors/vim-6.3-r2"
-    All gVim users should also upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=app-editors/gvim-6.3-r2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200412-10] Vim, gVim: Vulnerable options in modelines");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Vim, gVim: Vulnerable options in modelines');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-editors/vim", unaffected: make_list("ge 6.3-r2"), vulnerable: make_list("lt 6.3-r2")
-)) { security_warning(0); exit(0); }
-if (qpkg_check(package: "app-editors/gvim", unaffected: make_list("ge 6.3-r2"), vulnerable: make_list("lt 6.3-r2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200412-11.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200412-11.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200412-11.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,64 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200412-11.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15989);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200412-11");
- script_cve_id("CVE-2004-0996");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200412-11
-(Cscope: Insecure creation of temporary files)
-
-
-    Cscope creates temporary files in world-writable directories with
-    predictable names.
-  
-Impact
-
-    A local attacker could create symbolic links in the temporary
-    files directory, pointing to a valid file somewhere on the filesystem.
-    When Cscope is executed, this would result in the file being
-    overwritten with the rights of the user running the utility, which
-    could be the root user.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0996
-    http://www.securityfocus.com/archive/1/381443
-
-
-Solution: 
-    All Cscope users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=dev-util/cscope-15.5-r2"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200412-11] Cscope: Insecure creation of temporary files");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Cscope: Insecure creation of temporary files');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-util/cscope", unaffected: make_list("ge 15.5-r2"), vulnerable: make_list("lt 15.5-r2")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200412-12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200412-12.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200412-12.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,66 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200412-12.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15993);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200412-12");
- script_cve_id("CVE-2004-1152");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200412-12
-(Adobe Acrobat Reader: Buffer overflow vulnerability)
-
-
-    A buffer overflow has been discovered in the email processing of
-    Adobe Acrobat Reader. This flaw exists in the mailListIsPdf function,
-    which checks if the input file is an email message containing a PDF
-    file.
-  
-Impact
-
-    A remote attacker could send the victim a specially-crafted email
-    and PDF attachment, which would trigger the buffer overflow and
-    possibly lead to the execution of arbitrary code with the permissions
-    of the user running Adobe Acrobat Reader.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1152
-    http://www.adobe.com/support/techdocs/331153.html
-
-
-Solution: 
-    All Adobe Acrobat Reader users should upgrade to the latest
-    version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=app-text/acroread-5.10"
-  
-
-Risk factor : Medium
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200412-12] Adobe Acrobat Reader: Buffer overflow vulnerability");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Adobe Acrobat Reader: Buffer overflow vulnerability');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "app-text/acroread", unaffected: make_list("ge 5.10"), vulnerable: make_list("lt 5.10")
-)) { security_warning(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200412-13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200412-13.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200412-13.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,61 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200412-13.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(15997);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200412-13");
- script_cve_id("CVE-2004-1154");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200412-13
-(Samba: Integer overflow)
-
-
-    Samba contains a bug when unmarshalling specific MS-RPC requests from
-    clients.
-  
-Impact
-
-    A remote attacker may be able to execute arbitrary code with the
-    permissions of the user running Samba, which could be the root user.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1154
-    http://www.samba.org/samba/security/CAN-2004-1154.html
-
-
-Solution: 
-    All samba users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=net-fs/samba-3.0.9-r1"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200412-13] Samba: Integer overflow");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'Samba: Integer overflow');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "net-fs/samba", unaffected: make_list("ge 3.0.9-r1"), vulnerable: make_list("le 3.0.9")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200412-14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200412-14.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200412-14.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,89 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200412-14.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(16001);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200412-14");
- script_cve_id("CVE-2004-1019", "CVE-2004-1065");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200412-14
-(PHP: Multiple vulnerabilities)
-
-
-    Stefan Esser and Marcus Boerger reported several different issues
-    in the unserialize() function, including serious exploitable bugs in
-    the way it handles negative references (CVE-2004-1019).
-    Stefan
-    Esser also discovered that the pack() and unpack() functions are
-    subject to integer overflows that can lead to a heap buffer overflow
-    and a heap information leak. Finally, he found that the way
-    multithreaded PHP handles safe_mode_exec_dir restrictions can be
-    bypassed, and that various path truncation issues also allow to bypass
-    path and safe_mode restrictions.
-    Ilia Alshanetsky found a
-    stack overflow issue in the exif_read_data() function (CVE-2004-1065).
-    Finally, Daniel Fabian found that addslashes and magic_quotes_gpc do
-    not properly escape null characters and that magic_quotes_gpc contains
-    a bug that could lead to one level directory traversal.
-  
-Impact
-
-    These issues could be exploited by a remote attacker to retrieve
-    web server heap information, bypass safe_mode or path restrictions and
-    potentially execute arbitrary code with the rights of the web server
-    running a PHP application.
-  
-Workaround
-
-    There is no known workaround at this time.
-  
-References:
-    http://www.php.net/release_4_3_10.php
-    http://www.hardened-php.net/advisories/012004.txt
-    http://www.securityfocus.com/archive/1/384663/2004-12-15/2004-12-21/0
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1019
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1065
-
-
-Solution: 
-    All PHP users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=dev-php/php-4.3.10"
-    All mod_php users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=dev-php/mod_php-4.3.10"
-    All php-cgi users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbose ">=dev-php/php-cgi-4.3.10"
-  
-
-Risk factor : High
-';
- script_description(english: desc);
- script_copyright(english: "(C) 2005 Michel Arboi <mikhail at nessus.org>");
- script_name(english: "[GLSA-200412-14] PHP: Multiple vulnerabilities");
- script_category(ACT_GATHER_INFO);
- script_family(english: "Gentoo Local Security Checks");
- script_dependencies("ssh_get_info.nasl");
- script_require_keys('Host/Gentoo/qpkg-list');
- script_summary(english: 'PHP: Multiple vulnerabilities');
- exit(0);
-}
-
-include('qpkg.inc');
-if (qpkg_check(package: "dev-php/mod_php", unaffected: make_list("ge 4.3.10"), vulnerable: make_list("lt 4.3.10")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "dev-php/php", unaffected: make_list("ge 4.3.10"), vulnerable: make_list("lt 4.3.10")
-)) { security_hole(0); exit(0); }
-if (qpkg_check(package: "dev-php/php-cgi", unaffected: make_list("ge 4.3.10"), vulnerable: make_list("lt 4.3.10")
-)) { security_hole(0); exit(0); }

Deleted: trunk/openvas-plugins/scripts/gentoo_GLSA-200412-15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gentoo_GLSA-200412-15.nasl	2008-09-24 15:42:31 UTC (rev 1421)
+++ trunk/openvas-plugins/scripts/gentoo_GLSA-200412-15.nasl	2008-09-24 19:14:03 UTC (rev 1422)
@@ -1,78 +0,0 @@
-# This script was automatically generated from 
-#  http://www.gentoo.org/security/en/glsa/glsa-200412-15.xml
-# It is released under the Nessus Script Licence.
-# The messages are release under the Creative Commons - Attribution /
-# Share Alike license. See http://creativecommons.org/licenses/by-sa/2.0/
-#
-# Avisory is copyright 2001-2005 Gentoo Foundation, Inc.
-# GLSA2nasl Convertor is copyright 2004 Michel Arboi <mikhail at nessus.org>
-
-if (! defined_func('bn_random')) exit(0);
-
-if (description)
-{
- script_id(16002);
- script_version("$Revision$");
- script_xref(name: "GLSA", value: "200412-15");
- script_cve_id("CVE-2004-1139", "CVE-2004-1140", "CVE-2004-1141", "CVE-2004-1142");
-
- desc = 'The remote host is affected by the vulnerability described in GLSA-200412-15
-(Ethereal: Multiple vulnerabilities)
-
-
-    There are multiple vulnerabilities in versions of Ethereal earlier
-    than 0.10.8, including:
-    Bug in DICOM dissection
-    discovered by Bing could make Ethereal crash (CAN 2004-1139).
-    An invalid RTP timestamp could make Ethereal hang and create a
-    large temporary file (CAN 2004-1140).
-    The HTTP dissector could
-    access previously-freed memory (CAN 2004-1141).
-    Brian Caswell
-    discovered that an improperly formatted SMB could make Ethereal hang
-    (CAN 2004-1142).
-  
-Impact
-
-    An attacker might be able to use these vulnerabilities to crash
-    Ethereal, perform DoS by CPU and disk space utilization or even execute
-    arbitrary code with the permissions of the user running Ethereal, which
-    could be the root user.
-  
-Workaround
-
-    For a temporary workaround you can disable all affected protocol
-    dissectors by selecting Analyze->Enabled Protocols... and deselecting
-    them from the list. However, it is strongly recommended to upgrade to
-    the latest stable version.
-  
-References:
-    http://www.ethereal.com/appnotes/enpa-sa-00016.html
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1139
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1140
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1141
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1142
-
-
-Solution: 
-    All ethereal users should upgrade to the latest version:
-    # emerge --sync
-    # emerge --ask --oneshot --verbos