[Openvas-commits] r3147 - in trunk/openvas-plugins: . scripts
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Mon Apr 20 23:45:20 CEST 2009
Author: reinke
Date: 2009-04-20 23:45:17 +0200 (Mon, 20 Apr 2009)
New Revision: 3147
Added:
trunk/openvas-plugins/scripts/RHSA_2009_0427.nasl
trunk/openvas-plugins/scripts/RHSA_2009_0428.nasl
trunk/openvas-plugins/scripts/RHSA_2009_0429.nasl
trunk/openvas-plugins/scripts/RHSA_2009_0430.nasl
trunk/openvas-plugins/scripts/RHSA_2009_0431.nasl
trunk/openvas-plugins/scripts/deb_1771_1.nasl
trunk/openvas-plugins/scripts/deb_1772_1.nasl
trunk/openvas-plugins/scripts/deb_1773_1.nasl
trunk/openvas-plugins/scripts/deb_1774_1.nasl
trunk/openvas-plugins/scripts/fcore_2009_3692.nasl
trunk/openvas-plugins/scripts/fcore_2009_3700.nasl
trunk/openvas-plugins/scripts/fcore_2009_3709.nasl
trunk/openvas-plugins/scripts/fcore_2009_3710.nasl
trunk/openvas-plugins/scripts/fcore_2009_3711.nasl
trunk/openvas-plugins/scripts/fcore_2009_3712.nasl
trunk/openvas-plugins/scripts/fcore_2009_3720.nasl
trunk/openvas-plugins/scripts/fcore_2009_3740.nasl
trunk/openvas-plugins/scripts/freebsd_ejabberd.nasl
trunk/openvas-plugins/scripts/freebsd_freetype22.nasl
trunk/openvas-plugins/scripts/freebsd_phpMyAdmin18.nasl
trunk/openvas-plugins/scripts/freebsd_poppler0.nasl
trunk/openvas-plugins/scripts/freebsd_xpdf3.nasl
trunk/openvas-plugins/scripts/freebsd_ziproxy.nasl
trunk/openvas-plugins/scripts/glsa_200904_13.nasl
trunk/openvas-plugins/scripts/glsa_200904_14.nasl
trunk/openvas-plugins/scripts/glsa_200904_15.nasl
trunk/openvas-plugins/scripts/glsa_200904_16.nasl
trunk/openvas-plugins/scripts/glsa_200904_17.nasl
trunk/openvas-plugins/scripts/glsa_200904_18.nasl
trunk/openvas-plugins/scripts/glsa_200904_19.nasl
trunk/openvas-plugins/scripts/suse_sa_2009_020.nasl
trunk/openvas-plugins/scripts/suse_sa_2009_021.nasl
trunk/openvas-plugins/scripts/suse_sa_2009_022.nasl
trunk/openvas-plugins/scripts/suse_sa_2009_023.nasl
trunk/openvas-plugins/scripts/ubuntu_757_1.nasl
trunk/openvas-plugins/scripts/ubuntu_758_1.nasl
trunk/openvas-plugins/scripts/ubuntu_759_1.nasl
trunk/openvas-plugins/scripts/ubuntu_760_1.nasl
Modified:
trunk/openvas-plugins/ChangeLog
Log:
New scripts added
Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/ChangeLog 2009-04-20 21:45:17 UTC (rev 3147)
@@ -1,3 +1,19 @@
+2009-04-15 Thomas Reinke <reinke at securityspace.com>
+ * fcore_2009_3692.nasl fcore_2009_3700.nasl fcore_2009_3709.nasl
+ fcore_2009_3710.nasl fcore_2009_3711.nasl fcore_2009_3712.nasl
+ fcore_2009_3720.nasl fcore_2009_3740.nasl RHSA_2009_0427.nasl
+ RHSA_2009_0428.nasl RHSA_2009_0429.nasl RHSA_2009_0430.nasl
+ RHSA_2009_0431.nasl suse_sa_2009_020.nasl suse_sa_2009_021.nasl
+ suse_sa_2009_022.nasl suse_sa_2009_023.nasl ubuntu_757_1.nasl
+ ubuntu_758_1.nasl ubuntu_759_1.nasl ubuntu_760_1.nasl
+ glsa_200904_13.nasl glsa_200904_14.nasl glsa_200904_15.nasl
+ glsa_200904_16.nasl glsa_200904_17.nasl glsa_200904_18.nasl
+ glsa_200904_19.nasl freebsd_ejabberd.nasl freebsd_freetype22.nasl
+ freebsd_phpMyAdmin18.nasl freebsd_poppler0.nasl freebsd_xpdf3.nasl
+ freebsd_ziproxy.nasl deb_1771_1.nasl deb_1772_1.nasl deb_1773_1.nasl
+ deb_1774_1.nasl
+ New Scripts
+
2009-04-20 Christian Eric Edjenguele <christian.edjenguele at owasp.org>
* scripts/remote-detect-ApacheOfbiz.nasl:
Minors changes, modified request, added a loop
Added: trunk/openvas-plugins/scripts/RHSA_2009_0427.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RHSA_2009_0427.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/RHSA_2009_0427.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,106 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory RHSA-2009:0427 ()
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63828);
+ script_cve_id("CVE-2009-1185");
+ script_version ("$");
+ name["english"] = "RedHat Security Advisory RHSA-2009:0427";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing updates announced in
+advisory RHSA-2009:0427.
+
+udev provides a user-space API and implements a dynamic device directory,
+providing only the devices present on the system. udev replaces devfs in
+order to provide greater hot plug functionality. Netlink is a datagram
+oriented service, used to transfer information between kernel modules and
+user-space processes.
+
+It was discovered that udev did not properly check the origin of Netlink
+messages. A local attacker could use this flaw to gain root privileges via
+a crafted Netlink message sent to udev, causing it to create a
+world-writable block device file for an existing system block device (for
+example, the root file system). (CVE-2009-1185)
+
+Red Hat would like to thank Sebastian Krahmer of the SUSE Security Team for
+responsibly reporting this flaw.
+
+Users of udev are advised to upgrade to these updated packages, which
+contain a backported patch to correct this issue. After installing the
+update, the udevd daemon will be restarted automatically.
+
+Solution:
+Please note that this update is available via
+Red Hat Network. To use Red Hat Network, launch the Red
+Hat Update Agent with the following command: up2date
+
+http://rhn.redhat.com/errata/RHSA-2009-0427.html
+http://www.redhat.com/security/updates/classification/#important
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Redhat Security Advisory RHSA-2009:0427";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Red Hat Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libvolume_id", rpm:"libvolume_id~095~14.20.el5_3", rls:"RHENT_5")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"udev", rpm:"udev~095~14.20.el5_3", rls:"RHENT_5")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"udev-debuginfo", rpm:"udev-debuginfo~095~14.20.el5_3", rls:"RHENT_5")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libvolume_id-devel", rpm:"libvolume_id-devel~095~14.20.el5_3", rls:"RHENT_5")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/RHSA_2009_0428.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RHSA_2009_0428.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/RHSA_2009_0428.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,104 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory RHSA-2009:0428 ()
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63829);
+ script_cve_id("CVE-2009-0163");
+ script_version ("$");
+ name["english"] = "RedHat Security Advisory RHSA-2009:0428";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing updates announced in
+advisory RHSA-2009:0428.
+
+The Common UNIX® Printing System (CUPS) provides a portable printing layer
+for UNIX operating systems.
+
+An integer overflow flaw, leading to a heap-based buffer overflow, was
+discovered in the Tagged Image File Format (TIFF) decoding routines used by
+the CUPS image-converting filters, imagetops and imagetoraster. An
+attacker could create a malicious TIFF file that could, potentially,
+execute arbitrary code as the lp user if the file was printed.
+(CVE-2009-0163)
+
+Red Hat would like to thank Aaron Sigel of the Apple Product Security team
+for responsibly reporting this flaw.
+
+Users of cups are advised to upgrade to these updated packages, which
+contain a backported patch to correct this issue. After installing the
+update, the cupsd daemon will be restarted automatically.
+
+Solution:
+Please note that this update is available via
+Red Hat Network. To use Red Hat Network, launch the Red
+Hat Update Agent with the following command: up2date
+
+http://rhn.redhat.com/errata/RHSA-2009-0428.html
+http://www.redhat.com/security/updates/classification/#moderate
+
+Risk factor : Medium";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Redhat Security Advisory RHSA-2009:0428";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Red Hat Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"cups", rpm:"cups~1.1.17~13.3.58", rls:"RHENT_3")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-debuginfo", rpm:"cups-debuginfo~1.1.17~13.3.58", rls:"RHENT_3")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.17~13.3.58", rls:"RHENT_3")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.17~13.3.58", rls:"RHENT_3")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/RHSA_2009_0429.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RHSA_2009_0429.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/RHSA_2009_0429.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,144 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory RHSA-2009:0429 ()
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63830);
+ script_cve_id("CVE-2009-0146", "CVE-2009-0147", "CVE-2009-0163", "CVE-2009-0166", "CVE-2009-0799", "CVE-2009-0800", "CVE-2009-1179", "CVE-2009-1180", "CVE-2009-1181", "CVE-2009-1182", "CVE-2009-1183");
+ script_version ("$");
+ name["english"] = "RedHat Security Advisory RHSA-2009:0429";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing updates announced in
+advisory RHSA-2009:0429.
+
+The Common UNIX® Printing System (CUPS) provides a portable printing layer
+for UNIX operating systems.
+
+Multiple integer overflow flaws were found in the CUPS JBIG2 decoder. An
+attacker could create a malicious PDF file that would cause CUPS to crash
+or, potentially, execute arbitrary code as the lp user if the file was
+printed. (CVE-2009-0147, CVE-2009-1179)
+
+Multiple buffer overflow flaws were found in the CUPS JBIG2 decoder. An
+attacker could create a malicious PDF file that would cause CUPS to crash
+or, potentially, execute arbitrary code as the lp user if the file was
+printed. (CVE-2009-0146, CVE-2009-1182)
+
+Multiple flaws were found in the CUPS JBIG2 decoder that could lead to the
+freeing of arbitrary memory. An attacker could create a malicious PDF file
+that would cause CUPS to crash or, potentially, execute arbitrary code
+as the lp user if the file was printed. (CVE-2009-0166, CVE-2009-1180)
+
+Multiple input validation flaws were found in the CUPS JBIG2 decoder. An
+attacker could create a malicious PDF file that would cause CUPS to crash
+or, potentially, execute arbitrary code as the lp user if the file was
+printed. (CVE-2009-0800)
+
+An integer overflow flaw, leading to a heap-based buffer overflow, was
+discovered in the Tagged Image File Format (TIFF) decoding routines used by
+the CUPS image-converting filters, imagetops and imagetoraster. An
+attacker could create a malicious TIFF file that could, potentially,
+execute arbitrary code as the lp user if the file was printed.
+(CVE-2009-0163)
+
+Multiple denial of service flaws were found in the CUPS JBIG2 decoder. An
+attacker could create a malicious PDF file that would cause CUPS to crash
+when printed. (CVE-2009-0799, CVE-2009-1181, CVE-2009-1183)
+
+Red Hat would like to thank Aaron Sigel, Braden Thomas and Drew Yao of
+the Apple Product Security team, and Will Dormann of the CERT/CC for
+responsibly reporting these flaws.
+
+Users of cups are advised to upgrade to these updated packages, which
+contain backported patches to correct these issues. After installing the
+update, the cupsd daemon will be restarted automatically.
+
+Solution:
+Please note that this update is available via
+Red Hat Network. To use Red Hat Network, launch the Red
+Hat Update Agent with the following command: up2date
+
+http://rhn.redhat.com/errata/RHSA-2009-0429.html
+http://www.redhat.com/security/updates/classification/#important
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Redhat Security Advisory RHSA-2009:0429";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Red Hat Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"cups", rpm:"cups~1.1.22~0.rc1.9.27.el4_7.5", rls:"RHENT_4")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-debuginfo", rpm:"cups-debuginfo~1.1.22~0.rc1.9.27.el4_7.5", rls:"RHENT_4")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.22~0.rc1.9.27.el4_7.5", rls:"RHENT_4")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.22~0.rc1.9.27.el4_7.5", rls:"RHENT_4")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"cups", rpm:"cups~1.3.7~8.el5_3.4", rls:"RHENT_5")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-debuginfo", rpm:"cups-debuginfo~1.3.7~8.el5_3.4", rls:"RHENT_5")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.3.7~8.el5_3.4", rls:"RHENT_5")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-lpd", rpm:"cups-lpd~1.3.7~8.el5_3.4", rls:"RHENT_5")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.3.7~8.el5_3.4", rls:"RHENT_5")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/RHSA_2009_0430.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RHSA_2009_0430.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/RHSA_2009_0430.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,120 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory RHSA-2009:0430 ()
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63831);
+ script_cve_id("CVE-2009-0146", "CVE-2009-0147", "CVE-2009-0166", "CVE-2009-0799", "CVE-2009-0800", "CVE-2009-1179", "CVE-2009-1180", "CVE-2009-1181", "CVE-2009-1182", "CVE-2009-1183");
+ script_version ("$");
+ name["english"] = "RedHat Security Advisory RHSA-2009:0430";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing updates announced in
+advisory RHSA-2009:0430.
+
+Xpdf is an X Window System based viewer for Portable Document Format (PDF)
+files.
+
+Multiple integer overflow flaws were found in Xpdf's JBIG2 decoder. An
+attacker could create a malicious PDF file that would cause Xpdf to crash
+or, potentially, execute arbitrary code when opened. (CVE-2009-0147,
+CVE-2009-1179)
+
+Multiple buffer overflow flaws were found in Xpdf's JBIG2 decoder. An
+attacker could create a malicious PDF file that would cause Xpdf to crash
+or, potentially, execute arbitrary code when opened. (CVE-2009-0146,
+CVE-2009-1182)
+
+Multiple flaws were found in Xpdf's JBIG2 decoder that could lead to the
+freeing of arbitrary memory. An attacker could create a malicious PDF file
+that would cause Xpdf to crash or, potentially, execute arbitrary code when
+opened. (CVE-2009-0166, CVE-2009-1180)
+
+Multiple input validation flaws were found in Xpdf's JBIG2 decoder. An
+attacker could create a malicious PDF file that would cause Xpdf to crash
+or, potentially, execute arbitrary code when opened. (CVE-2009-0800)
+
+Multiple denial of service flaws were found in Xpdf's JBIG2 decoder. An
+attacker could create a malicious PDF that would cause Xpdf to crash when
+opened. (CVE-2009-0799, CVE-2009-1181, CVE-2009-1183)
+
+Red Hat would like to thank Braden Thomas and Drew Yao of the Apple Product
+Security team, and Will Dormann of the CERT/CC for responsibly reporting
+these flaws.
+
+Users are advised to upgrade to this updated package, which contains
+backported patches to correct these issues.
+
+Solution:
+Please note that this update is available via
+Red Hat Network. To use Red Hat Network, launch the Red
+Hat Update Agent with the following command: up2date
+
+http://rhn.redhat.com/errata/RHSA-2009-0430.html
+http://www.redhat.com/security/updates/classification/#important
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Redhat Security Advisory RHSA-2009:0430";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Red Hat Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"xpdf", rpm:"xpdf~2.02~14.el3", rls:"RHENT_3")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"xpdf-debuginfo", rpm:"xpdf-debuginfo~2.02~14.el3", rls:"RHENT_3")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"xpdf", rpm:"xpdf~3.00~20.el4", rls:"RHENT_4")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"xpdf-debuginfo", rpm:"xpdf-debuginfo~3.00~20.el4", rls:"RHENT_4")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/RHSA_2009_0431.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RHSA_2009_0431.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/RHSA_2009_0431.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,127 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory RHSA-2009:0431 ()
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63832);
+ script_cve_id("CVE-2009-0146", "CVE-2009-0147", "CVE-2009-0166", "CVE-2009-0799", "CVE-2009-0800", "CVE-2009-1179", "CVE-2009-1180", "CVE-2009-1181", "CVE-2009-1182", "CVE-2009-1183");
+ script_version ("$");
+ name["english"] = "RedHat Security Advisory RHSA-2009:0431";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing updates announced in
+advisory RHSA-2009:0431.
+
+The kdegraphics packages contain applications for the K Desktop
+Environment, including KPDF, a viewer for Portable Document Format (PDF)
+files.
+
+Multiple integer overflow flaws were found in KPDF's JBIG2 decoder. An
+attacker could create a malicious PDF file that would cause KPDF to crash
+or, potentially, execute arbitrary code when opened. (CVE-2009-0147,
+CVE-2009-1179)
+
+Multiple buffer overflow flaws were found in KPDF's JBIG2 decoder. An
+attacker could create a malicious PDF file that would cause KPDF to crash
+or, potentially, execute arbitrary code when opened. (CVE-2009-0146,
+CVE-2009-1182)
+
+Multiple flaws were found in KPDF's JBIG2 decoder that could lead to the
+freeing of arbitrary memory. An attacker could create a malicious PDF file
+that would cause KPDF to crash or, potentially, execute arbitrary code when
+opened. (CVE-2009-0166, CVE-2009-1180)
+
+Multiple input validation flaws were found in KPDF's JBIG2 decoder. An
+attacker could create a malicious PDF file that would cause KPDF to crash
+or, potentially, execute arbitrary code when opened. (CVE-2009-0800)
+
+Multiple denial of service flaws were found in KPDF's JBIG2 decoder. An
+attacker could create a malicious PDF that would cause KPDF to crash when
+opened. (CVE-2009-0799, CVE-2009-1181, CVE-2009-1183)
+
+Red Hat would like to thank Braden Thomas and Drew Yao of the Apple Product
+Security team, and Will Dormann of the CERT/CC for responsibly reporting
+these flaws.
+
+Users are advised to upgrade to these updated packages, which contain
+backported patches to resolve these issues.
+
+Solution:
+Please note that this update is available via
+Red Hat Network. To use Red Hat Network, launch the Red
+Hat Update Agent with the following command: up2date
+
+http://rhn.redhat.com/errata/RHSA-2009-0431.html
+http://www.redhat.com/security/updates/classification/#important
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Redhat Security Advisory RHSA-2009:0431";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Red Hat Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"kdegraphics", rpm:"kdegraphics~3.3.1~13.el4", rls:"RHENT_4")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kdegraphics-debuginfo", rpm:"kdegraphics-debuginfo~3.3.1~13.el4", rls:"RHENT_4")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kdegraphics-devel", rpm:"kdegraphics-devel~3.3.1~13.el4", rls:"RHENT_4")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kdegraphics", rpm:"kdegraphics~3.5.4~12.el5_3", rls:"RHENT_5")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kdegraphics-debuginfo", rpm:"kdegraphics-debuginfo~3.5.4~12.el5_3", rls:"RHENT_5")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kdegraphics-devel", rpm:"kdegraphics-devel~3.5.4~12.el5_3", rls:"RHENT_5")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/deb_1771_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1771_1.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/deb_1771_1.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,159 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1771-1 (clamav)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63841);
+ script_cve_id("CVE-2008-6680", "CVE-2009-1270");
+ script_version ("$");
+ name["english"] = "Debian Security Advisory DSA 1771-1 (clamav)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to clamav
+announced via advisory DSA 1771-1.
+
+Several vulnerabilities have been discovered in the ClamAV anti-virus
+toolkit:
+
+CVE-2008-6680
+
+Attackers can cayse a denial of service (crash) via a crafted EXE
+file that triggers a divide-by-zero error.
+
+CVE-2009-1270
+
+Attackers can cause a denial of service (infinite loop) via a
+crafted tar file that causes (1) clamd and (2) clamscan to hang.
+
+(no CVE Id yet)
+
+Attackers can cause a denial of service (crash) via a crafted EXE
+file that crashes the UPack unpacker.
+
+For the old stable distribution (etch), these problems have been fixed
+in version 0.90.1dfsg-4etch19.
+
+For the stable distribution (lenny), these problems have been fixed in
+version 0.94.dfsg.2-1lenny2.
+
+For the unstable distribution (sid), these problems have been fixed in
+version 0.95.1+dfsg-1.
+
+We recommend that you upgrade your clamav packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201771-1
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Debian Security Advisory DSA 1771-1 (clamav)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Debian Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"clamav-base", ver:"0.90.1dfsg-4etch19", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"clamav-docs", ver:"0.90.1dfsg-4etch19", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"clamav-testfiles", ver:"0.90.1dfsg-4etch19", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"clamav", ver:"0.90.1dfsg-4etch19", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"clamav-dbg", ver:"0.90.1dfsg-4etch19", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"clamav-freshclam", ver:"0.90.1dfsg-4etch19", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"clamav-milter", ver:"0.90.1dfsg-4etch19", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libclamav2", ver:"0.90.1dfsg-4etch19", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libclamav-dev", ver:"0.90.1dfsg-4etch19", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"clamav-daemon", ver:"0.90.1dfsg-4etch19", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"clamav-docs", ver:"0.94.dfsg.2-1lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"clamav-testfiles", ver:"0.94.dfsg.2-1lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"clamav-base", ver:"0.94.dfsg.2-1lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libclamav5", ver:"0.94.dfsg.2-1lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"clamav-dbg", ver:"0.94.dfsg.2-1lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libclamav-dev", ver:"0.94.dfsg.2-1lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"clamav-freshclam", ver:"0.94.dfsg.2-1lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"clamav-daemon", ver:"0.94.dfsg.2-1lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"clamav", ver:"0.94.dfsg.2-1lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"clamav-milter", ver:"0.94.dfsg.2-1lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/deb_1772_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1772_1.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/deb_1772_1.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,111 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1772-1 (udev)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63842);
+ script_cve_id("CVE-2009-1185", "CVE-2009-1186");
+ script_version ("$");
+ name["english"] = "Debian Security Advisory DSA 1772-1 (udev)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to udev
+announced via advisory DSA 1772-1.
+
+Sebastian Kramer discovered two vulnerabilities in udev, the /dev and
+hotplug management daemon.
+
+CVE-2009-1185
+
+udev does not check the origin of NETLINK messages, allowing local
+users to gain root privileges.
+
+CVE-2009-1186
+
+udev suffers from a buffer overflow condition in path encoding,
+potentially allowing arbitrary code execution.
+
+For the old stable distribution (etch), these problems have been fixed in
+version 0.105-4etch1.
+
+For the stable distribution (lenny), these problems have been fixed in
+version 0.125-7+lenny1.
+
+For the unstable distribution (sid), these problems will be fixed soon.
+
+We recommend that you upgrade your udev package.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201772-1
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Debian Security Advisory DSA 1772-1 (udev)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Debian Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"udev", ver:"0.105-4etch1", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvolume-id-dev", ver:"0.105-4etch1", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvolume-id0", ver:"0.105-4etch1", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvolume-id0", ver:"0.125-7+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"udev", ver:"0.125-7+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvolume-id-dev", ver:"0.125-7+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/deb_1773_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1773_1.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/deb_1773_1.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,163 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1773-1 (cups)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63843);
+ script_cve_id("CVE-2009-0163");
+ script_version ("$");
+ name["english"] = "Debian Security Advisory DSA 1773-1 (cups)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to cups
+announced via advisory DSA 1773-1.
+
+It was discovered that the imagetops filter in cups, the Common UNIX
+Printing System, is prone to an integer overflow when reading malicious
+TIFF images.
+
+For the stable distribution (lenny), this problem has been fixed in
+version 1.3.8-1lenny5.
+
+For the oldstable distribution (etch), this problem has been fixed in
+version 1.2.7-4etch7.
+
+For the testing distribution (squeeze) and the unstable distribution
+(sid), this problem will be fixed soon.
+
+We recommend that you upgrade your cups packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201773-1
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Debian Security Advisory DSA 1773-1 (cups)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Debian Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"libcupsys2-gnutls10", ver:"1.2.7-4etch7", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-common", ver:"1.2.7-4etch7", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-bsd", ver:"1.2.7-4etch7", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsys2-dev", ver:"1.2.7-4etch7", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-dbg", ver:"1.2.7-4etch7", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsys2", ver:"1.2.7-4etch7", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-client", ver:"1.2.7-4etch7", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys", ver:"1.2.7-4etch7", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsimage2", ver:"1.2.7-4etch7", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsimage2-dev", ver:"1.2.7-4etch7", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-dbg", ver:"1.3.8-1lenny5", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsys2-dev", ver:"1.3.8-1lenny5", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-bsd", ver:"1.3.8-1lenny5", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-common", ver:"1.3.8-1lenny5", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cups-common", ver:"1.3.8-1lenny5", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsys2", ver:"1.3.8-1lenny5", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys", ver:"1.3.8-1lenny5", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-client", ver:"1.3.8-1lenny5", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsimage2", ver:"1.3.8-1lenny5", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cups-dbg", ver:"1.3.8-1lenny5", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cups-bsd", ver:"1.3.8-1lenny5", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cups", ver:"1.3.8-1lenny5", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcups2-dev", ver:"1.3.8-1lenny5", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cups-client", ver:"1.3.8-1lenny5", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcups2", ver:"1.3.8-1lenny5", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsimage2-dev", ver:"1.3.8-1lenny5", rls:"DEB5.0")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/deb_1774_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1774_1.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/deb_1774_1.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,89 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1774-1 (ejabberd)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63844);
+ script_cve_id("CVE-2009-0934");
+ script_version ("$");
+ name["english"] = "Debian Security Advisory DSA 1774-1 (ejabberd)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to ejabberd
+announced via advisory DSA 1774-1.
+
+It was discovered that ejabberd, a distributed, fault-tolerant
+Jabber/XMPP server, does not sufficiently sanitise MUC logs, allowing
+remote attackers to perform cross-site scripting (XSS) attacks.
+
+For the stable distribution (lenny), this problem has been fixed in
+version 2.0.1-6+lenny1.
+
+The oldstable distribution (etch) is not affected by this issue.
+
+For the testing distribution (squeeze), this problem will be fixed soon.
+
+For the unstable distribution (sid), this problem has been fixed in
+version 2.0.5-1.
+
+We recommend that you upgrade your ejabberd packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201774-1
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Debian Security Advisory DSA 1774-1 (ejabberd)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Debian Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"ejabberd", ver:"2.0.1-6+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/fcore_2009_3692.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_3692.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/fcore_2009_3692.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,99 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-3692 (phpMyAdmin)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63833);
+ script_version ("$");
+ name["english"] = "Fedora Core 9 FEDORA-2009-3692 (phpMyAdmin)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to phpMyAdmin
+announced via advisory FEDORA-2009-3692.
+
+Update Information:
+
+Improvements for 3.1.3.2: - [security] Insufficient output sanitizing
+when generating configuration file
+http://www.phpmyadmin.net/home_page/security/PMASA-2009-4.php
+
+ChangeLog:
+
+* Tue Apr 14 2009 Robert Scheck 3.1.3.2-1
+- Upstream released 3.1.3.2 (#495768)
+* Wed Mar 25 2009 Robert Scheck 3.1.3.1-1
+- Upstream released 3.1.3.1 (#492066)
+* Sun Mar 1 2009 Robert Scheck 3.1.3-1
+- Upstream released 3.1.3
+
+References:
+
+[ 1 ] Bug #495768 - phpMyAdmin: Insufficient output sanitizing when
+ generating configuration file fixed in 3.1.3.2
+https://bugzilla.redhat.com/show_bug.cgi?id=495768
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program. Use
+su -c 'yum update phpMyAdmin' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3692
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Fedora Core 9 FEDORA-2009-3692 (phpMyAdmin)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Fedora Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"phpMyAdmin", rpm:"phpMyAdmin~3.1.3.2~1.fc9", rls:"FC9")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/fcore_2009_3700.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_3700.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/fcore_2009_3700.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,99 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-3700 (phpMyAdmin)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63834);
+ script_version ("$");
+ name["english"] = "Fedora Core 10 FEDORA-2009-3700 (phpMyAdmin)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to phpMyAdmin
+announced via advisory FEDORA-2009-3700.
+
+Update Information:
+
+Improvements for 3.1.3.2: - [security] Insufficient output sanitizing when
+generating configuration file
+http://www.phpmyadmin.net/home_page/security/PMASA-2009-4.php
+
+ChangeLog:
+
+* Tue Apr 14 2009 Robert Scheck 3.1.3.2-1
+- Upstream released 3.1.3.2 (#495768)
+* Wed Mar 25 2009 Robert Scheck 3.1.3.1-1
+- Upstream released 3.1.3.1 (#492066)
+* Sun Mar 1 2009 Robert Scheck 3.1.3-1
+- Upstream released 3.1.3
+
+References:
+
+[ 1 ] Bug #495768 - phpMyAdmin: Insufficient output sanitizing when
+ generating configuration file fixed in 3.1.3.2
+https://bugzilla.redhat.com/show_bug.cgi?id=495768
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program. Use
+su -c 'yum update phpMyAdmin' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3700
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Fedora Core 10 FEDORA-2009-3700 (phpMyAdmin)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Fedora Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"phpMyAdmin", rpm:"phpMyAdmin~3.1.3.2~1.fc10", rls:"FC10")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/fcore_2009_3709.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_3709.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/fcore_2009_3709.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,117 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-3709 (ghostscript)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63835);
+ script_cve_id("CVE-2009-0792", "CVE-2009-0196", "CVE-2008-6679", "CVE-2009-0583", "CVE-2009-0584");
+ script_version ("$");
+ name["english"] = "Fedora Core 10 FEDORA-2009-3709 (ghostscript)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to ghostscript
+announced via advisory FEDORA-2009-3709.
+
+Update Information:
+
+This update fixes several security flaws: CVE-2009-0792 (multiple integer
+overflows and missing upper-bounds checks in icclib), CVE-2009-0196 (missing
+boundary check in jbig2dec library), and CVE-2008-6679 (buffer overflow in
+pdfwrite device).
+
+ChangeLog:
+
+* Wed Apr 15 2009 Tim Waugh 8.63-6
+- Applied patch to fix CVE-2009-0792 (bug #491853).
+- Applied patch to fix CVE-2009-0196 (bug #493379).
+- Applied patch to fix CVE-2008-6679 (bug #493445).
+* Fri Mar 20 2009 Tim Waugh 8.63-5
+- Applied patch to fix CVE-2009-0583 (bug #487742) and CVE-2009-0584
+(bug #487744).
+
+References:
+
+[ 1 ] Bug #493445 - CVE-2008-6679 ghostscript: Buffer overflow in BaseFont writer module for pdfwrite defice
+https://bugzilla.redhat.com/show_bug.cgi?id=493445
+[ 2 ] Bug #493379 - CVE-2009-0196 ghostscript: Missing boundary check in Ghostscript's jbig2dec library
+https://bugzilla.redhat.com/show_bug.cgi?id=493379
+[ 3 ] Bug #491853 - CVE-2009-0792 ghostscript, argyllcms: Incomplete fix for CVE-2009-0583
+https://bugzilla.redhat.com/show_bug.cgi?id=491853
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program. Use
+su -c 'yum update ghostscript' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3709
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Fedora Core 10 FEDORA-2009-3709 (ghostscript)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Fedora Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"ghostscript", rpm:"ghostscript~8.63~6.fc10", rls:"FC10")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ghostscript-devel", rpm:"ghostscript-devel~8.63~6.fc10", rls:"FC10")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ghostscript-doc", rpm:"ghostscript-doc~8.63~6.fc10", rls:"FC10")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ghostscript-gtk", rpm:"ghostscript-gtk~8.63~6.fc10", rls:"FC10")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ghostscript-debuginfo", rpm:"ghostscript-debuginfo~8.63~6.fc10", rls:"FC10")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/fcore_2009_3710.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_3710.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/fcore_2009_3710.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,114 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-3710 (ghostscript)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63836);
+ script_cve_id("CVE-2009-0792", "CVE-2009-0196", "CVE-2008-6679", "CVE-2009-0583", "CVE-2009-0584");
+ script_version ("$");
+ name["english"] = "Fedora Core 9 FEDORA-2009-3710 (ghostscript)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to ghostscript
+announced via advisory FEDORA-2009-3710.
+
+Update Information:
+
+This update fixes several security flaws: CVE-2009-0792 (multiple integer
+overflows and missing upper-bounds checks in icclib), CVE-2009-0196 (missing
+boundary check in jbig2dec library), and CVE-2008-6679 (buffer overflow in
+pdfwrite device).
+
+ChangeLog:
+
+* Wed Apr 15 2009 Tim Waugh 8.63-3
+- Applied patch to fix CVE-2009-0792 (bug #491853).
+- Applied patch to fix CVE-2009-0196 (bug #493379).
+- Applied patch to fix CVE-2008-6679 (bug #493445).
+* Fri Mar 20 2009 Tim Waugh 8.63-2
+- Applied patch to fix CVE-2009-0583 (bug #487742) and CVE-2009-0584
+(bug #487744).
+
+References:
+
+[ 1 ] Bug #493445 - CVE-2008-6679 ghostscript: Buffer overflow in BaseFont writer module for pdfwrite defice
+https://bugzilla.redhat.com/show_bug.cgi?id=493445
+[ 2 ] Bug #493379 - CVE-2009-0196 ghostscript: Missing boundary check in Ghostscript's jbig2dec library
+https://bugzilla.redhat.com/show_bug.cgi?id=493379
+[ 3 ] Bug #491853 - CVE-2009-0792 ghostscript, argyllcms: Incomplete fix for CVE-2009-0583
+https://bugzilla.redhat.com/show_bug.cgi?id=491853
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program. Use
+su -c 'yum update ghostscript' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3710
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Fedora Core 9 FEDORA-2009-3710 (ghostscript)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Fedora Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"ghostscript", rpm:"ghostscript~8.63~3.fc9", rls:"FC9")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ghostscript-devel", rpm:"ghostscript-devel~8.63~3.fc9", rls:"FC9")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ghostscript-gtk", rpm:"ghostscript-gtk~8.63~3.fc9", rls:"FC9")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ghostscript-debuginfo", rpm:"ghostscript-debuginfo~8.63~3.fc9", rls:"FC9")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/fcore_2009_3711.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_3711.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/fcore_2009_3711.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,140 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-3711 (udev)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63838);
+ script_cve_id("CVE-2009-1185", "CVE-2009-1186");
+ script_version ("$");
+ name["english"] = "Fedora Core 10 FEDORA-2009-3711 (udev)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to udev
+announced via advisory FEDORA-2009-3711.
+
+The udev package contains an implementation of devfs in
+userspace using sysfs and netlink.
+
+Update Information:
+
+udev provides a user-space API and implements a dynamic device directory,
+providing only the devices present on the system. udev replaces devfs in order
+to provide greater hot plug functionality. Netlink is a datagram oriented
+service, used to transfer information between kernel modules and user-space
+processes.
+
+It was discovered that udev did not properly check the origin of
+Netlink messages. A local attacker could use this flaw to gain root privileges
+via a crafted Netlink message sent to udev, causing it to create a world-
+writable block device file for an existing system block device (for example, the
+root file system). (CVE-2009-1185)
+
+An integer overflow flaw, potentially
+leading to heap-based buffer overflow was found in one of the utilities
+providing functionality of the udev device information interface. An attacker
+could use this flaw to cause a denial of service, or possibly, to execute
+arbitrary code by providing a specially-crafted arguments as input to this
+utility. (CVE-2009-1186)
+
+Thanks to Sebastian Krahmer of the SUSE Security Team for responsibly
+reporting this flaw. Users of udev are advised to upgrade to these
+updated packages, which contain a backported patch to correct this issue.
+After installing the update, the udevd daemon will be restarted automatically.
+
+ChangeLog:
+
+* Thu Apr 16 2009 Harald Hoyer 127-5
+- fix for CVE-2009-1186
+* Wed Apr 15 2009 Harald Hoyer 127-4
+- fix for CVE-2009-1185
+
+References:
+
+[ 1 ] Bug #495051 - CVE-2009-1185 udev: Uncheck origin of NETLINK messages
+https://bugzilla.redhat.com/show_bug.cgi?id=495051
+[ 2 ] Bug #495052 - CVE-2009-1186 udev: Buffer overflow in path encoding routine
+https://bugzilla.redhat.com/show_bug.cgi?id=495052
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program. Use
+su -c 'yum update udev' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3711
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Fedora Core 10 FEDORA-2009-3711 (udev)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Fedora Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libudev-devel", rpm:"libudev-devel~127~5.fc10", rls:"FC10")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libudev0", rpm:"libudev0~127~5.fc10", rls:"FC10")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libvolume_id", rpm:"libvolume_id~127~5.fc10", rls:"FC10")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libvolume_id-devel", rpm:"libvolume_id-devel~127~5.fc10", rls:"FC10")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"udev", rpm:"udev~127~5.fc10", rls:"FC10")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"udev-static", rpm:"udev-static~127~5.fc10", rls:"FC10")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"udev-debuginfo", rpm:"udev-debuginfo~127~5.fc10", rls:"FC10")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/fcore_2009_3712.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_3712.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/fcore_2009_3712.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,139 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-3712 (udev)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63837);
+ script_cve_id("CVE-2009-1185", "CVE-2009-1186");
+ script_version ("$");
+ name["english"] = "Fedora Core 9 FEDORA-2009-3712 (udev)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to udev
+announced via advisory FEDORA-2009-3712.
+
+The udev package contains an implementation of devfs in
+userspace using sysfs and netlink.
+
+Update Information:
+
+udev provides a user-space API and implements a dynamic device directory,
+providing only the devices present on the system. udev replaces devfs in order
+to provide greater hot plug functionality. Netlink is a datagram oriented
+service, used to transfer information between kernel modules and user-space
+processes.
+
+It was discovered that udev did not properly check the origin of
+Netlink messages. A local attacker could use this flaw to gain root privileges
+via a crafted Netlink message sent to udev, causing it to create a world-
+writable block device file for an existing system block device (for example, the
+root file system). (CVE-2009-1185)
+
+An integer overflow flaw, potentially
+leading to heap-based buffer overflow was found in one of the utilities
+providing functionality of the udev device information interface. An attacker
+could use this flaw to cause a denial of service, or possibly, to execute
+arbitrary code by providing a specially-crafted arguments as input to this
+utility. (CVE-2009-1186)
+
+Thanks to Sebastian Krahmer of the SUSE Security Team for responsibly
+reporting this flaw.
+
+Users of udev are advised to upgrade to these updated packages, which
+contain a backported patch to correct this issue. After installing the
+update, the udevd daemon will be restarted automatically.
+
+ChangeLog:
+
+* Thu Apr 16 2009 Harald Hoyer 124-4
+- fix for CVE-2009-1186
+* Tue Apr 14 2009 Harald Hoyer 124-3
+- fix for CVE-2009-1185
+* Wed Aug 6 2008 Harald Hoyer 124-2
+- added patch for cdrom tray close bug (rhbz#453095)
+- fixed udevadm syntax in start_udev (credits B.J.W. Polman)
+
+References:
+
+[ 1 ] Bug #495051 - CVE-2009-1185 udev: Uncheck origin of NETLINK messages
+https://bugzilla.redhat.com/show_bug.cgi?id=495051
+[ 2 ] Bug #495052 - CVE-2009-1186 udev: Buffer overflow in path encoding routine
+https://bugzilla.redhat.com/show_bug.cgi?id=495052
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program. Use
+su -c 'yum update udev' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3712
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Fedora Core 9 FEDORA-2009-3712 (udev)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Fedora Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libvolume_id", rpm:"libvolume_id~124~4.fc9", rls:"FC9")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libvolume_id-devel", rpm:"libvolume_id-devel~124~4.fc9", rls:"FC9")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"udev", rpm:"udev~124~4.fc9", rls:"FC9")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"udev-static", rpm:"udev-static~124~4.fc9", rls:"FC9")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"udev-debuginfo", rpm:"udev-debuginfo~124~4.fc9", rls:"FC9")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/fcore_2009_3720.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_3720.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/fcore_2009_3720.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,103 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-3720 (argyllcms)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63839);
+ script_cve_id("CVE-2009-0792", "CVE-2009-0583");
+ script_version ("$");
+ name["english"] = "Fedora Core 9 FEDORA-2009-3720 (argyllcms)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to argyllcms
+announced via advisory FEDORA-2009-3720.
+
+Update Information:
+
+Apply patch for CVE-2009-0792.
+
+ChangeLog:
+
+* Thu Apr 16 2009 Jon Ciesla - 1.0.3-5
+- Actually *apply* previous patch.
+* Wed Apr 8 2009 Jon Ciesla - 1.0.3-4
+- Patch for ICC library CVE-2009-0792.
+* Mon Mar 23 2009 Jon Ciesla - 1.0.3-3
+- Patch for ICC library CVE-2009-{0583, 0584} by Tim Waugh.
+
+References:
+
+[ 1 ] Bug #491853 - CVE-2009-0792 ghostscript, argyllcms: Incomplete fix for CVE-2009-0583
+https://bugzilla.redhat.com/show_bug.cgi?id=491853
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program. Use
+su -c 'yum update argyllcms' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3720
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Fedora Core 9 FEDORA-2009-3720 (argyllcms)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Fedora Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"argyllcms", rpm:"argyllcms~1.0.3~5.fc9", rls:"FC9")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"argyllcms-doc", rpm:"argyllcms-doc~1.0.3~5.fc9", rls:"FC9")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"argyllcms-debuginfo", rpm:"argyllcms-debuginfo~1.0.3~5.fc9", rls:"FC9")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/fcore_2009_3740.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_3740.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/fcore_2009_3740.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,100 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-3740 (argyllcms)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63840);
+ script_cve_id("CVE-2009-0792", "CVE-2009-0583");
+ script_version ("$");
+ name["english"] = "Fedora Core 10 FEDORA-2009-3740 (argyllcms)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to argyllcms
+announced via advisory FEDORA-2009-3740.
+
+Update Information:
+
+Apply patch for CVE-2009-0792.
+ChangeLog:
+
+* Thu Apr 16 2009 Jon Ciesla - 1.0.3-5
+- Actually *apply* previous patch.
+* Wed Apr 8 2009 Jon Ciesla - 1.0.3-4
+- Patch for ICC library CVE-2009-0792.
+
+References:
+
+[ 1 ] Bug #491853 - CVE-2009-0792 ghostscript, argyllcms: Incomplete fix for CVE-2009-0583
+https://bugzilla.redhat.com/show_bug.cgi?id=491853
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program. Use
+su -c 'yum update argyllcms' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3740
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Fedora Core 10 FEDORA-2009-3740 (argyllcms)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Fedora Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"argyllcms", rpm:"argyllcms~1.0.3~5.fc10", rls:"FC10")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"argyllcms-doc", rpm:"argyllcms-doc~1.0.3~5.fc10", rls:"FC10")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"argyllcms-debuginfo", rpm:"argyllcms-debuginfo~1.0.3~5.fc10", rls:"FC10")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/freebsd_ejabberd.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_ejabberd.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/freebsd_ejabberd.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,86 @@
+#
+#VID cf91c1e4-2b6d-11de-931b-00e0815b8da8
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID cf91c1e4-2b6d-11de-931b-00e0815b8da8
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63863);
+ script_cve_id("CVE-2009-0934");
+ script_bugtraq_id(34133);
+ script_version ("$");
+ name["english"] = "FreeBSD Ports: ejabberd";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: ejabberd
+
+CVE-2009-0934
+Cross-site scripting (XSS) vulnerability in ejabberd before 2.0.4
+allows remote attackers to inject arbitrary web script or HTML via
+unknown vectors related to links and MUC logs.
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "FreeBSD Ports: ejabberd";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "FreeBSD Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"ejabberd");
+if(!isnull(bver) && revcomp(a:bver, b:"2.0.4")<0) {
+ security_note(0, data:"Package ejabberd version " + bver + " is installed which is known to be vulnerable.");
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/freebsd_freetype22.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_freetype22.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/freebsd_freetype22.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,88 @@
+#
+#VID 20b4f284-2bfc-11de-bdeb-0030843d3802
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID 20b4f284-2bfc-11de-bdeb-0030843d3802
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63862);
+ script_cve_id("CVE-2009-0946");
+ script_version ("$");
+ name["english"] = "FreeBSD Ports: freetype2";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: freetype2
+
+CVE-2009-0946
+Multiple integer overflows in FreeType 2.3.9 and earlier allow remote
+attackers to execute arbitrary code via vectors related to large
+values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c,
+and (3) cff/cffload.c.
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://secunia.com/advisories/34723/
+http://www.vuxml.org/freebsd/20b4f284-2bfc-11de-bdeb-0030843d3802.html
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "FreeBSD Ports: freetype2";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "FreeBSD Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"freetype2");
+if(!isnull(bver) && revcomp(a:bver, b:"2.3.9_1")<0) {
+ security_note(0, data:"Package freetype2 version " + bver + " is installed which is known to be vulnerable.");
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/freebsd_phpMyAdmin18.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_phpMyAdmin18.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/freebsd_phpMyAdmin18.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,81 @@
+#
+#VID 1a0e4cc6-29bf-11de-bdeb-0030843d3802
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID 1a0e4cc6-29bf-11de-bdeb-0030843d3802
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63865);
+ script_version ("$");
+ name["english"] = "FreeBSD Ports: phpMyAdmin";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: phpMyAdmin
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://www.phpmyadmin.net/home_page/security/PMASA-2009-4.php
+http://www.vuxml.org/freebsd/1a0e4cc6-29bf-11de-bdeb-0030843d3802.html
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "FreeBSD Ports: phpMyAdmin";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "FreeBSD Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"phpMyAdmin");
+if(!isnull(bver) && revcomp(a:bver, b:"3.1.3.2")<0) {
+ security_note(0, data:"Package phpMyAdmin version " + bver + " is installed which is known to be vulnerable.");
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/freebsd_poppler0.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_poppler0.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/freebsd_poppler0.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,81 @@
+#
+#VID 50d233d9-374b-46ce-922d-4e6b3f777bef
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID 50d233d9-374b-46ce-922d-4e6b3f777bef
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63860);
+ script_version ("$");
+ name["english"] = "FreeBSD Ports: poppler";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: poppler
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://secunia.com/advisories/34746/
+http://www.vuxml.org/freebsd/50d233d9-374b-46ce-922d-4e6b3f777bef.html
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "FreeBSD Ports: poppler";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "FreeBSD Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"poppler");
+if(!isnull(bver) && revcomp(a:bver, b:"0.10.6")<0) {
+ security_note(0, data:"Package poppler version " + bver + " is installed which is known to be vulnerable.");
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/freebsd_xpdf3.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_xpdf3.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/freebsd_xpdf3.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,83 @@
+#
+#VID a21037d5-2c38-11de-ab3b-0017a4cccfc6
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID a21037d5-2c38-11de-ab3b-0017a4cccfc6
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63861);
+ script_cve_id("CVE-2009-0146", "CVE-2009-0147", "CVE-2009-0166", "CVE-2009-0799", "CVE-2009-0800", "CVE-2009-1179", "CVE-2009-1180", "CVE-2009-1181", "CVE-2009-1182", "CVE-2009-1183");
+ script_version ("$");
+ name["english"] = "FreeBSD Ports: xpdf";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: xpdf
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://secunia.com/advisories/34291
+http://www.vupen.com/english/advisories/2009/1065
+http://www.vuxml.org/freebsd/a21037d5-2c38-11de-ab3b-0017a4cccfc6.html
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "FreeBSD Ports: xpdf";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "FreeBSD Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"xpdf");
+if(!isnull(bver) && revcomp(a:bver, b:"3.02_11")<0) {
+ security_note(0, data:"Package xpdf version " + bver + " is installed which is known to be vulnerable.");
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/freebsd_ziproxy.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_ziproxy.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/freebsd_ziproxy.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,91 @@
+#
+#VID 872ae5be-29c0-11de-bdeb-0030843d3802
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID 872ae5be-29c0-11de-bdeb-0030843d3802
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63864);
+ script_cve_id("CVE-2009-0804");
+ script_bugtraq_id(33858);
+ script_version ("$");
+ name["english"] = "FreeBSD Ports: ziproxy";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: ziproxy
+
+CVE-2009-0804
+Ziproxy 2.6.0, when transparent interception mode is enabled, uses the
+HTTP Host header to determine the remote endpoint, which allows remote
+attackers to bypass access controls for Flash, Java, Silverlight, and
+probably other technologies, and possibly communicate with restricted
+intranet sites, via a crafted web page that causes a client to send
+HTTP requests with a modified Host header.
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://www.kb.cert.org/vuls/id/MAPG-7N9GN8
+http://www.vuxml.org/freebsd/872ae5be-29c0-11de-bdeb-0030843d3802.html
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "FreeBSD Ports: ziproxy";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "FreeBSD Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"ziproxy");
+if(!isnull(bver) && revcomp(a:bver, b:"2.7.0")<0) {
+ security_note(0, data:"Package ziproxy version " + bver + " is installed which is known to be vulnerable.");
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/glsa_200904_13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/glsa_200904_13.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/glsa_200904_13.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,84 @@
+#
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from Gentoo's XML based advisory
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+
+if(description)
+{
+ script_id(63849);
+ script_cve_id("CVE-2008-3680");
+ script_version ("$");
+ name["english"] = "Gentoo Security Advisory GLSA 200904-13 (ventrilo-server-bin)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing updates announced in
+advisory GLSA 200904-13.
+
+A vulnerability has been discovered in Ventrilo, allowing for a Denial of
+ Service.
+
+Solution:
+All Ventrilo users should upgrade to the latest version:
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose '>=media-sound/ventrilo-server-bin-3.0.3'
+
+http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200904-13
+http://bugs.gentoo.org/show_bug.cgi?id=234819
+
+Risk factor : Medium";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Gentoo Security Advisory GLSA 200904-13 (ventrilo-server-bin)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Gentoo Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/gentoo");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-gentoo.inc");
+vuln = 0;
+if(ispkgvuln(pkg:"media-sound/ventrilo-server-bin", unaffected: make_list("ge 3.0.3"), vulnerable: make_list("lt 3.0.3"))) {
+ vuln=1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/glsa_200904_14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/glsa_200904_14.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/glsa_200904_14.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,84 @@
+#
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from Gentoo's XML based advisory
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+
+if(description)
+{
+ script_id(63850);
+ script_cve_id("CVE-2008-3243", "CVE-2008-3244", "CVE-2008-5747");
+ script_version ("$");
+ name["english"] = "Gentoo Security Advisory GLSA 200904-14 (f-prot)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing updates announced in
+advisory GLSA 200904-14.
+
+Multiple errors in F-PROT Antivirus may lead to a Denial of Service.
+
+Solution:
+All F-PROT Antivirus users should upgrade to the latest version:
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose '>=app-antivirus/f-prot-6.0.2'
+
+http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200904-14
+http://bugs.gentoo.org/show_bug.cgi?id=232665
+http://bugs.gentoo.org/show_bug.cgi?id=253497
+
+Risk factor : Medium";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Gentoo Security Advisory GLSA 200904-14 (f-prot)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Gentoo Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/gentoo");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-gentoo.inc");
+vuln = 0;
+if(ispkgvuln(pkg:"app-antivirus/f-prot", unaffected: make_list("ge 6.0.2"), vulnerable: make_list("lt 6.0.2"))) {
+ vuln=1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/glsa_200904_15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/glsa_200904_15.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/glsa_200904_15.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,83 @@
+#
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from Gentoo's XML based advisory
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+
+if(description)
+{
+ script_id(63851);
+ script_cve_id("CVE-2009-1301");
+ script_version ("$");
+ name["english"] = "Gentoo Security Advisory GLSA 200904-15 (mpg123)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing updates announced in
+advisory GLSA 200904-15.
+
+An error in mpg123 might allow for the execution of arbitrary code.
+
+Solution:
+All mpg123 users should upgrade to the latest version:
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose '>=media-sound/mpg123-1.7.2'
+
+http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200904-15
+http://bugs.gentoo.org/show_bug.cgi?id=265342
+
+Risk factor : Medium";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Gentoo Security Advisory GLSA 200904-15 (mpg123)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Gentoo Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/gentoo");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-gentoo.inc");
+vuln = 0;
+if(ispkgvuln(pkg:"media-sound/mpg123", unaffected: make_list("ge 1.7.2"), vulnerable: make_list("lt 1.7.2"))) {
+ vuln=1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/glsa_200904_16.nasl
===================================================================
--- trunk/openvas-plugins/scripts/glsa_200904_16.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/glsa_200904_16.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,84 @@
+#
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from Gentoo's XML based advisory
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+
+if(description)
+{
+ script_id(63852);
+ script_cve_id("CVE-2009-0186");
+ script_version ("$");
+ name["english"] = "Gentoo Security Advisory GLSA 200904-16 (libsndfile)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing updates announced in
+advisory GLSA 200904-16.
+
+A buffer overflow vulnerability in libsndfile might allow remote attackers
+ to execute arbitrary code.
+
+Solution:
+All libsndfile users should upgrade to the latest version:
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose '>=media-libs/libsndfile-1.0.19'
+
+http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200904-16
+http://bugs.gentoo.org/show_bug.cgi?id=261173
+
+Risk factor : Medium";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Gentoo Security Advisory GLSA 200904-16 (libsndfile)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Gentoo Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/gentoo");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-gentoo.inc");
+vuln = 0;
+if(ispkgvuln(pkg:"media-libs/libsndfile", unaffected: make_list("ge 1.0.19"), vulnerable: make_list("lt 1.0.19"))) {
+ vuln=1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/glsa_200904_17.nasl
===================================================================
--- trunk/openvas-plugins/scripts/glsa_200904_17.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/glsa_200904_17.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,83 @@
+#
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from Gentoo's XML based advisory
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+
+if(description)
+{
+ script_id(63853);
+ script_cve_id("CVE-2009-0193", "CVE-2009-0658", "CVE-2009-0927", "CVE-2009-0928", "CVE-2009-1061", "CVE-2009-1062");
+ script_version ("$");
+ name["english"] = "Gentoo Security Advisory GLSA 200904-17 (acroread)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing updates announced in
+advisory GLSA 200904-17.
+
+Adobe Reader is vulnerable to execution of arbitrary code.
+
+Solution:
+All Adobe Reader users should upgrade to the latest version:
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose '>=app-text/acroread-8.1.4'
+
+http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200904-17
+http://bugs.gentoo.org/show_bug.cgi?id=259992
+
+Risk factor : Medium";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Gentoo Security Advisory GLSA 200904-17 (acroread)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Gentoo Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/gentoo");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-gentoo.inc");
+vuln = 0;
+if(ispkgvuln(pkg:"app-text/acroread", unaffected: make_list("ge 8.1.4"), vulnerable: make_list("lt 8.1.4"))) {
+ vuln=1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/glsa_200904_18.nasl
===================================================================
--- trunk/openvas-plugins/scripts/glsa_200904_18.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/glsa_200904_18.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,84 @@
+#
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from Gentoo's XML based advisory
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+
+if(description)
+{
+ script_id(63854);
+ script_cve_id("CVE-2009-1185", "CVE-2009-1186");
+ script_version ("$");
+ name["english"] = "Gentoo Security Advisory GLSA 200904-18 (udev)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing updates announced in
+advisory GLSA 200904-18.
+
+Two errors in udev allow for a local root compromise and a Denial of
+ Service.
+
+Solution:
+All udev users should upgrade to the latest version:
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose '>=sys-fs/udev-124-r2'
+
+http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200904-18
+http://bugs.gentoo.org/show_bug.cgi?id=266290
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Gentoo Security Advisory GLSA 200904-18 (udev)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Gentoo Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/gentoo");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-gentoo.inc");
+vuln = 0;
+if(ispkgvuln(pkg:"sys-fs/udev", unaffected: make_list("ge 124-r2"), vulnerable: make_list("lt 124-r2"))) {
+ vuln=1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/glsa_200904_19.nasl
===================================================================
--- trunk/openvas-plugins/scripts/glsa_200904_19.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/glsa_200904_19.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,85 @@
+#
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from Gentoo's XML based advisory
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+
+if(description)
+{
+ script_id(63855);
+ script_cve_id("CVE-2009-0581", "CVE-2009-0723", "CVE-2009-0733", "CVE-2009-0793");
+ script_version ("$");
+ name["english"] = "Gentoo Security Advisory GLSA 200904-19 (littlecms)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing updates announced in
+advisory GLSA 200904-19.
+
+Multiple errors in LittleCMS allow for attacks including the remote
+ execution of arbitrary code.
+
+Solution:
+All LittleCMS users should upgrade to the latest version:
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose '>=media-libs/lcms-1.18-r1'
+
+http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200904-19
+http://bugs.gentoo.org/show_bug.cgi?id=260269
+http://bugs.gentoo.org/show_bug.cgi?id=264604
+
+Risk factor : Medium";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Gentoo Security Advisory GLSA 200904-19 (littlecms)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Gentoo Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/gentoo");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-gentoo.inc");
+vuln = 0;
+if(ispkgvuln(pkg:"media-libs/lcms", unaffected: make_list("ge 1.18-r1"), vulnerable: make_list("lt 1.18-r1"))) {
+ vuln=1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/suse_sa_2009_020.nasl
===================================================================
--- trunk/openvas-plugins/scripts/suse_sa_2009_020.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/suse_sa_2009_020.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,122 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory SUSE-SA:2009:020 (udev)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63845);
+ script_cve_id("CVE-2009-1185", "CVE-2009-1186");
+ script_version ("$");
+ name["english"] = "SuSE Security Advisory SUSE-SA:2009:020 (udev)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing updates announced in
+advisory SUSE-SA:2009:020.
+
+Sebastian Krahmer of SUSE Security identified a problem in udevd with
+handling of netlink messages.
+
+Local attackers could inject netlink messages due to a missing origin
+check where only the kernel should have been able to and so are able
+to escalate privileges. (CVE-2009-1185)
+
+Fixed packages have been released to address this issue for openSUSE
+10.3-11.1, SUSE Linux Enterprise 10 SP2 and SUSE Linux Enterprise 11.
+
+SUSE Linux Enterprise Server 9 and Novell Linux Desktop 9 are not
+affected by this problem.
+
+Solution:
+Update your system with the packages as indicated in
+the referenced security advisory.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:020
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "SuSE Security Advisory SUSE-SA:2009:020 (udev)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "SuSE Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libudev-devel", rpm:"libudev-devel~128~9.7.1", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libudev0", rpm:"libudev0~128~9.7.1", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libvolume_id", rpm:"libvolume_id~126~17.38.1", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libvolume_id-devel", rpm:"libvolume_id-devel~128~9.7.1", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libvolume_id1", rpm:"libvolume_id1~128~9.7.1", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"udev", rpm:"udev~128~9.7.1", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libvolume_id", rpm:"libvolume_id~120~13.2", rls:"openSUSE11.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libvolume_id-devel", rpm:"libvolume_id-devel~120~13.2", rls:"openSUSE11.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"udev", rpm:"udev~120~13.2", rls:"openSUSE11.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libvolume_id", rpm:"libvolume_id~114~19.3", rls:"openSUSE10.3")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libvolume_id-devel", rpm:"libvolume_id-devel~114~19.3", rls:"openSUSE10.3")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"udev", rpm:"udev~114~19.3", rls:"openSUSE10.3")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/suse_sa_2009_021.nasl
===================================================================
--- trunk/openvas-plugins/scripts/suse_sa_2009_021.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/suse_sa_2009_021.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,175 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory SUSE-SA:2009:021 (kernel)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63846);
+ script_cve_id("CVE-2009-0676", "CVE-2009-0835", "CVE-2009-1072");
+ script_version ("$");
+ name["english"] = "SuSE Security Advisory SUSE-SA:2009:021 (kernel)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing updates announced in
+advisory SUSE-SA:2009:021.
+
+The Linux kernel was updated for SUSE Linux Enterprise 11 and openSUSE
+11.1 fixing lots of bugs and some security issues.
+
+The kernel was also updated to the 2.6.27.21 stable release.
+
+CVE-2009-1072: nfsd in the Linux kernel does not drop the CAP_MKNOD
+capability before handling a user request in a thread, which allows
+local users to create device nodes, as demonstrated on a filesystem
+that has been exported with the root_squash option.
+
+CVE-2009-0676: The sock_getsockopt function in net/core/sock.c in
+the Linux kernel does not initialize a certain structure member,
+which allows local users to obtain potentially sensitive information
+from kernel memory via an SO_BSDCOMPAT getsockopt request.
+The fix for this was previously incomplete.
+
+CVE-2009-0835: The __secure_computing function in kernel/seccomp.c
+in the seccomp subsystem in the Linux kernel on the x86_64 platform,
+when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit
+process making a 64-bit syscall or (2) a 64-bit process making a
+32-bit syscall, which allows local users to bypass intended access
+restrictions via crafted syscalls that are misinterpreted as (a)
+stat or (b) chmod.
+
+The openSUSE 11.1 kernel was released before the easter weekend
+already.
+
+Solution:
+Update your system with the packages as indicated in
+the referenced security advisory.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:021
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "SuSE Security Advisory SUSE-SA:2009:021 (kernel)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "SuSE Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.27.21~0.1.2", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debug-base", rpm:"kernel-debug-base~2.6.27.21~0.1.2", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debug-extra", rpm:"kernel-debug-extra~2.6.27.21~0.1.2", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-default", rpm:"kernel-default~2.6.27.21~0.1.2", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-default-base", rpm:"kernel-default-base~2.6.27.21~0.1.2", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-default-extra", rpm:"kernel-default-extra~2.6.27.21~0.1.2", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-pae", rpm:"kernel-pae~2.6.27.21~0.1.2", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-pae-base", rpm:"kernel-pae-base~2.6.27.21~0.1.2", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-pae-extra", rpm:"kernel-pae-extra~2.6.27.21~0.1.2", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-source", rpm:"kernel-source~2.6.27.21~0.1.1", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-syms", rpm:"kernel-syms~2.6.27.21~0.1.1", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-trace", rpm:"kernel-trace~2.6.27.21~0.1.2", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-trace-base", rpm:"kernel-trace-base~2.6.27.21~0.1.2", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-trace-extra", rpm:"kernel-trace-extra~2.6.27.21~0.1.2", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-vanilla", rpm:"kernel-vanilla~2.6.27.21~0.1.2", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.27.21~0.1.2", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-xen-base", rpm:"kernel-xen-base~2.6.27.21~0.1.2", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-xen-extra", rpm:"kernel-xen-extra~2.6.27.21~0.1.2", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"module-init-tools", rpm:"module-init-tools~3.4~56.10.1", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-docs", rpm:"kernel-docs~2.6.3~3.13.13", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-kdump", rpm:"kernel-kdump~2.6.27.21~0.1.2", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-ppc64", rpm:"kernel-ppc64~2.6.27.21~0.1.2", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-ppc64-base", rpm:"kernel-ppc64-base~2.6.27.21~0.1.2", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-ppc64-extra", rpm:"kernel-ppc64-extra~2.6.27.21~0.1.2", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-ps3", rpm:"kernel-ps3~2.6.27.21~0.1.2", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/suse_sa_2009_022.nasl
===================================================================
--- trunk/openvas-plugins/scripts/suse_sa_2009_022.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/suse_sa_2009_022.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,167 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory SUSE-SA:2009:022 (MozillaFirefox)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63847);
+ script_cve_id("CVE-2009-1044", "CVE-2009-1169");
+ script_version ("$");
+ name["english"] = "SuSE Security Advisory SUSE-SA:2009:022 (MozillaFirefox)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing updates announced in
+advisory SUSE-SA:2009:022.
+
+The Mozilla Firefox Browser was updated to the 3.0.8 release. It
+fixes two critical security issues:
+
+MFSA 2009-13 / CVE-2009-1044: Security researcher Nils reported
+via TippingPoint's Zero Day Initiative that the XUL tree method
+_moveToEdgeShift was in some cases triggering garbage collection
+routines on objects which were still in use. In such cases, the browser
+would crash when attempting to access a previously destroyed object
+and this crash could be used by an attacker to run arbitrary code on
+a victim's computer. This vulnerability was used by the reporter to
+win the 2009 CanSecWest Pwn2Own contest.
+This vulnerability does not affect Firefox 2, Thunderbird 2, or
+released versions of SeaMonkey.
+
+MFSA 2009-12 / CVE-2009-1169:Security researcher Guido Landi discovered
+that a XSL stylesheet could be used to crash the browser during a
+XSL transformation. An attacker could potentially use this crash to
+run arbitrary code on a victim's computer.
+
+This vulnerability was also previously reported as a stability problem
+by Ubuntu community member, Andre. Ubuntu community member Michael
+Rooney reported Andre's findings to Mozilla, and Mozilla community
+member Martin helped reduce Andre's original test case and contributed
+a patch to fix the vulnerability.
+
+Solution:
+Update your system with the packages as indicated in
+the referenced security advisory.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:022
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "SuSE Security Advisory SUSE-SA:2009:022 (MozillaFirefox)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "SuSE Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"MozillaFirefox", rpm:"MozillaFirefox~3.0.8~1.1.1", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"MozillaFirefox-branding-upstream", rpm:"MozillaFirefox-branding-upstream~3.0.8~1.1.1", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"MozillaFirefox-translations", rpm:"MozillaFirefox-translations~3.0.8~1.1.1", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-xulrunner190", rpm:"mozilla-xulrunner190~1.9.0.8~1.1.1", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-xulrunner190-devel", rpm:"mozilla-xulrunner190-devel~1.9.0.8~1.1.1", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-xulrunner190-gnomevfs", rpm:"mozilla-xulrunner190-gnomevfs~1.9.0.8~1.1.1", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-xulrunner190-translations", rpm:"mozilla-xulrunner190-translations~1.9.0.8~1.1.1", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"python-xpcom190", rpm:"python-xpcom190~1.9.0.8~1.1.1", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"MozillaFirefox", rpm:"MozillaFirefox~3.0.8~1.1", rls:"openSUSE11.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"MozillaFirefox-translations", rpm:"MozillaFirefox-translations~3.0.8~1.1", rls:"openSUSE11.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-xulrunner190", rpm:"mozilla-xulrunner190~1.9.0.8~1.1", rls:"openSUSE11.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-xulrunner190-devel", rpm:"mozilla-xulrunner190-devel~1.9.0.8~1.1", rls:"openSUSE11.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-xulrunner190-gnomevfs", rpm:"mozilla-xulrunner190-gnomevfs~1.9.0.8~1.1", rls:"openSUSE11.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-xulrunner190-translations", rpm:"mozilla-xulrunner190-translations~1.9.0.8~1.1", rls:"openSUSE11.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-xulrunner190-64bit", rpm:"mozilla-xulrunner190-64bit~1.9.0.8~1.1", rls:"openSUSE11.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-xulrunner190-gnomevfs-64bit", rpm:"mozilla-xulrunner190-gnomevfs-64bit~1.9.0.8~1.1", rls:"openSUSE11.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-xulrunner190-translations-64bit", rpm:"mozilla-xulrunner190-translations-64bit~1.9.0.8~1.1", rls:"openSUSE11.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-xulrunner190-32bit", rpm:"mozilla-xulrunner190-32bit~1.9.0.8~1.1.1", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-xulrunner190-gnomevfs-32bit", rpm:"mozilla-xulrunner190-gnomevfs-32bit~1.9.0.8~1.1.1", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-xulrunner190-translations-32bit", rpm:"mozilla-xulrunner190-translations-32bit~1.9.0.8~1.1.1", rls:"openSUSE11.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-xulrunner190-32bit", rpm:"mozilla-xulrunner190-32bit~1.9.0.8~1.1", rls:"openSUSE11.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-xulrunner190-gnomevfs-32bit", rpm:"mozilla-xulrunner190-gnomevfs-32bit~1.9.0.8~1.1", rls:"openSUSE11.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-xulrunner190-translations-32bit", rpm:"mozilla-xulrunner190-translations-32bit~1.9.0.8~1.1", rls:"openSUSE11.0")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/suse_sa_2009_023.nasl
===================================================================
--- trunk/openvas-plugins/scripts/suse_sa_2009_023.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/suse_sa_2009_023.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,123 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory SUSE-SA:2009:023 (MozillaFirefox)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63848);
+ script_cve_id("CVE-2009-0040", "CVE-2009-0352", "CVE-2009-0353", "CVE-2009-0772", "CVE-2009-0774", "CVE-2009-0776", "CVE-2009-1169");
+ script_version ("$");
+ name["english"] = "SuSE Security Advisory SUSE-SA:2009:023 (MozillaFirefox)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing updates announced in
+advisory SUSE-SA:2009:023.
+
+The Mozilla Firefox Browser was refreshed to the current MOZILLA_1_8
+branch state around fix level 2.0.0.22, backporting various security
+fixes from the Firefox 3.0.8 browser version.
+
+Security issues identified as being fixed are:
+MFSA 2009-01 / CVE-2009-0352 / CVE-2009-0353: Mozilla developers
+identified and fixed several stability bugs in the browser engine used
+in Firefox and other Mozilla-based products. Some of these crashes
+showed evidence of memory corruption under certain circumstances and
+we presume that with enough effort at least some of these could be
+exploited to run arbitrary code.
+
+MFSA 2009-07 / CVE-2009-0772 / CVE-2009-0774: Mozilla developers
+identified and fixed several stability bugs in the browser engine used
+in Firefox and other Mozilla-based products. Some of these crashes
+showed evidence of memory corruption under certain circumstances and
+we presume that with enough effort at least some of these could be
+exploited to run arbitrary code.
+
+MFSA 2009-09 / CVE-2009-0776: Mozilla security researcher Georgi
+Guninski reported that a website could use nsIRDFService and a
+cross-domain redirect to steal arbitrary XML data from another domain,
+a violation of the same-origin policy. This vulnerability could be used
+by a malicious website to steal private data from users authenticated
+to the redirected website.
+
+MFSA 2009-10 / CVE-2009-0040: Google security researcher Tavis
+Ormandy reported several memory safety hazards to the libpng project,
+an external library used by Mozilla to render PNG images. These
+vulnerabilities could be used by a malicious website to crash a
+victim's browser and potentially execute arbitrary code on their
+computer. libpng was upgraded to version 1.2.35 which contains fixes
+for these flaws.
+
+MFSA 2009-12 / CVE-2009-1169: Security researcher Guido Landi
+discovered that a XSL stylesheet could be used to crash the browser
+during a XSL transformation. An attacker could potentially use this
+crash to run arbitrary code on a victim's computer.
+This vulnerability was also previously reported as a stability problem
+by Ubuntu community member, Andre. Ubuntu community member Michael
+Rooney reported Andre's findings to Mozilla, and Mozilla community
+member Martin helped reduce Andre's original test case and contributed
+a patch to fix the vulnerability.
+
+Solution:
+Update your system with the packages as indicated in
+the referenced security advisory.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:023
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "SuSE Security Advisory SUSE-SA:2009:023 (MozillaFirefox)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "SuSE Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"MozillaFirefox", rpm:"MozillaFirefox~2.0.0.21post~0.1", rls:"openSUSE10.3")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"MozillaFirefox-translations", rpm:"MozillaFirefox-translations~2.0.0.21post~0.1", rls:"openSUSE10.3")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/ubuntu_757_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ubuntu_757_1.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/ubuntu_757_1.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,243 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory USN-757-1 (gs-gpl)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63856);
+ script_cve_id("CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0196", "CVE-2009-0583", "CVE-2009-0584", "CVE-2009-0792", "CVE-2009-0189", "CVE-2008-5259", "CVE-2009-0190", "CVE-2009-0796", "CVE-2009-1185", "CVE-2009-1186");
+ script_version ("$");
+ name["english"] = "Ubuntu USN-757-1 (gs-gpl)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to gs-gpl
+announced via advisory USN-757-1.
+
+Details follow:
+
+It was discovered that Ghostscript contained a buffer underflow in its
+CCITTFax decoding filter. If a user or automated system were tricked into
+opening a crafted PDF file, an attacker could cause a denial of service or
+execute arbitrary code with privileges of the user invoking the program.
+(CVE-2007-6725)
+
+It was discovered that Ghostscript contained a buffer overflow in the
+BaseFont writer module. If a user or automated system were tricked into
+opening a crafted Postscript file, an attacker could cause a denial of
+service or execute arbitrary code with privileges of the user invoking the
+program. (CVE-2008-6679)
+
+It was discovered that Ghostscript contained additional integer overflows
+in its ICC color management library. If a user or automated system were
+tricked into opening a crafted Postscript or PDF file, an attacker could
+cause a denial of service or execute arbitrary code with privileges of the
+user invoking the program. (CVE-2009-0792)
+
+Alin Rad Pop discovered that Ghostscript contained a buffer overflow in the
+jbig2dec library. If a user or automated system were tricked into opening a
+crafted PDF file, an attacker could cause a denial of service or execute
+arbitrary code with privileges of the user invoking the program.
+(CVE-2009-0196)
+
+USN-743-1 provided updated ghostscript and gs-gpl packages to fix two
+security vulnerabilities. This update corrects the same vulnerabilities in
+the gs-esp package.
+
+Original advisory details:
+ It was discovered that Ghostscript contained multiple integer overflows in
+ its ICC color management library. If a user or automated system were
+ tricked into opening a crafted Postscript file, an attacker could cause a
+ denial of service or execute arbitrary code with privileges of the user
+ invoking the program. (CVE-2009-0583)
+
+ It was discovered that Ghostscript did not properly perform bounds
+ checking in its ICC color management library. If a user or automated
+ system were tricked into opening a crafted Postscript file, an attacker
+ could cause a denial of service or execute arbitrary code with privileges
+ of the user invoking the program. (CVE-2009-0584)
+
+Solution:
+The problem can be corrected by upgrading your system to the
+following package versions:
+
+Ubuntu 6.06 LTS:
+ gs-esp 8.15.2.dfsg.0ubuntu1-0ubuntu1.2
+ gs-gpl 8.15-4ubuntu3.3
+
+Ubuntu 8.04 LTS:
+ libgs8 8.61.dfsg.1-1ubuntu3.2
+
+Ubuntu 8.10:
+ libgs8 8.63.dfsg.1-0ubuntu6.4
+
+In general, a standard system upgrade is sufficient to effect the
+necessary changes.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=USN-757-1
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Ubuntu USN-757-1 (gs-gpl)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Ubuntu Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"gs", ver:"8.15-4ubuntu3.3", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"gs-esp", ver:"8.15.2.dfsg.0ubuntu1-0ubuntu1.2", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"gs-gpl", ver:"8.15-4ubuntu3.3", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"ghostscript-doc", ver:"8.61.dfsg.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"gs-gpl", ver:"8.61.dfsg.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"gs", ver:"8.61.dfsg.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libgs-esp-dev", ver:"8.61.dfsg.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"gs-aladdin", ver:"8.61.dfsg.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"gs-common", ver:"8.61.dfsg.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"gs-esp-x", ver:"8.61.dfsg.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"gs-esp", ver:"8.61.dfsg.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"ghostscript-x", ver:"8.61.dfsg.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"ghostscript", ver:"8.61.dfsg.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libgs-dev", ver:"8.61.dfsg.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libgs8", ver:"8.61.dfsg.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"ghostscript-doc", ver:"8.63.dfsg.1-0ubuntu6.4", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"gs-common", ver:"8.63.dfsg.1-0ubuntu6.4", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"gs-gpl", ver:"8.63.dfsg.1-0ubuntu6.4", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"gs", ver:"8.63.dfsg.1-0ubuntu6.4", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libgs-esp-dev", ver:"8.63.dfsg.1-0ubuntu6.4", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"gs-aladdin", ver:"8.63.dfsg.1-0ubuntu6.4", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"gs-esp-x", ver:"8.63.dfsg.1-0ubuntu6.4", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"gs-esp", ver:"8.63.dfsg.1-0ubuntu6.4", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"ghostscript-x", ver:"8.63.dfsg.1-0ubuntu6.4", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"ghostscript", ver:"8.63.dfsg.1-0ubuntu6.4", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libgs-dev", ver:"8.63.dfsg.1-0ubuntu6.4", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libgs8", ver:"8.63.dfsg.1-0ubuntu6.4", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"udev", ver:"079-0ubuntu35.1", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvolume-id-dev", ver:"113-0ubuntu17.2", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvolume-id0", ver:"113-0ubuntu17.2", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"udev", ver:"113-0ubuntu17.2", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"volumeid", ver:"113-0ubuntu17.2", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvolume-id-dev", ver:"117-8ubuntu0.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvolume-id0", ver:"117-8ubuntu0.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"udev", ver:"117-8ubuntu0.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvolume-id-dev", ver:"124-9ubuntu0.2", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvolume-id0", ver:"124-9ubuntu0.2", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"udev", ver:"124-9ubuntu0.2", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/ubuntu_758_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ubuntu_758_1.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/ubuntu_758_1.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,131 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory USN-758-1 (udev)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63857);
+ script_cve_id("CVE-2009-1185", "CVE-2009-1186");
+ script_version ("$");
+ name["english"] = "Ubuntu USN-758-1 (udev)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to udev
+announced via advisory USN-758-1.
+
+Details follow:
+
+Sebastian Krahmer discovered that udev did not correctly validate netlink
+message senders. A local attacker could send specially crafted messages
+to udev in order to gain root privileges. (CVE-2009-1185)
+
+Sebastian Krahmer discovered a buffer overflow in the path encoding routines
+in udev. A local attacker could exploit this to crash udev, leading to a
+denial of service. (CVE-2009-1186)
+
+Solution:
+The problem can be corrected by upgrading your system to the
+following package versions:
+
+Ubuntu 6.06 LTS:
+ udev 079-0ubuntu35.1
+
+Ubuntu 7.10:
+ udev 113-0ubuntu17.2
+
+Ubuntu 8.04 LTS:
+ udev 117-8ubuntu0.2
+
+Ubuntu 8.10:
+ udev 124-9ubuntu0.2
+
+After a standard system upgrade you need to reboot your computer to
+effect the necessary changes.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=USN-758-1
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Ubuntu USN-758-1 (udev)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Ubuntu Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"udev", ver:"079-0ubuntu35.1", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvolume-id-dev", ver:"113-0ubuntu17.2", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvolume-id0", ver:"113-0ubuntu17.2", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"udev", ver:"113-0ubuntu17.2", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"volumeid", ver:"113-0ubuntu17.2", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvolume-id-dev", ver:"117-8ubuntu0.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvolume-id0", ver:"117-8ubuntu0.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"udev", ver:"117-8ubuntu0.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvolume-id-dev", ver:"124-9ubuntu0.2", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvolume-id0", ver:"124-9ubuntu0.2", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"udev", ver:"124-9ubuntu0.2", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/ubuntu_759_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ubuntu_759_1.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/ubuntu_759_1.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,297 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory USN-759-1 (poppler)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63858);
+ script_cve_id("CVE-2009-0146", "CVE-2009-0147", "CVE-2009-0166", "CVE-2009-0799", "CVE-2009-0800", "CVE-2009-1179", "CVE-2009-1180", "CVE-2009-1181", "CVE-2009-1182", "CVE-2009-1183", "CVE-2009-1187", "CVE-2009-1188", "CVE-2009-1210", "CVE-2009-1266", "CVE-2009-1267", "CVE-2009-1268", "CVE-2009-1269", "CVE-2009-0163", "CVE-2009-0164", "CVE-2009-1185", "CVE-2009-1186");
+ script_version ("$");
+ name["english"] = "Ubuntu USN-759-1 (poppler)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to poppler
+announced via advisory USN-759-1.
+
+Details follow:
+
+Will Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that
+poppler contained multiple security issues in its JBIG2 decoder. If a user
+or automated system were tricked into opening a crafted PDF file, an
+attacker could cause a denial of service or execute arbitrary code with
+privileges of the user invoking the program.
+
+Solution:
+The problem can be corrected by upgrading your system to the
+following package versions:
+
+Ubuntu 6.06 LTS:
+ libpoppler1 0.5.1-0ubuntu7.5
+ libpoppler1-glib 0.5.1-0ubuntu7.5
+
+Ubuntu 8.04 LTS:
+ libpoppler-glib2 0.6.4-1ubuntu3.2
+ libpoppler2 0.6.4-1ubuntu3.2
+
+Ubuntu 8.10:
+ libpoppler-glib3 0.8.7-1ubuntu0.2
+ libpoppler3 0.8.7-1ubuntu0.2
+
+In general, a standard system upgrade is sufficient to effect the
+necessary changes.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=USN-759-1
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Ubuntu USN-759-1 (poppler)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Ubuntu Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"libpoppler-dev", ver:"0.5.1-0ubuntu7.5", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler-glib-dev", ver:"0.5.1-0ubuntu7.5", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler-qt-dev", ver:"0.5.1-0ubuntu7.5", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler1-glib", ver:"0.5.1-0ubuntu7.5", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler1-qt", ver:"0.5.1-0ubuntu7.5", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler1", ver:"0.5.1-0ubuntu7.5", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"poppler-utils", ver:"0.5.1-0ubuntu7.5", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler-dev", ver:"0.6.4-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler-glib-dev", ver:"0.6.4-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler-glib2", ver:"0.6.4-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler-qt-dev", ver:"0.6.4-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler-qt2", ver:"0.6.4-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler-qt4-2", ver:"0.6.4-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler-qt4-dev", ver:"0.6.4-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler2", ver:"0.6.4-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"poppler-utils", ver:"0.6.4-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler-dev", ver:"0.8.7-1ubuntu0.2", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler-glib-dev", ver:"0.8.7-1ubuntu0.2", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler-glib3", ver:"0.8.7-1ubuntu0.2", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler-qt-dev", ver:"0.8.7-1ubuntu0.2", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler-qt2", ver:"0.8.7-1ubuntu0.2", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler-qt4-3", ver:"0.8.7-1ubuntu0.2", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler-qt4-dev", ver:"0.8.7-1ubuntu0.2", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler3", ver:"0.8.7-1ubuntu0.2", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"poppler-dbg", ver:"0.8.7-1ubuntu0.2", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"poppler-utils", ver:"0.8.7-1ubuntu0.2", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsys2-gnutls10", ver:"1.2.7-4etch7", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-common", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-bsd", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsys2-dev", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-dbg", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsys2", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-client", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsimage2", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsimage2-dev", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cups-common", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cups-dbg", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cups-bsd", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cups", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcups2-dev", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cups-client", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcups2", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsys2-gnutls10", ver:"1.2.2-0ubuntu0.6.06.13", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-bsd", ver:"1.2.2-0ubuntu0.6.06.13", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-client", ver:"1.2.2-0ubuntu0.6.06.13", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys", ver:"1.2.2-0ubuntu0.6.06.13", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsimage2-dev", ver:"1.2.2-0ubuntu0.6.06.13", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsimage2", ver:"1.2.2-0ubuntu0.6.06.13", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsys2-dev", ver:"1.2.2-0ubuntu0.6.06.13", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsys2", ver:"1.2.2-0ubuntu0.6.06.13", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-common", ver:"1.3.2-1ubuntu7.10", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-bsd", ver:"1.3.2-1ubuntu7.10", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-client", ver:"1.3.2-1ubuntu7.10", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys", ver:"1.3.2-1ubuntu7.10", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsimage2-dev", ver:"1.3.2-1ubuntu7.10", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsimage2", ver:"1.3.2-1ubuntu7.10", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsys2-dev", ver:"1.3.2-1ubuntu7.10", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsys2", ver:"1.3.2-1ubuntu7.10", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-common", ver:"1.3.7-1ubuntu3.4", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-bsd", ver:"1.3.7-1ubuntu3.4", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-client", ver:"1.3.7-1ubuntu3.4", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys", ver:"1.3.7-1ubuntu3.4", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsimage2-dev", ver:"1.3.7-1ubuntu3.4", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsimage2", ver:"1.3.7-1ubuntu3.4", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsys2-dev", ver:"1.3.7-1ubuntu3.4", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsys2", ver:"1.3.7-1ubuntu3.4", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/ubuntu_760_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ubuntu_760_1.nasl 2009-04-20 21:27:24 UTC (rev 3146)
+++ trunk/openvas-plugins/scripts/ubuntu_760_1.nasl 2009-04-20 21:45:17 UTC (rev 3147)
@@ -0,0 +1,216 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory USN-760-1 (cupsys)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63859);
+ script_cve_id("CVE-2009-0163");
+ script_version ("$");
+ name["english"] = "Ubuntu USN-760-1 (cupsys)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to cupsys
+announced via advisory USN-760-1.
+
+Details follow:
+
+It was discovered that CUPS did not properly check the height of TIFF images.
+If a user or automated system were tricked into opening a crafted TIFF image
+file, a remote attacker could cause a denial of service or possibly execute
+arbitrary code with user privileges. In Ubuntu 7.10, 8.04 LTS, and 8.10,
+attackers would be isolated by the AppArmor CUPS profile.
+
+Solution:
+The problem can be corrected by upgrading your system to the
+following package versions:
+
+Ubuntu 6.06 LTS:
+ libcupsimage2 1.2.2-0ubuntu0.6.06.13
+
+Ubuntu 7.10:
+ libcupsimage2 1.3.2-1ubuntu7.10
+
+Ubuntu 8.04 LTS:
+ libcupsimage2 1.3.7-1ubuntu3.4
+
+Ubuntu 8.10:
+ libcupsimage2 1.3.9-2ubuntu9.1
+
+In general, a standard system upgrade is sufficient to effect the
+necessary changes.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=USN-760-1
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Ubuntu USN-760-1 (cupsys)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Ubuntu Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"libcupsys2-gnutls10", ver:"1.2.2-0ubuntu0.6.06.13", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-bsd", ver:"1.2.2-0ubuntu0.6.06.13", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-client", ver:"1.2.2-0ubuntu0.6.06.13", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys", ver:"1.2.2-0ubuntu0.6.06.13", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsimage2-dev", ver:"1.2.2-0ubuntu0.6.06.13", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsimage2", ver:"1.2.2-0ubuntu0.6.06.13", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsys2-dev", ver:"1.2.2-0ubuntu0.6.06.13", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsys2", ver:"1.2.2-0ubuntu0.6.06.13", rls:"UBUNTU6.06 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-common", ver:"1.3.2-1ubuntu7.10", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-bsd", ver:"1.3.2-1ubuntu7.10", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-client", ver:"1.3.2-1ubuntu7.10", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys", ver:"1.3.2-1ubuntu7.10", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsimage2-dev", ver:"1.3.2-1ubuntu7.10", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsimage2", ver:"1.3.2-1ubuntu7.10", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsys2-dev", ver:"1.3.2-1ubuntu7.10", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsys2", ver:"1.3.2-1ubuntu7.10", rls:"UBUNTU7.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-common", ver:"1.3.7-1ubuntu3.4", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-bsd", ver:"1.3.7-1ubuntu3.4", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-client", ver:"1.3.7-1ubuntu3.4", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys", ver:"1.3.7-1ubuntu3.4", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsimage2-dev", ver:"1.3.7-1ubuntu3.4", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsimage2", ver:"1.3.7-1ubuntu3.4", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsys2-dev", ver:"1.3.7-1ubuntu3.4", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsys2", ver:"1.3.7-1ubuntu3.4", rls:"UBUNTU8.04 LTS")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cups-common", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-bsd", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-client", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-dbg", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsys2-dev", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cupsys-common", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsys2", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cups-bsd", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cups-client", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cups-dbg", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"cups", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcups2-dev", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcups2", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsimage2-dev", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libcupsimage2", ver:"1.3.9-2ubuntu9.1", rls:"UBUNTU8.10")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
More information about the Openvas-commits
mailing list