[Openvas-commits] r6057 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Thu Dec 3 22:10:52 CET 2009


Author: reinke
Date: 2009-12-03 22:10:42 +0100 (Thu, 03 Dec 2009)
New Revision: 6057

Added:
   trunk/openvas-plugins/scripts/RHSA_2009_1601.nasl
   trunk/openvas-plugins/scripts/RHSA_2009_1615.nasl
   trunk/openvas-plugins/scripts/RHSA_2009_1619.nasl
   trunk/openvas-plugins/scripts/RHSA_2009_1620.nasl
   trunk/openvas-plugins/scripts/deb_1939_1.nasl
   trunk/openvas-plugins/scripts/deb_1941_1.nasl
   trunk/openvas-plugins/scripts/fcore_2009_10751.nasl
   trunk/openvas-plugins/scripts/fcore_2009_10783.nasl
   trunk/openvas-plugins/scripts/fcore_2009_11070.nasl
   trunk/openvas-plugins/scripts/fcore_2009_11126.nasl
   trunk/openvas-plugins/scripts/fcore_2009_11352.nasl
   trunk/openvas-plugins/scripts/fcore_2009_11356.nasl
   trunk/openvas-plugins/scripts/fcore_2009_11374.nasl
   trunk/openvas-plugins/scripts/fcore_2009_11919.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12218.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12233.nasl
   trunk/openvas-plugins/scripts/freebsd_bugzilla8.nasl
   trunk/openvas-plugins/scripts/freebsd_libtool0.nasl
   trunk/openvas-plugins/scripts/freebsd_libvorbis1.nasl
   trunk/openvas-plugins/scripts/glsa_200911_03.nasl
   trunk/openvas-plugins/scripts/glsa_200911_04.nasl
   trunk/openvas-plugins/scripts/glsa_200911_05.nasl
   trunk/openvas-plugins/scripts/glsa_200911_06.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_303.nasl
   trunk/openvas-plugins/scripts/sles10_ethereal4.nasl
   trunk/openvas-plugins/scripts/sles10_java-1_4_2-ibm4.nasl
   trunk/openvas-plugins/scripts/sles10_mutt1.nasl
   trunk/openvas-plugins/scripts/sles11_bind0.nasl
   trunk/openvas-plugins/scripts/sles11_cdparanoia.nasl
   trunk/openvas-plugins/scripts/sles11_ext4dev-kmp-def4.nasl
   trunk/openvas-plugins/scripts/sles11_java-1_4_2-ibm1.nasl
   trunk/openvas-plugins/scripts/sles11_mutt0.nasl
   trunk/openvas-plugins/scripts/sles9p5063230.nasl
   trunk/openvas-plugins/scripts/sles9p5063382.nasl
   trunk/openvas-plugins/scripts/sles9p5063532.nasl
   trunk/openvas-plugins/scripts/ubuntu_861_1.nasl
   trunk/openvas-plugins/scripts/ubuntu_862_1.nasl
Modified:
   trunk/openvas-plugins/ChangeLog
Log:
New scripts added

Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/ChangeLog	2009-12-03 21:10:42 UTC (rev 6057)
@@ -1,3 +1,49 @@
+2009-12-03  Thomas Reinke <reinke at securityspace.com>
+
+	* scripts/deb_1939_1.nasl,
+	scripts/deb_1941_1.nasl,
+	scripts/freebsd_bugzilla8.nasl,
+	scripts/freebsd_libtool0.nasl,
+	scripts/freebsd_libvorbis1.nasl,
+	scripts/glsa_200911_03.nasl,
+	scripts/glsa_200911_04.nasl,
+	scripts/glsa_200911_05.nasl,
+	scripts/glsa_200911_06.nasl,
+	scripts/ubuntu_861_1.nasl,
+	scripts/ubuntu_862_1.nasl,
+	scripts/mdksa_2009_303.nasl,
+	scripts/RHSA_2009_1601.nasl,
+	scripts/RHSA_2009_1615.nasl,
+	scripts/RHSA_2009_1619.nasl,
+	scripts/RHSA_2009_1620.nasl,
+	scripts/fcore_2009_10751.nasl,
+	scripts/fcore_2009_10783.nasl,
+	scripts/fcore_2009_11070.nasl,
+	scripts/fcore_2009_11126.nasl,
+	scripts/fcore_2009_11352.nasl,
+	scripts/fcore_2009_11356.nasl,
+	scripts/fcore_2009_11374.nasl,
+	scripts/fcore_2009_11919.nasl,
+	scripts/fcore_2009_12218.nasl,
+	scripts/fcore_2009_12233.nasl,
+	scripts/sles9p5063230.nasl,
+	scripts/sles9p5063382.nasl,
+	scripts/sles9p5063532.nasl,
+	scripts/sles10_ethereal4.nasl,
+	scripts/sles10_java-1_4_2-ibm4.nasl,
+	scripts/sles10_mutt1.nasl,
+	scripts/sles11_bind0.nasl,
+	scripts/sles11_cdparanoia.nasl,
+	scripts/sles11_ext4dev-kmp-def4.nasl,
+	scripts/sles11_java-1_4_2-ibm1.nasl,
+	scripts/sles11_mutt0.nasl:
+	New scripts.
+
+2009-12-03  Thomas Reinke <reinke at securityspace.com>
+
+	* scripts/gb_typsoft_ftp_server_dos_vuln.nasl
+	Incorrect dependency fixed.
+
 2009-12-03  Michael Wiegand <michael.wiegand at intevation.de>
 
 	Improved SLAD support.

Added: trunk/openvas-plugins/scripts/RHSA_2009_1601.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RHSA_2009_1601.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/RHSA_2009_1601.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,104 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory RHSA-2009:1601 ()
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66316);
+ script_cve_id("CVE-2009-0689");
+ script_version ("$Revision$");
+ script_name("RedHat Security Advisory RHSA-2009:1601");
+
+ desc = "
+The remote host is missing updates announced in
+advisory RHSA-2009:1601.
+
+The kdelibs packages provide libraries for the K Desktop Environment (KDE).
+
+A buffer overflow flaw was found in the kdelibs string to floating point
+conversion routines. A web page containing malicious JavaScript could crash
+Konqueror or, potentially, execute arbitrary code with the privileges of
+the user running Konqueror. (CVE-2009-0689)
+
+Users should upgrade to these updated packages, which contain a backported
+patch to correct this issue. The desktop must be restarted (log out, then
+log back in) for this update to take effect.
+
+Solution:
+Please note that this update is available via
+Red Hat Network.  To use Red Hat Network, launch the Red
+Hat Update Agent with the following command: up2date
+
+http://rhn.redhat.com/errata/RHSA-2009-1601.html
+http://www.redhat.com/security/updates/classification/#critical
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Redhat Security Advisory RHSA-2009:1601");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"kdelibs", rpm:"kdelibs~3.3.1~17.el4_8.1", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdelibs-debuginfo", rpm:"kdelibs-debuginfo~3.3.1~17.el4_8.1", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdelibs-devel", rpm:"kdelibs-devel~3.3.1~17.el4_8.1", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdelibs", rpm:"kdelibs~3.5.4~25.el5_4.1", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdelibs-apidocs", rpm:"kdelibs-apidocs~3.5.4~25.el5_4.1", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdelibs-debuginfo", rpm:"kdelibs-debuginfo~3.5.4~25.el5_4.1", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdelibs-devel", rpm:"kdelibs-devel~3.5.4~25.el5_4.1", rls:"RHENT_5")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/RHSA_2009_1615.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RHSA_2009_1615.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/RHSA_2009_1615.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,111 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory RHSA-2009:1615 ()
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66317);
+ script_cve_id("CVE-2009-2625");
+ script_version ("$Revision$");
+ script_name("RedHat Security Advisory RHSA-2009:1615");
+
+ desc = "
+The remote host is missing updates announced in
+advisory RHSA-2009:1615.
+
+The xerces-j2 packages provide the Apache Xerces2 Java Parser, a
+high-performance XML parser. A Document Type Definition (DTD) defines the
+legal syntax (and also which elements can be used) for certain types of
+files, such as XML files.
+
+A flaw was found in the way the Apache Xerces2 Java Parser processed the
+SYSTEM identifier in DTDs. A remote attacker could provide a
+specially-crafted XML file, which once parsed by an application using the
+Apache Xerces2 Java Parser, would lead to a denial of service (application
+hang due to excessive CPU use). (CVE-2009-2625)
+
+Users should upgrade to these updated packages, which contain a backported
+patch to correct this issue. Applications using the Apache Xerces2 Java
+Parser must be restarted for this update to take effect.
+
+Solution:
+Please note that this update is available via
+Red Hat Network.  To use Red Hat Network, launch the Red
+Hat Update Agent with the following command: up2date
+
+http://rhn.redhat.com/errata/RHSA-2009-1615.html
+http://www.redhat.com/security/updates/classification/#moderate
+
+Risk factor : Medium";
+
+ script_description(desc);
+
+ script_summary("Redhat Security Advisory RHSA-2009:1615");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"xerces-j2", rpm:"xerces-j2~2.7.1~7jpp.2.el5_4.2", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xerces-j2-debuginfo", rpm:"xerces-j2-debuginfo~2.7.1~7jpp.2.el5_4.2", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xerces-j2-scripts", rpm:"xerces-j2-scripts~2.7.1~7jpp.2.el5_4.2", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xerces-j2-demo", rpm:"xerces-j2-demo~2.7.1~7jpp.2.el5_4.2", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xerces-j2-javadoc-apis", rpm:"xerces-j2-javadoc-apis~2.7.1~7jpp.2.el5_4.2", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xerces-j2-javadoc-impl", rpm:"xerces-j2-javadoc-impl~2.7.1~7jpp.2.el5_4.2", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xerces-j2-javadoc-other", rpm:"xerces-j2-javadoc-other~2.7.1~7jpp.2.el5_4.2", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xerces-j2-javadoc-xni", rpm:"xerces-j2-javadoc-xni~2.7.1~7jpp.2.el5_4.2", rls:"RHENT_5")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/RHSA_2009_1619.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RHSA_2009_1619.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/RHSA_2009_1619.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,88 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory RHSA-2009:1619 ()
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66318);
+ script_cve_id("CVE-2009-3894");
+ script_version ("$Revision$");
+ script_name("RedHat Security Advisory RHSA-2009:1619");
+
+ desc = "
+The remote host is missing updates announced in
+advisory RHSA-2009:1619.
+
+Dstat is a versatile replacement for the vmstat, iostat, and netstat tools.
+Dstat can be used for performance tuning tests, benchmarks, and
+troubleshooting.
+
+Robert Buchholz of the Gentoo Security Team reported a flaw in the Python
+module search path used in dstat. If a local attacker could trick a
+local user into running dstat from a directory containing a Python script
+that is named like an importable module, they could execute arbitrary code
+with the privileges of the user running dstat. (CVE-2009-3894)
+
+All dstat users should upgrade to this updated package, which contains a
+backported patch to correct this issue.
+
+Solution:
+Please note that this update is available via
+Red Hat Network.  To use Red Hat Network, launch the Red
+Hat Update Agent with the following command: up2date
+
+http://rhn.redhat.com/errata/RHSA-2009-1619.html
+http://www.redhat.com/security/updates/classification/#moderate
+
+Risk factor : Medium";
+
+ script_description(desc);
+
+ script_summary("Redhat Security Advisory RHSA-2009:1619");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"dstat", rpm:"dstat~0.6.6~3.el5_4.1", rls:"RHENT_5")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/RHSA_2009_1620.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RHSA_2009_1620.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/RHSA_2009_1620.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,116 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory RHSA-2009:1620 ()
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66319);
+ script_cve_id("CVE-2009-4022");
+ script_version ("$Revision$");
+ script_name("RedHat Security Advisory RHSA-2009:1620");
+
+ desc = "
+The remote host is missing updates announced in
+advisory RHSA-2009:1620.
+
+The Berkeley Internet Name Domain (BIND) is an implementation of the Domain
+Name System (DNS) protocols. BIND includes a DNS server (named); a resolver
+library (routines for applications to use when interfacing with DNS); and
+tools for verifying that the DNS server is operating correctly.
+
+Michael Sinatra discovered that BIND was incorrectly caching responses
+without performing proper DNSSEC validation, when those responses were
+received during the resolution of a recursive client query that requested
+DNSSEC records but indicated that checking should be disabled. A remote
+attacker could use this flaw to bypass the DNSSEC validation check and
+perform a cache poisoning attack if the target BIND server was receiving
+such client queries. (CVE-2009-4022)
+
+All BIND users are advised to upgrade to these updated packages, which
+contain a backported patch to resolve this issue. After installing the
+update, the BIND daemon (named) will be restarted automatically.
+
+Solution:
+Please note that this update is available via
+Red Hat Network.  To use Red Hat Network, launch the Red
+Hat Update Agent with the following command: up2date
+
+http://rhn.redhat.com/errata/RHSA-2009-1620.html
+http://www.redhat.com/security/updates/classification/#moderate
+
+Risk factor : Medium";
+
+ script_description(desc);
+
+ script_summary("Redhat Security Advisory RHSA-2009:1620");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"bind", rpm:"bind~9.3.6~4.P1.el5_4.1", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-debuginfo", rpm:"bind-debuginfo~9.3.6~4.P1.el5_4.1", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-libs", rpm:"bind-libs~9.3.6~4.P1.el5_4.1", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-sdb", rpm:"bind-sdb~9.3.6~4.P1.el5_4.1", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-utils", rpm:"bind-utils~9.3.6~4.P1.el5_4.1", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-chroot", rpm:"bind-chroot~9.3.6~4.P1.el5_4.1", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-devel", rpm:"bind-devel~9.3.6~4.P1.el5_4.1", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-libbind-devel", rpm:"bind-libbind-devel~9.3.6~4.P1.el5_4.1", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"caching-nameserver", rpm:"caching-nameserver~9.3.6~4.P1.el5_4.1", rls:"RHENT_5")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_1939_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1939_1.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/deb_1939_1.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,109 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1939-1 (libvorbis)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66331);
+ script_cve_id("CVE-2009-2663", "CVE-2009-3379");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1939-1 (libvorbis)");
+
+ desc = "
+The remote host is missing an update to libvorbis
+announced via advisory DSA 1939-1.
+
+Lucas Adamski, Matthew Gregan, David Keeler, and Dan Kaminsky discovered
+that libvorbis, a library for the Vorbis general-purpose compressed
+audio codec, did not correctly handle certain malformed ogg files. An
+attacher could cause a denial of service (memory corruption and
+application crash) or possibly execute arbitrary code via a crafted .ogg
+file.
+
+For the oldstable distribution (etch), these problems have been fixed in
+version 1.1.2.dfsg-1.4+etch1.
+
+For the stable distribution (lenny), these problems have been fixed in
+version 1.2.0.dfsg-3.1+lenny1.
+
+For the testing distribution (squeeze) and the unstable distribution
+(sid), these problems have been fixed in version 1.2.3-1
+
+We recommend that you upgrade your libvorbis packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201939-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1939-1 (libvorbis)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"libvorbisenc2", ver:"1.1.2.dfsg-1.4+etch1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvorbisfile3", ver:"1.1.2.dfsg-1.4+etch1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvorbis0a", ver:"1.1.2.dfsg-1.4+etch1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvorbis-dev", ver:"1.1.2.dfsg-1.4+etch1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvorbisfile3", ver:"1.2.0.dfsg-3.1+lenny1", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvorbis0a", ver:"1.2.0.dfsg-3.1+lenny1", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvorbis-dev", ver:"1.2.0.dfsg-3.1+lenny1", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvorbisenc2", ver:"1.2.0.dfsg-3.1+lenny1", rls:"DEB5.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_1941_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1941_1.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/deb_1941_1.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,112 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1941-1 (poppler)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66332);
+ script_cve_id("CVE-2009-0755", "CVE-2009-3903", "CVE-2009-3904", "CVE-2009-3905", "CVE-2009-3906", "CVE-2009-3907", "CVE-2009-3908", "CVE-2009-3909", "CVE-2009-3938");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1941-1 (poppler)");
+
+ desc = "
+The remote host is missing an update to poppler
+announced via advisory DSA 1941-1.
+
+Several integer overflows, buffer overflows and memory allocation
+errors were discovered in the Poppler PDF rendering library, which may
+lead to denial of service or the execution of arbitrary code if a user
+is tricked into opening a malformed PDF document.
+
+For the stable distribution (lenny), these problems have been fixed in
+version 0.8.7-3.
+
+An update for the old stable distribution (etch) will be issued soon as
+version 0.4.5-5.1etch4.
+
+For the unstable distribution (sid), these problems will be fixed soon.
+
+We recommend that you upgrade your poppler packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201941-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1941-1 (poppler)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"libpoppler-dev", ver:"0.8.7-3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler-qt-dev", ver:"0.8.7-3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"poppler-utils", ver:"0.8.7-3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler-qt2", ver:"0.8.7-3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler-glib3", ver:"0.8.7-3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler-qt4-dev", ver:"0.8.7-3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler-qt4-3", ver:"0.8.7-3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler3", ver:"0.8.7-3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpoppler-glib-dev", ver:"0.8.7-3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"poppler-dbg", ver:"0.8.7-3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_10751.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_10751.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/fcore_2009_10751.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,118 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-10751 (snort)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66322);
+ script_cve_id("CVE-2009-3641");
+ script_version ("$Revision$");
+ script_name("Fedora Core 10 FEDORA-2009-10751 (snort)");
+
+ desc = "
+The remote host is missing an update to snort
+announced via advisory FEDORA-2009-10751.
+
+Update Information:
+
+Update to 2.8.5.1 which includes a fix for CVE-2009-3641 DoS (crash) while
+printing specially-crafted IPv6 packet using the -v option
+
+ChangeLog:
+
+* Sun Oct 25 2009 Dennis Gilmore  - 2.8.5.1-1
+- update for CVE-2009-3641
+
+References:
+
+[ 1 ] Bug #530863 - CVE-2009-3641 Snort: DoS (crash) while printing specially-crafted IPv6 packet using the -v option
+https://bugzilla.redhat.com/show_bug.cgi?id=530863
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update snort' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-10751
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 10 FEDORA-2009-10751 (snort)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"snort", rpm:"snort~2.8.5.1~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-bloat", rpm:"snort-bloat~2.8.5.1~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-mysql", rpm:"snort-mysql~2.8.5.1~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-mysql+flexresp", rpm:"snort-mysql+flexresp~2.8.5.1~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-plain+flexresp", rpm:"snort-plain+flexresp~2.8.5.1~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-postgresql", rpm:"snort-postgresql~2.8.5.1~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-postgresql+flexresp", rpm:"snort-postgresql+flexresp~2.8.5.1~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-snmp", rpm:"snort-snmp~2.8.5.1~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-snmp+flexresp", rpm:"snort-snmp+flexresp~2.8.5.1~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-debuginfo", rpm:"snort-debuginfo~2.8.5.1~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_10783.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_10783.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/fcore_2009_10783.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,118 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-10783 (snort)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66325);
+ script_cve_id("CVE-2009-3641");
+ script_version ("$Revision$");
+ script_name("Fedora Core 11 FEDORA-2009-10783 (snort)");
+
+ desc = "
+The remote host is missing an update to snort
+announced via advisory FEDORA-2009-10783.
+
+Update Information:
+
+Update to 2.8.5.1 which includes a fix for CVE-2009-3641 DoS (crash) while
+printing specially-crafted IPv6 packet using the -v option
+
+ChangeLog:
+
+* Sun Oct 25 2009 Dennis Gilmore  - 2.8.5.1-1
+- update for CVE-2009-3641
+
+References:
+
+[ 1 ] Bug #530863 - CVE-2009-3641 Snort: DoS (crash) while printing specially-crafted IPv6 packet using the -v option
+https://bugzilla.redhat.com/show_bug.cgi?id=530863
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update snort' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-10783
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 11 FEDORA-2009-10783 (snort)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"snort", rpm:"snort~2.8.5.1~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-bloat", rpm:"snort-bloat~2.8.5.1~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-mysql", rpm:"snort-mysql~2.8.5.1~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-mysql+flexresp", rpm:"snort-mysql+flexresp~2.8.5.1~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-plain+flexresp", rpm:"snort-plain+flexresp~2.8.5.1~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-postgresql", rpm:"snort-postgresql~2.8.5.1~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-postgresql+flexresp", rpm:"snort-postgresql+flexresp~2.8.5.1~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-snmp", rpm:"snort-snmp~2.8.5.1~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-snmp+flexresp", rpm:"snort-snmp+flexresp~2.8.5.1~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-debuginfo", rpm:"snort-debuginfo~2.8.5.1~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_11070.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_11070.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/fcore_2009_11070.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,191 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-11070 (asterisk)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66321);
+ script_cve_id("CVE-2008-7220");
+ script_version ("$Revision$");
+ script_name("Fedora Core 11 FEDORA-2009-11070 (asterisk)");
+
+ desc = "
+The remote host is missing an update to asterisk
+announced via advisory FEDORA-2009-11070.
+
+Update Information:
+
+* Wed Nov  4 2009 Jeffrey C. Ollie  - 1.6.1.9-1 - Update to
+1.6.1.9 to fix AST-2009-009/CVE-2008-7220 and AST-2009-008 - Fix obsoletes for
+firmware subpackage
+
+ChangeLog:
+
+* Wed Nov  4 2009 Jeffrey C. Ollie  - 1.6.1.9-1
+- Update to 1.6.1.9 to fix AST-2009-009/CVE-2008-7220 and AST-2009-008
+- Fix obsoletes for firmware subpackage
+
+References:
+
+[ 1 ] Bug #523277 - CVE-2008-7220 WordPress, MediaTomb, python-webhelpers, Asterisk, Plone -- embedded Prototype JavaScript FrameWork: XSS Ajax requests (AST-2009-009)
+https://bugzilla.redhat.com/show_bug.cgi?id=523277
+[ 2 ] Bug #533137 - Asterisk: SIP responses expose valid usernames (AST-2009-008)
+https://bugzilla.redhat.com/show_bug.cgi?id=533137
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update asterisk' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11070
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 11 FEDORA-2009-11070 (asterisk)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"asterisk", rpm:"asterisk~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-ais", rpm:"asterisk-ais~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-alsa", rpm:"asterisk-alsa~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-apidoc", rpm:"asterisk-apidoc~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-curl", rpm:"asterisk-curl~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-dahdi", rpm:"asterisk-dahdi~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-devel", rpm:"asterisk-devel~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-fax", rpm:"asterisk-fax~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-festival", rpm:"asterisk-festival~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-ices", rpm:"asterisk-ices~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-jabber", rpm:"asterisk-jabber~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-jack", rpm:"asterisk-jack~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-ldap", rpm:"asterisk-ldap~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-ldap-fds", rpm:"asterisk-ldap-fds~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-lua", rpm:"asterisk-lua~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-minivm", rpm:"asterisk-minivm~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-misdn", rpm:"asterisk-misdn~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-odbc", rpm:"asterisk-odbc~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-oss", rpm:"asterisk-oss~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-portaudio", rpm:"asterisk-portaudio~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-postgresql", rpm:"asterisk-postgresql~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-radius", rpm:"asterisk-radius~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-skinny", rpm:"asterisk-skinny~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-snmp", rpm:"asterisk-snmp~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-sqlite", rpm:"asterisk-sqlite~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-tds", rpm:"asterisk-tds~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-unistim", rpm:"asterisk-unistim~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-usbradio", rpm:"asterisk-usbradio~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-voicemail", rpm:"asterisk-voicemail~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-voicemail-imap", rpm:"asterisk-voicemail-imap~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-voicemail-odbc", rpm:"asterisk-voicemail-odbc~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-voicemail-plain", rpm:"asterisk-voicemail-plain~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-debuginfo", rpm:"asterisk-debuginfo~1.6.1.9~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_11126.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_11126.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/fcore_2009_11126.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,191 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-11126 (asterisk)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66324);
+ script_cve_id("CVE-2008-7220", "CVE-2009-0041");
+ script_version ("$Revision$");
+ script_name("Fedora Core 10 FEDORA-2009-11126 (asterisk)");
+
+ desc = "
+The remote host is missing an update to asterisk
+announced via advisory FEDORA-2009-11126.
+
+Update Information:
+
+* Thu Nov  5 2009 Jeffrey C. Ollie  - 1.6.0.17-2
+- Fix firmware path
+* Wed Nov  4 2009 Jeffrey C. Ollie  - 1.6.0.17-1
+- Update to 1.6.0.17 to fix AST-2009-009/CVE-2008-7220
+- Merge the firmware subpackage back into the main package.
+- Don't package the iaxy firmware anymore.
+
+ChangeLog:
+
+* Thu Nov  5 2009 Jeffrey C. Ollie  - 1.6.0.17-2
+- Fix firmware path
+* Wed Nov  4 2009 Jeffrey C. Ollie  - 1.6.0.17-1
+- Update to 1.6.0.17 to fix AST-2009-009/CVE-2008-7220
+- Merge the firmware subpackage back into the main package.
+- Don't package the iaxy firmware anymore.
+
+References:
+
+[ 1 ] Bug #533137 - Asterisk: SIP responses expose valid usernames (AST-2009-008)
+https://bugzilla.redhat.com/show_bug.cgi?id=533137
+[ 2 ] Bug #523277 - CVE-2008-7220 WordPress, MediaTomb, python-webhelpers, Asterisk, Plone -- embedded Prototype JavaScript FrameWork: XSS Ajax requests (AST-2009-009)
+https://bugzilla.redhat.com/show_bug.cgi?id=523277
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update asterisk' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11126
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 10 FEDORA-2009-11126 (asterisk)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"asterisk", rpm:"asterisk~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-alsa", rpm:"asterisk-alsa~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-curl", rpm:"asterisk-curl~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-dahdi", rpm:"asterisk-dahdi~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-devel", rpm:"asterisk-devel~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-fax", rpm:"asterisk-fax~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-festival", rpm:"asterisk-festival~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-ices", rpm:"asterisk-ices~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-jabber", rpm:"asterisk-jabber~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-jack", rpm:"asterisk-jack~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-ldap", rpm:"asterisk-ldap~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-ldap-fds", rpm:"asterisk-ldap-fds~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-lua", rpm:"asterisk-lua~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-minivm", rpm:"asterisk-minivm~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-misdn", rpm:"asterisk-misdn~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-odbc", rpm:"asterisk-odbc~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-oss", rpm:"asterisk-oss~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-portaudio", rpm:"asterisk-portaudio~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-postgresql", rpm:"asterisk-postgresql~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-radius", rpm:"asterisk-radius~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-skinny", rpm:"asterisk-skinny~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-snmp", rpm:"asterisk-snmp~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-sqlite", rpm:"asterisk-sqlite~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-tds", rpm:"asterisk-tds~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-unistim", rpm:"asterisk-unistim~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-usbradio", rpm:"asterisk-usbradio~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-voicemail", rpm:"asterisk-voicemail~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-voicemail-imap", rpm:"asterisk-voicemail-imap~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-voicemail-odbc", rpm:"asterisk-voicemail-odbc~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-voicemail-plain", rpm:"asterisk-voicemail-plain~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-debuginfo", rpm:"asterisk-debuginfo~1.6.0.17~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_11352.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_11352.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/fcore_2009_11352.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,112 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-11352 (tomcat6)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66329);
+ script_cve_id("CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783");
+ script_version ("$Revision$");
+ script_name("Fedora Core 12 FEDORA-2009-11352 (tomcat6)");
+
+ desc = "
+The remote host is missing an update to tomcat6
+announced via advisory FEDORA-2009-11352.
+
+Update Information:
+
+Fix for CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, and
+CVE-2009-0783.
+
+ChangeLog:
+
+* Mon Nov  9 2009 Alexander Kurtakov  0:6.0.20-1
+- Update to 6.0.20. Fixes CVE-2009-0033,CVE-2009-0580.
+
+References:
+
+[ 1 ] Bug #533903 - CVE-2009-0033 CVE-2009-0580 CVE-2009-0783 CVE-2008-5515 CVE-2009-0781 Multiple tomcat6 vulnerabilities [Fedora all]
+https://bugzilla.redhat.com/show_bug.cgi?id=533903
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update tomcat6' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11352
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 12 FEDORA-2009-11352 (tomcat6)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"tomcat6", rpm:"tomcat6~6.0.20~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tomcat6-admin-webapps", rpm:"tomcat6-admin-webapps~6.0.20~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tomcat6-docs-webapp", rpm:"tomcat6-docs-webapp~6.0.20~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tomcat6-javadoc", rpm:"tomcat6-javadoc~6.0.20~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tomcat6-jsp-2.1", rpm:"tomcat6-jsp-2.1~api~6.0.20", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tomcat6-lib", rpm:"tomcat6-lib~6.0.20~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tomcat6-servlet-2.5", rpm:"tomcat6-servlet-2.5~api~6.0.20", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tomcat6-webapps", rpm:"tomcat6-webapps~6.0.20~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_11356.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_11356.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/fcore_2009_11356.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,112 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-11356 (tomcat6)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66330);
+ script_cve_id("CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783");
+ script_version ("$Revision$");
+ script_name("Fedora Core 10 FEDORA-2009-11356 (tomcat6)");
+
+ desc = "
+The remote host is missing an update to tomcat6
+announced via advisory FEDORA-2009-11356.
+
+Update Information:
+
+Fix for CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, and
+CVE-2009-0783.
+
+ChangeLog:
+
+* Mon Nov  9 2009 Alexander Kurtakov  0:6.0.20-1
+- Update to 6.0.20. Fixes CVE-2009-0033,CVE-2009-0580.
+
+References:
+
+[ 1 ] Bug #533903 - CVE-2009-0033 CVE-2009-0580 CVE-2009-0783 CVE-2008-5515 CVE-2009-0781 Multiple tomcat6 vulnerabilities [Fedora all]
+https://bugzilla.redhat.com/show_bug.cgi?id=533903
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update tomcat6' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11356
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 10 FEDORA-2009-11356 (tomcat6)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"tomcat6", rpm:"tomcat6~6.0.20~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tomcat6-admin-webapps", rpm:"tomcat6-admin-webapps~6.0.20~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tomcat6-docs-webapp", rpm:"tomcat6-docs-webapp~6.0.20~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tomcat6-javadoc", rpm:"tomcat6-javadoc~6.0.20~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tomcat6-jsp-2.1", rpm:"tomcat6-jsp-2.1~api~6.0.20", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tomcat6-lib", rpm:"tomcat6-lib~6.0.20~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tomcat6-servlet-2.5", rpm:"tomcat6-servlet-2.5~api~6.0.20", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tomcat6-webapps", rpm:"tomcat6-webapps~6.0.20~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_11374.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_11374.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/fcore_2009_11374.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,112 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-11374 (tomcat6)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66326);
+ script_cve_id("CVE-2008-5515", "CVE-2009-0033", "CVE-2009-0580", "CVE-2009-0781", "CVE-2009-0783");
+ script_version ("$Revision$");
+ script_name("Fedora Core 11 FEDORA-2009-11374 (tomcat6)");
+
+ desc = "
+The remote host is missing an update to tomcat6
+announced via advisory FEDORA-2009-11374.
+
+Update Information:
+
+Fix for CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, and
+CVE-2009-0783.
+
+ChangeLog:
+
+* Mon Nov  9 2009 Alexander Kurtakov  0:6.0.20-1
+- Update to 6.0.20. Fixes CVE-2009-0033,CVE-2009-0580.
+
+References:
+
+[ 1 ] Bug #533903 - CVE-2009-0033 CVE-2009-0580 CVE-2009-0783 CVE-2008-5515 CVE-2009-0781 Multiple tomcat6 vulnerabilities [Fedora all]
+https://bugzilla.redhat.com/show_bug.cgi?id=533903
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update tomcat6' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11374
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 11 FEDORA-2009-11374 (tomcat6)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"tomcat6", rpm:"tomcat6~6.0.20~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tomcat6-admin-webapps", rpm:"tomcat6-admin-webapps~6.0.20~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tomcat6-docs-webapp", rpm:"tomcat6-docs-webapp~6.0.20~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tomcat6-javadoc", rpm:"tomcat6-javadoc~6.0.20~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tomcat6-jsp-2.1", rpm:"tomcat6-jsp-2.1~api~6.0.20", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tomcat6-lib", rpm:"tomcat6-lib~6.0.20~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tomcat6-servlet-2.5", rpm:"tomcat6-servlet-2.5~api~6.0.20", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tomcat6-webapps", rpm:"tomcat6-webapps~6.0.20~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_11919.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_11919.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/fcore_2009_11919.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,106 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-11919 (bugzilla)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66323);
+ script_cve_id("CVE-2009-3386");
+ script_version ("$Revision$");
+ script_name("Fedora Core 12 FEDORA-2009-11919 (bugzilla)");
+
+ desc = "
+The remote host is missing an update to bugzilla
+announced via advisory FEDORA-2009-11919.
+
+Update Information:
+
+Bugzilla 3.4.4 fixes security issues that were found in previous
+versions of the software where private information would be leaked
+to other users.
+
+CVE Number:  CVE-2009-3386
+
+See upstream security advisory for additional details:
+http://www.bugzilla.org/security/3.4.3/
+
+ChangeLog:
+
+* Thu Nov 19 2009 Emmanuel Seyman  - 3.4.4-1
+- Update to 3.4.4 (CVE-2009-3386)
+
+References:
+
+[ 1 ] Bug #539598 - CVE-2009-3386 bugzilla hidden bug alias disclosure
+https://bugzilla.redhat.com/show_bug.cgi?id=539598
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update bugzilla' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11919
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 12 FEDORA-2009-11919 (bugzilla)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"bugzilla", rpm:"bugzilla~3.4.4~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bugzilla-contrib", rpm:"bugzilla-contrib~3.4.4~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bugzilla-doc", rpm:"bugzilla-doc~3.4.4~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bugzilla-doc-build", rpm:"bugzilla-doc-build~3.4.4~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12218.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12218.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/fcore_2009_12218.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,110 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12218 (bind)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66327);
+ script_cve_id("CVE-2009-4022", "CVE-2009-0696");
+ script_version ("$Revision$");
+ script_name("Fedora Core 11 FEDORA-2009-12218 (bind)");
+
+ desc = "
+The remote host is missing an update to bind
+announced via advisory FEDORA-2009-12218.
+
+Update Information:
+
+Update to 9.6.1-P2 release which contains following fix:
+* Additional section of response could be cached without successful
+DNSSEC validation even if DNSSEC validation is enabled
+
+ChangeLog:
+
+* Wed Nov 25 2009 Adam Tkac  32:9.6.1-7.P2
+- update to 9.6.1-P2 (CVE-2009-4022)
+
+References:
+
+[ 1 ] Bug #538744 - CVE-2009-4022 bind: cache poisoning using not validated DNSSEC responses
+https://bugzilla.redhat.com/show_bug.cgi?id=538744
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update bind' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12218
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 11 FEDORA-2009-12218 (bind)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"bind", rpm:"bind~9.6.1~7.P2.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-chroot", rpm:"bind-chroot~9.6.1~7.P2.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-devel", rpm:"bind-devel~9.6.1~7.P2.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-libs", rpm:"bind-libs~9.6.1~7.P2.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-sdb", rpm:"bind-sdb~9.6.1~7.P2.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-utils", rpm:"bind-utils~9.6.1~7.P2.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-debuginfo", rpm:"bind-debuginfo~9.6.1~7.P2.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12233.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12233.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/fcore_2009_12233.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,112 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12233 (bind)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66328);
+ script_cve_id("CVE-2009-4022");
+ script_version ("$Revision$");
+ script_name("Fedora Core 12 FEDORA-2009-12233 (bind)");
+
+ desc = "
+The remote host is missing an update to bind
+announced via advisory FEDORA-2009-12233.
+
+Update Information:
+
+Update to 9.6.1-P2 release which contains following fix:
+* Additional section of response could be cached without successful
+DNSSEC validation even if DNSSEC validation is enabled
+
+ChangeLog:
+
+* Wed Nov 25 2009 Adam Tkac  32:9.6.1-13.P2
+- update to 9.6.1-P2 (CVE-2009-4022)
+* Thu Oct  8 2009 Adam Tkac  32:9.6.1-12.P1
+- don't package named-bootconf utility, it is very outdated and unneeded
+
+References:
+
+[ 1 ] Bug #538744 - CVE-2009-4022 bind: cache poisoning using not validated DNSSEC responses
+https://bugzilla.redhat.com/show_bug.cgi?id=538744
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update bind' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12233
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 12 FEDORA-2009-12233 (bind)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"bind", rpm:"bind~9.6.1~13.P2.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-chroot", rpm:"bind-chroot~9.6.1~13.P2.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-devel", rpm:"bind-devel~9.6.1~13.P2.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-libs", rpm:"bind-libs~9.6.1~13.P2.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-sdb", rpm:"bind-sdb~9.6.1~13.P2.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-utils", rpm:"bind-utils~9.6.1~13.P2.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-debuginfo", rpm:"bind-debuginfo~9.6.1~13.P2.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_bugzilla8.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_bugzilla8.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/freebsd_bugzilla8.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,84 @@
+#
+#VID 92ca92c1-d859-11de-89f9-001517351c22
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID 92ca92c1-d859-11de-89f9-001517351c22
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66341);
+ script_cve_id("CVE-2009-3386");
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: bugzilla");
+
+ desc = "
+The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: bugzilla
+
+CVE-2009-3386
+Template.pm in Bugzilla 3.3.2 through 3.4.3 and 3.5 through 3.5.1
+allows remote attackers to discover the alias of a private bug by
+reading the (1) Depends On or (2) Blocks field of a related bug.
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://www.bugzilla.org/security/3.4.3/
+http://www.vuxml.org/freebsd/92ca92c1-d859-11de-89f9-001517351c22.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: bugzilla");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"bugzilla");
+if(!isnull(bver) && revcomp(a:bver, b:"3.3.1")>0 && revcomp(a:bver, b:"3.4.4")<0) {
+    security_note(0, data:"Package bugzilla version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_libtool0.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_libtool0.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/freebsd_libtool0.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,79 @@
+#
+#VID 77c14729-dc5e-11de-92ae-02e0184b8d35
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID 77c14729-dc5e-11de-92ae-02e0184b8d35
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66339);
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: libtool");
+
+ desc = "
+The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: libtool
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://secunia.com/advisories/37414/
+http://lists.gnu.org/archive/html/libtool/2009-11/msg00059.html
+http://www.vuxml.org/freebsd/77c14729-dc5e-11de-92ae-02e0184b8d35.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: libtool");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"libtool");
+if(!isnull(bver) && revcomp(a:bver, b:"2.2.6b")<0) {
+    security_note(0, data:"Package libtool version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_libvorbis1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_libvorbis1.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/freebsd_libvorbis1.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,89 @@
+#
+#VID 94edff42-d93d-11de-a434-0211d880e350
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID 94edff42-d93d-11de-a434-0211d880e350
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66340);
+ script_cve_id("CVE-2008-1420", "CVE-2009-3379");
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: libvorbis");
+
+ desc = "
+The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: libvorbis
+
+CVE-2008-1420
+Integer overflow in residue partition value (aka partvals) evaluation
+in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to
+execute arbitrary code via a crafted OGG file, which triggers a heap
+overflow.
+
+CVE-2009-3379
+Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla
+Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial
+of service (application crash) or possibly execute arbitrary code via
+unknown vectors.  NOTE: this might overlap CVE-2009-2663.
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: libvorbis");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"libvorbis");
+if(!isnull(bver) && revcomp(a:bver, b:"1.2.3_1,3")<0) {
+    security_note(0, data:"Package libvorbis version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/glsa_200911_03.nasl
===================================================================
--- trunk/openvas-plugins/scripts/glsa_200911_03.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/glsa_200911_03.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,92 @@
+#
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from Gentoo's XML based advisory
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+                                                                                
+if(description)
+{
+ script_id(66333);
+ script_cve_id("CVE-2008-5005", "CVE-2008-5006", "CVE-2008-5514");
+ script_version ("$Revision$");
+ script_name("Gentoo Security Advisory GLSA 200911-03 (c-client uw-imap)");
+
+ desc = "
+The remote host is missing updates announced in
+advisory GLSA 200911-03.
+
+Multiple vulnerabilities have been found in the UW IMAP toolkit and the
+    c-client library, the worst of which leading to the execution of
+arbitrary
+    code.
+
+Solution:
+All c-client library users should upgrade to the latest version:
+
+    # emerge --sync
+    # emerge --ask --oneshot --verbose '>=net-libs/c-client-2007e'
+
+All UW IMAP toolkit users should upgrade to the latest version:
+
+    # emerge --sync
+    # emerge --ask --oneshot --verbose '>=net-mail/uw-imap-2007e'
+
+http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200911-03
+http://bugs.gentoo.org/show_bug.cgi?id=245425
+http://bugs.gentoo.org/show_bug.cgi?id=252567
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Gentoo Security Advisory GLSA 200911-03 (c-client uw-imap)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Gentoo Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/gentoo");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-gentoo.inc");
+vuln = 0;
+if(ispkgvuln(pkg:"net-libs/c-client", unaffected: make_list("ge 2007e"), vulnerable: make_list("lt 2007e"))) {
+    vuln=1;
+}
+if(ispkgvuln(pkg:"net-mail/uw-imap", unaffected: make_list("ge 2007e"), vulnerable: make_list("lt 2007e"))) {
+    vuln=1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/glsa_200911_04.nasl
===================================================================
--- trunk/openvas-plugins/scripts/glsa_200911_04.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/glsa_200911_04.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,81 @@
+#
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from Gentoo's XML based advisory
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+                                                                                
+if(description)
+{
+ script_id(66334);
+ script_cve_id("CVE-2009-3894");
+ script_version ("$Revision$");
+ script_name("Gentoo Security Advisory GLSA 200911-04 (dstat)");
+
+ desc = "
+The remote host is missing updates announced in
+advisory GLSA 200911-04.
+
+An untrusted search path vulnerability in the dstat might result in the
+    execution of arbitrary code.
+
+Solution:
+All dstat users should upgrade to the latest version:
+
+    # emerge --sync
+    # emerge --ask --oneshot --verbose '>=sys-apps/dstat-0.6.9-r1'
+
+http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200911-04
+http://bugs.gentoo.org/show_bug.cgi?id=293497
+
+Risk factor : Medium";
+
+ script_description(desc);
+
+ script_summary("Gentoo Security Advisory GLSA 200911-04 (dstat)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Gentoo Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/gentoo");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-gentoo.inc");
+vuln = 0;
+if(ispkgvuln(pkg:"sys-apps/dstat", unaffected: make_list("ge 0.6.9-r1"), vulnerable: make_list("lt 0.6.9-r1"))) {
+    vuln=1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/glsa_200911_05.nasl
===================================================================
--- trunk/openvas-plugins/scripts/glsa_200911_05.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/glsa_200911_05.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,82 @@
+#
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from Gentoo's XML based advisory
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+                                                                                
+if(description)
+{
+ script_id(66335);
+ script_cve_id("CVE-2009-2560", "CVE-2009-3241", "CVE-2009-3242", "CVE-2009-3243", "CVE-2009-3549", "CVE-2009-3550", "CVE-2009-3551", "CVE-2009-3829");
+ script_version ("$Revision$");
+ script_name("Gentoo Security Advisory GLSA 200911-05 (wireshark)");
+
+ desc = "
+The remote host is missing updates announced in
+advisory GLSA 200911-05.
+
+Multiple vulnerabilities have been discovered in Wireshark, allowing for
+    the remote execution of arbitrary code, or Denial of Service.
+
+Solution:
+All Wireshark users should upgrade to the latest version:
+
+    # emerge --sync
+    # emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-1.2.3'
+
+http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200911-05
+http://bugs.gentoo.org/show_bug.cgi?id=285280
+http://bugs.gentoo.org/show_bug.cgi?id=290710
+
+Risk factor : Medium";
+
+ script_description(desc);
+
+ script_summary("Gentoo Security Advisory GLSA 200911-05 (wireshark)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Gentoo Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/gentoo");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-gentoo.inc");
+vuln = 0;
+if(ispkgvuln(pkg:"net-analyzer/wireshark", unaffected: make_list("ge 1.2.3"), vulnerable: make_list("lt 1.2.3"))) {
+    vuln=1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/glsa_200911_06.nasl
===================================================================
--- trunk/openvas-plugins/scripts/glsa_200911_06.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/glsa_200911_06.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,81 @@
+#
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from Gentoo's XML based advisory
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+                                                                                
+if(description)
+{
+ script_id(66336);
+ script_cve_id("CVE-2009-4025");
+ script_version ("$Revision$");
+ script_name("Gentoo Security Advisory GLSA 200911-06 (PEAR-Net_Traceroute)");
+
+ desc = "
+The remote host is missing updates announced in
+advisory GLSA 200911-06.
+
+An input sanitation error in PEAR Net_Traceroute might allow remote
+    attackers to execute arbitrary commands.
+
+Solution:
+All PEAR Net_Traceroute users should upgrade to the latest version:
+
+    # emerge --sync
+    # emerge --ask --oneshot --verbose '>=dev-php/PEAR-Net_Traceroute-0.21.2'
+
+http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200911-06
+http://bugs.gentoo.org/show_bug.cgi?id=294264
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Gentoo Security Advisory GLSA 200911-06 (PEAR-Net_Traceroute)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Gentoo Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/gentoo");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-gentoo.inc");
+vuln = 0;
+if(ispkgvuln(pkg:"dev-php/PEAR-Net_Traceroute", unaffected: make_list("ge 0.21.2"), vulnerable: make_list("lt 0.21.2"))) {
+    vuln=1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_303.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_303.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/mdksa_2009_303.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,378 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:303 (php)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66320);
+ script_cve_id("CVE-2009-3557", "CVE-2009-3558", "CVE-2009-4017", "CVE-2009-4018");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:303 (php)");
+
+ desc = "
+The remote host is missing an update to php
+announced via advisory MDVSA-2009:303.
+
+Some vulnerabilities were discovered and corrected in php-5.2.11:
+
+The tempnam function in ext/standard/file.c in PHP 5.2.11 and
+earlier, and 5.3.x before 5.3.1, allows context-dependent attackers
+to bypass safe_mode restrictions, and create files in group-writable
+or world-writable directories, via the dir and prefix arguments
+(CVE-2009-3557).
+
+The posix_mkfifo function in ext/posix/posix.c in PHP 5.2.11 and
+earlier, and 5.3.x before 5.3.1, allows context-dependent attackers
+to bypass open_basedir restrictions, and create FIFO files, via the
+pathname and mode arguments, as demonstrated by creating a .htaccess
+file (CVE-2009-3558).
+
+PHP 5.2.11, and 5.3.x before 5.3.1, does not restrict the number
+of temporary files created when handling a multipart/form-data POST
+request, which allows remote attackers to cause a denial of service
+(resource exhaustion), and makes it easier for remote attackers to
+exploit local file inclusion vulnerabilities, via multiple requests,
+related to lack of support for the max_file_uploads directive
+(CVE-2009-4017).
+
+The proc_open function in ext/standard/proc_open.c in PHP
+before 5.2.11 and 5.3.x before 5.3.1 does not enforce the (1)
+safe_mode_allowed_env_vars and (2) safe_mode_protected_env_vars
+directives, which allows context-dependent attackers to execute
+programs with an arbitrary environment via the env parameter, as
+demonstrated by a crafted value of the LD_LIBRARY_PATH environment
+variable (CVE-2009-4018).
+
+Intermittent segfaults occured on x86_64 with the latest phpmyadmin
+and with apache (#53735).
+
+Additionally, some packages which require so, have been rebuilt and
+are being provided as updates.
+
+Affected: 2009.1
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:303
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:303 (php)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"apache-mod_php", rpm:"apache-mod_php~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libphp5_common5", rpm:"libphp5_common5~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-apc", rpm:"php-apc~3.1.3p1~0.1mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-apc-admin", rpm:"php-apc-admin~3.1.3p1~0.1mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-bcmath", rpm:"php-bcmath~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-bz2", rpm:"php-bz2~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-calendar", rpm:"php-calendar~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-cgi", rpm:"php-cgi~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-cli", rpm:"php-cli~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ctype", rpm:"php-ctype~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-curl", rpm:"php-curl~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-dba", rpm:"php-dba~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-dbase", rpm:"php-dbase~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-dbx", rpm:"php-dbx~1.1.0~26.1mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-devel", rpm:"php-devel~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-dio", rpm:"php-dio~0.0.2~3.1mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-dom", rpm:"php-dom~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-eaccelerator", rpm:"php-eaccelerator~0.9.5.3~8.1mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-eaccelerator-admin", rpm:"php-eaccelerator-admin~0.9.5.3~8.1mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-exif", rpm:"php-exif~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-fam", rpm:"php-fam~5.0.1~7.1mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-fcgi", rpm:"php-fcgi~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-fileinfo", rpm:"php-fileinfo~1.0.4~15.1mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-filepro", rpm:"php-filepro~5.1.6~17.1mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-filter", rpm:"php-filter~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ftp", rpm:"php-ftp~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-gd", rpm:"php-gd~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-gettext", rpm:"php-gettext~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-gmp", rpm:"php-gmp~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-hash", rpm:"php-hash~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-iconv", rpm:"php-iconv~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-idn", rpm:"php-idn~1.2b~15.1mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-imap", rpm:"php-imap~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ini", rpm:"php-ini~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-json", rpm:"php-json~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ldap", rpm:"php-ldap~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mbstring", rpm:"php-mbstring~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mcal", rpm:"php-mcal~0.6~27.1mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mcrypt", rpm:"php-mcrypt~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mhash", rpm:"php-mhash~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mime_magic", rpm:"php-mime_magic~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ming", rpm:"php-ming~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mssql", rpm:"php-mssql~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mysql", rpm:"php-mysql~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mysqli", rpm:"php-mysqli~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ncurses", rpm:"php-ncurses~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-odbc", rpm:"php-odbc~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-openssl", rpm:"php-openssl~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-optimizer", rpm:"php-optimizer~0.1~0.alpha1.5.1mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pcntl", rpm:"php-pcntl~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo", rpm:"php-pdo~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_dblib", rpm:"php-pdo_dblib~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_mysql", rpm:"php-pdo_mysql~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_odbc", rpm:"php-pdo_odbc~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_pgsql", rpm:"php-pdo_pgsql~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_sqlite", rpm:"php-pdo_sqlite~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pgsql", rpm:"php-pgsql~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-posix", rpm:"php-posix~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pspell", rpm:"php-pspell~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-readline", rpm:"php-readline~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-recode", rpm:"php-recode~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sasl", rpm:"php-sasl~0.1.0~25.1mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-session", rpm:"php-session~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-shmop", rpm:"php-shmop~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-snmp", rpm:"php-snmp~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-soap", rpm:"php-soap~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sockets", rpm:"php-sockets~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sqlite", rpm:"php-sqlite~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ssh2", rpm:"php-ssh2~0.11.0~2.1mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-suhosin", rpm:"php-suhosin~0.9.29~0.1mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sybase", rpm:"php-sybase~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sysvmsg", rpm:"php-sysvmsg~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sysvsem", rpm:"php-sysvsem~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sysvshm", rpm:"php-sysvshm~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-tclink", rpm:"php-tclink~3.4.4~10.1mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-tidy", rpm:"php-tidy~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-tokenizer", rpm:"php-tokenizer~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-translit", rpm:"php-translit~0.6.0~7.1mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-vld", rpm:"php-vld~0.9.1~8.1mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-wddx", rpm:"php-wddx~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xattr", rpm:"php-xattr~1.1.0~6.1mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xdebug", rpm:"php-xdebug~2.0.5~0.1mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xml", rpm:"php-xml~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xmlreader", rpm:"php-xmlreader~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xmlrpc", rpm:"php-xmlrpc~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xmlwriter", rpm:"php-xmlwriter~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xsl", rpm:"php-xsl~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-zip", rpm:"php-zip~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-zlib", rpm:"php-zlib~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64php5_common5", rpm:"lib64php5_common5~5.2.11~0.2mdv2009.1", rls:"MNDK_2009.1")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/sles10_ethereal4.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sles10_ethereal4.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/sles10_ethereal4.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,83 @@
+#
+#VID slesp2-ethereal-6627
+# OpenVAS Vulnerability Test
+# $
+# Description: Security update for ethereal
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66346);
+ script_cve_id("CVE-2009-3549", "CVE-2009-3550", "CVE-2009-3551", "CVE-2009-2560");
+ script_version ("$Revision$");
+ script_name("SLES10: Security update for ethereal");
+
+ desc = "The remote host is missing updates to packages that affect
+the security of your system.  One or more of the following packages
+are affected:
+
+    ethereal
+    ethereal-devel
+
+
+More details may also be found by searching for the SuSE
+Enterprise Server 10 patch database located at
+http://download.novell.com/patch/finder/
+
+Solution:
+
+Please install the updates provided by SuSE.
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("SLES10: Security update for ethereal");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("SuSE Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"ethereal", rpm:"ethereal~0.10.14~16.40.1", rls:"SLES10.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ethereal-devel", rpm:"ethereal-devel~0.10.14~16.40.1", rls:"SLES10.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/sles10_java-1_4_2-ibm4.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sles10_java-1_4_2-ibm4.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/sles10_java-1_4_2-ibm4.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,91 @@
+#
+#VID slesp2-java-1_4_2-ibm-6648
+# OpenVAS Vulnerability Test
+# $
+# Description: Security update for IBM Java 1.4.2
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66345);
+ script_cve_id("CVE-2009-1100");
+ script_version ("$Revision$");
+ script_name("SLES10: Security update for IBM Java 1.4.2");
+
+ desc = "The remote host is missing updates to packages that affect
+the security of your system.  One or more of the following packages
+are affected:
+
+    java-1_4_2-ibm
+    java-1_4_2-ibm-devel
+    java-1_4_2-ibm-jdbc
+    java-1_4_2-ibm-plugin
+
+
+More details may also be found by searching for the SuSE
+Enterprise Server 10 patch database located at
+http://download.novell.com/patch/finder/
+
+Solution:
+
+Please install the updates provided by SuSE.
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("SLES10: Security update for IBM Java 1.4.2");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("SuSE Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"java-1_4_2-ibm", rpm:"java-1_4_2-ibm~1.4.2_sr13.2~0.4.1", rls:"SLES10.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1_4_2-ibm-devel", rpm:"java-1_4_2-ibm-devel~1.4.2_sr13.2~0.4.1", rls:"SLES10.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1_4_2-ibm-jdbc", rpm:"java-1_4_2-ibm-jdbc~1.4.2_sr13.2~0.4.1", rls:"SLES10.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1_4_2-ibm-plugin", rpm:"java-1_4_2-ibm-plugin~1.4.2_sr13.2~0.4.1", rls:"SLES10.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/sles10_mutt1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sles10_mutt1.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/sles10_mutt1.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,77 @@
+#
+#VID slesp2-mutt-6672
+# OpenVAS Vulnerability Test
+# $
+# Description: Security update for mutt
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66347);
+ script_version ("$Revision$");
+ script_name("SLES10: Security update for mutt");
+
+ desc = "The remote host is missing updates to packages that affect
+the security of your system.  One or more of the following packages
+are affected:
+
+    mutt
+
+More details may also be found by searching for the SuSE
+Enterprise Server 10 patch database located at
+http://download.novell.com/patch/finder/
+
+Solution:
+
+Please install the updates provided by SuSE.
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("SLES10: Security update for mutt");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("SuSE Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"mutt", rpm:"mutt~1.5.9i~27.12.2", rls:"SLES10.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/sles11_bind0.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sles11_bind0.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/sles11_bind0.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,97 @@
+#
+#VID 815e5fc596ff53d04190524da4e8d4bb
+# OpenVAS Vulnerability Test
+# $
+# Description: Security update for bind
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66349);
+ script_cve_id("CVE-2009-4022");
+ script_version ("$Revision$");
+ script_name("SLES11: Security update for bind");
+
+ desc = "The remote host is missing updates to packages that affect
+the security of your system.  One or more of the following packages
+are affected:
+
+    bind
+    bind-chrootenv
+    bind-doc
+    bind-libs
+    bind-utils
+
+References:
+    https://bugzilla.novell.com/show_bug.cgi?id=558260
+
+More details may also be found by searching for the SuSE
+Enterprise Server 11 patch database located at
+http://download.novell.com/patch/finder/
+
+Solution:
+
+Please install the updates provided by SuSE.
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("SLES11: Security update for bind");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("SuSE Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"bind", rpm:"bind~9.5.0P2~20.4.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-chrootenv", rpm:"bind-chrootenv~9.5.0P2~20.4.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-doc", rpm:"bind-doc~9.5.0P2~20.4.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-libs", rpm:"bind-libs~9.5.0P2~20.4.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-utils", rpm:"bind-utils~9.5.0P2~20.4.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/sles11_cdparanoia.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sles11_cdparanoia.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/sles11_cdparanoia.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,108 @@
+#
+#VID 036b34b556d9338c53561c16d2f5a3ce
+# OpenVAS Vulnerability Test
+# $
+# Description: Security update for pidgin
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66351);
+ script_cve_id("CVE-2009-3026", "CVE-2009-3025", "CVE-2009-3083", "CVE-2009-3084", "CVE-2009-3085", "CVE-2009-3615");
+ script_version ("$Revision$");
+ script_name("SLES11: Security update for pidgin");
+
+ desc = "The remote host is missing updates to packages that affect
+the security of your system.  One or more of the following packages
+are affected:
+
+    cdparanoia
+    desktop-file-utils
+    fam
+    gnome-vfs2
+    gstreamer-0_10
+    libogg0
+    liboil
+
+References:
+    https://bugzilla.novell.com/show_bug.cgi?id=535570
+    https://bugzilla.novell.com/show_bug.cgi?id=535832
+    https://bugzilla.novell.com/show_bug.cgi?id=536602
+    https://bugzilla.novell.com/show_bug.cgi?id=548072
+
+More details may also be found by searching for the SuSE
+Enterprise Server 11 patch database located at
+http://download.novell.com/patch/finder/
+
+Solution:
+
+Please install the updates provided by SuSE.
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("SLES11: Security update for pidgin");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("SuSE Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"cdparanoia", rpm:"cdparanoia~IIIalpha9.8~691.22", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"desktop-file-utils", rpm:"desktop-file-utils~0.15~1.29", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"fam", rpm:"fam~2.7.0~130.21", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"gnome-vfs2", rpm:"gnome-vfs2~2.24.0~7.4", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"gstreamer-0_10", rpm:"gstreamer-0_10~0.10.21~3.20", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libogg0", rpm:"libogg0~1.1.3~87.12", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"liboil", rpm:"liboil~0.3.15~3.10", rls:"SLES11.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/sles11_ext4dev-kmp-def4.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sles11_ext4dev-kmp-def4.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/sles11_ext4dev-kmp-def4.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,171 @@
+#
+#VID a3c4f0428e25dca1993e5018e76d6758
+# OpenVAS Vulnerability Test
+# $
+# Description: Security update for Linux kernel
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66352);
+ script_cve_id("CVE-2009-3547", "CVE-2009-2910", "CVE-2009-2903", "CVE-2009-3621", "CVE-2009-3612", "CVE-2005-4881", "CVE-2009-3620", "CVE-2009-3726", "CVE-2009-3286");
+ script_version ("$Revision$");
+ script_name("SLES11: Security update for Linux kernel");
+
+ desc = "The remote host is missing updates to packages that affect
+the security of your system.  One or more of the following packages
+are affected:
+
+    ext4dev-kmp-default
+    ext4dev-kmp-pae
+    ext4dev-kmp-vmi
+    ext4dev-kmp-xen
+    kernel-default
+    kernel-default-base
+    kernel-pae
+    kernel-pae-base
+    kernel-source
+    kernel-syms
+    kernel-vmi
+    kernel-vmi-base
+    kernel-xen
+    kernel-xen-base
+
+References:
+    https://bugzilla.novell.com/show_bug.cgi?id=551348
+    https://bugzilla.novell.com/show_bug.cgi?id=549567
+    https://bugzilla.novell.com/show_bug.cgi?id=441062
+    https://bugzilla.novell.com/show_bug.cgi?id=547357
+    https://bugzilla.novell.com/show_bug.cgi?id=549751
+    https://bugzilla.novell.com/show_bug.cgi?id=556532
+    https://bugzilla.novell.com/show_bug.cgi?id=551942
+    https://bugzilla.novell.com/show_bug.cgi?id=544760
+    https://bugzilla.novell.com/show_bug.cgi?id=554122
+    https://bugzilla.novell.com/show_bug.cgi?id=547137
+    https://bugzilla.novell.com/show_bug.cgi?id=549751
+    https://bugzilla.novell.com/show_bug.cgi?id=540349
+    https://bugzilla.novell.com/show_bug.cgi?id=539878
+    https://bugzilla.novell.com/show_bug.cgi?id=548070
+    https://bugzilla.novell.com/show_bug.cgi?id=536467
+    https://bugzilla.novell.com/show_bug.cgi?id=548071
+    https://bugzilla.novell.com/show_bug.cgi?id=551142
+    https://bugzilla.novell.com/show_bug.cgi?id=544779
+    https://bugzilla.novell.com/show_bug.cgi?id=522790
+    https://bugzilla.novell.com/show_bug.cgi?id=548807
+    https://bugzilla.novell.com/show_bug.cgi?id=550648
+    https://bugzilla.novell.com/show_bug.cgi?id=519820
+    https://bugzilla.novell.com/show_bug.cgi?id=552775
+    https://bugzilla.novell.com/show_bug.cgi?id=531716
+    https://bugzilla.novell.com/show_bug.cgi?id=524222
+    https://bugzilla.novell.com/show_bug.cgi?id=528427
+    https://bugzilla.novell.com/show_bug.cgi?id=524683
+    https://bugzilla.novell.com/show_bug.cgi?id=552602
+    https://bugzilla.novell.com/show_bug.cgi?id=523487
+    https://bugzilla.novell.com/show_bug.cgi?id=547357
+    https://bugzilla.novell.com/show_bug.cgi?id=539010
+    https://bugzilla.novell.com/show_bug.cgi?id=472410
+    https://bugzilla.novell.com/show_bug.cgi?id=549748
+    https://bugzilla.novell.com/show_bug.cgi?id=542505
+    https://bugzilla.novell.com/show_bug.cgi?id=548101
+    https://bugzilla.novell.com/show_bug.cgi?id=541648
+    https://bugzilla.novell.com/show_bug.cgi?id=540997
+    https://bugzilla.novell.com/show_bug.cgi?id=556864
+    https://bugzilla.novell.com/show_bug.cgi?id=548074
+
+More details may also be found by searching for the SuSE
+Enterprise Server 11 patch database located at
+http://download.novell.com/patch/finder/
+
+Solution:
+
+Please install the updates provided by SuSE.
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("SLES11: Security update for Linux kernel");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("SuSE Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"ext4dev-kmp-default", rpm:"ext4dev-kmp-default~0_2.6.27.39_0.3~7.1.22", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ext4dev-kmp-pae", rpm:"ext4dev-kmp-pae~0_2.6.27.39_0.3~7.1.22", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ext4dev-kmp-vmi", rpm:"ext4dev-kmp-vmi~0_2.6.27.39_0.3~7.1.22", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ext4dev-kmp-xen", rpm:"ext4dev-kmp-xen~0_2.6.27.39_0.3~7.1.22", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-default", rpm:"kernel-default~2.6.27.39~0.3.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-default-base", rpm:"kernel-default-base~2.6.27.39~0.3.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-pae", rpm:"kernel-pae~2.6.27.39~0.3.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-pae-base", rpm:"kernel-pae-base~2.6.27.39~0.3.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-source", rpm:"kernel-source~2.6.27.39~0.3.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-syms", rpm:"kernel-syms~2.6.27.39~0.3.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-vmi", rpm:"kernel-vmi~2.6.27.39~0.3.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-vmi-base", rpm:"kernel-vmi-base~2.6.27.39~0.3.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.27.39~0.3.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-xen-base", rpm:"kernel-xen-base~2.6.27.39~0.3.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/sles11_java-1_4_2-ibm1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sles11_java-1_4_2-ibm1.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/sles11_java-1_4_2-ibm1.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,89 @@
+#
+#VID 078e3d197ce1488682c8fe5574f20e9b
+# OpenVAS Vulnerability Test
+# $
+# Description: Security update for IBM Java 1.4.2
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66348);
+ script_cve_id("CVE-2009-1100");
+ script_version ("$Revision$");
+ script_name("SLES11: Security update for IBM Java 1.4.2");
+
+ desc = "The remote host is missing updates to packages that affect
+the security of your system.  One or more of the following packages
+are affected:
+
+    java-1_4_2-ibm
+    java-1_4_2-ibm-jdbc
+    java-1_4_2-ibm-plugin
+
+References:
+    https://bugzilla.novell.com/show_bug.cgi?id=551829
+
+More details may also be found by searching for the SuSE
+Enterprise Server 11 patch database located at
+http://download.novell.com/patch/finder/
+
+Solution:
+
+Please install the updates provided by SuSE.
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("SLES11: Security update for IBM Java 1.4.2");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("SuSE Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"java-1_4_2-ibm", rpm:"java-1_4_2-ibm~1.4.2_sr13.2~0.1.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1_4_2-ibm-jdbc", rpm:"java-1_4_2-ibm-jdbc~1.4.2_sr13.2~0.1.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1_4_2-ibm-plugin", rpm:"java-1_4_2-ibm-plugin~1.4.2_sr13.2~0.1.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/sles11_mutt0.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sles11_mutt0.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/sles11_mutt0.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,79 @@
+#
+#VID 0ccab56be657333f931d55271c4b246a
+# OpenVAS Vulnerability Test
+# $
+# Description: Security update for mutt
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66350);
+ script_version ("$Revision$");
+ script_name("SLES11: Security update for mutt");
+
+ desc = "The remote host is missing updates to packages that affect
+the security of your system.  One or more of the following packages
+are affected:
+
+    mutt
+References:
+    https://bugzilla.novell.com/show_bug.cgi?id=537141
+
+More details may also be found by searching for the SuSE
+Enterprise Server 11 patch database located at
+http://download.novell.com/patch/finder/
+
+Solution:
+
+Please install the updates provided by SuSE.
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("SLES11: Security update for mutt");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("SuSE Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"mutt", rpm:"mutt~1.5.17~42.33.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/sles9p5063230.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sles9p5063230.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/sles9p5063230.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,82 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Security update for IBM Java2 and SDK
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66344);
+ script_cve_id("CVE-2009-1100");
+ script_version ("$Revision$");
+ script_name("SLES9: Security update for IBM Java2 and SDK");
+
+ desc = "
+The remote host is missing updates to packages that affect
+the security of your system.  One or more of the following packages
+are affected:
+
+    IBMJava2-JRE
+    IBMJava2-SDK
+
+For more information, please visit the referenced security
+advisories.
+
+More details may also be found by searching for keyword
+5063230 within the SuSE Enterprise Server 9 patch
+database at http://download.novell.com/patch/finder/
+
+Solution:
+
+Please install the updates provided by SuSE.
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("SLES9: Security update for IBM Java2 and SDK");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("SuSE Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"IBMJava2-JRE", rpm:"IBMJava2-JRE~1.4.2_sr13.2~0.7", rls:"SLES9.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/sles9p5063382.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sles9p5063382.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/sles9p5063382.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,81 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Security update for ethereal
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66343);
+ script_cve_id("CVE-2009-3549", "CVE-2009-3550", "CVE-2009-3551", "CVE-2009-2560");
+ script_version ("$Revision$");
+ script_name("SLES9: Security update for ethereal");
+
+ desc = "
+The remote host is missing updates to packages that affect
+the security of your system.  One or more of the following packages
+are affected:
+
+    ethereal
+
+For more information, please visit the referenced security
+advisories.
+
+More details may also be found by searching for keyword
+5063382 within the SuSE Enterprise Server 9 patch
+database at http://download.novell.com/patch/finder/
+
+Solution:
+
+Please install the updates provided by SuSE.
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("SLES9: Security update for ethereal");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("SuSE Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"ethereal", rpm:"ethereal~0.10.13~2.45", rls:"SLES9.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/sles9p5063532.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sles9p5063532.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/sles9p5063532.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,78 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Security update for mutt
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66342);
+ script_version ("$Revision$");
+ script_name("SLES9: Security update for mutt");
+
+ desc = "
+The remote host is missing updates to packages that affect
+the security of your system.  One or more of the following packages
+are affected:
+
+    mutt
+
+
+More details may also be found by searching for keyword
+5063532 within the SuSE Enterprise Server 9 patch
+database at http://download.novell.com/patch/finder/
+
+Solution:
+
+Please install the updates provided by SuSE.
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("SLES9: Security update for mutt");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("SuSE Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"mutt", rpm:"mutt~1.5.6i~64.14", rls:"SLES9.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/ubuntu_861_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ubuntu_861_1.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/ubuntu_861_1.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,146 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory USN-861-1 (libvorbis)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66337);
+ script_cve_id("CVE-2008-2009", "CVE-2009-3379");
+ script_version ("$Revision$");
+ script_name("Ubuntu USN-861-1 (libvorbis)");
+
+ desc = "
+The remote host is missing an update to libvorbis
+announced via advisory USN-861-1.
+
+Details follow:
+
+It was discovered that libvorbis did not correctly handle ogg files with
+underpopulated Huffman trees. If a user were tricked into opening a
+specially crafted ogg file with an application that uses libvorbis, an
+attacker could cause a denial of service. (CVE-2008-2009)
+
+It was discovered that libvorbis did not correctly handle certain malformed
+ogg files. If a user were tricked into opening a specially crafted ogg file
+with an application that uses libvorbis, an attacker could cause a denial
+of service or possibly execute arbitrary code with the user's privileges.
+(CVE-2009-3379)
+
+Solution:
+The problem can be corrected by upgrading your system to the
+following package versions:
+
+Ubuntu 8.04 LTS:
+  libvorbis0a                     1.2.0.dfsg-2ubuntu0.3
+
+Ubuntu 8.10:
+  libvorbis0a                     1.2.0.dfsg-3.1ubuntu0.8.10.2
+
+Ubuntu 9.04:
+  libvorbis0a                     1.2.0.dfsg-3.1ubuntu0.9.04.2
+
+Ubuntu 9.10:
+  libvorbis0a                     1.2.0.dfsg-6ubuntu0.1
+
+After a standard system upgrade you need to restart any applications that
+use libvorbis, such as Totem and gtkpod, to effect the necessary changes.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=USN-861-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Ubuntu USN-861-1 (libvorbis)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"libvorbis-dev", ver:"1.2.0.dfsg-2ubuntu0.3", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvorbis0a", ver:"1.2.0.dfsg-2ubuntu0.3", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvorbisenc2", ver:"1.2.0.dfsg-2ubuntu0.3", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvorbisfile3", ver:"1.2.0.dfsg-2ubuntu0.3", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvorbis-dev", ver:"1.2.0.dfsg-3.1ubuntu0.8.10.2", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvorbis0a", ver:"1.2.0.dfsg-3.1ubuntu0.8.10.2", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvorbisenc2", ver:"1.2.0.dfsg-3.1ubuntu0.8.10.2", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvorbisfile3", ver:"1.2.0.dfsg-3.1ubuntu0.8.10.2", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvorbis-dev", ver:"1.2.0.dfsg-3.1ubuntu0.9.04.2", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvorbis0a", ver:"1.2.0.dfsg-3.1ubuntu0.9.04.2", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvorbisenc2", ver:"1.2.0.dfsg-3.1ubuntu0.9.04.2", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvorbisfile3", ver:"1.2.0.dfsg-3.1ubuntu0.9.04.2", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvorbis-dev", ver:"1.2.0.dfsg-6ubuntu0.1", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvorbis0a", ver:"1.2.0.dfsg-6ubuntu0.1", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvorbisenc2", ver:"1.2.0.dfsg-6ubuntu0.1", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libvorbisfile3", ver:"1.2.0.dfsg-6ubuntu0.1", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/ubuntu_862_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ubuntu_862_1.nasl	2009-12-03 21:07:40 UTC (rev 6056)
+++ trunk/openvas-plugins/scripts/ubuntu_862_1.nasl	2009-12-03 21:10:42 UTC (rev 6057)
@@ -0,0 +1,495 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory USN-862-1 (php5)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66338);
+ script_cve_id("CVE-2008-7068", "CVE-2009-3291", "CVE-2009-3292", "CVE-2009-3557", "CVE-2009-3558", "CVE-2009-4017", "CVE-2009-4018");
+ script_version ("$Revision$");
+ script_name("Ubuntu USN-862-1 (php5)");
+
+ desc = "
+The remote host is missing an update to php5
+announced via advisory USN-862-1.
+
+Details follow:
+
+Maksymilian Arciemowicz discovered that PHP did not properly validate
+arguments to the dba_replace function. If a script passed untrusted input
+to the dba_replace function, an attacker could truncate the database. This
+issue only applied to Ubuntu 6.06 LTS, 8.04 LTS, and 8.10. (CVE-2008-7068)
+
+It was discovered that PHP's php_openssl_apply_verification_policy
+function did not correctly handle SSL certificates with zero bytes in the
+Common Name. A remote attacker could exploit this to perform a man in the
+middle attack to view sensitive information or alter encrypted
+communications. (CVE-2009-3291)
+
+It was discovered that PHP did not properly handle certain malformed images
+when being parsed by the Exif module. A remote attacker could exploit this
+flaw and cause the PHP server to crash, resulting in a denial of service.
+(CVE-2009-3292)
+
+Grzegorz Stachowiak discovered that PHP did not properly enforce
+restrictions in the tempnam function. An attacker could exploit this issue
+to bypass safe_mode restrictions. (CVE-2009-3557)
+
+Grzegorz Stachowiak discovered that PHP did not properly enforce
+restrictions in the posix_mkfifo function. An attacker could exploit this
+issue to bypass open_basedir restrictions. (CVE-2009-3558)
+
+Bogdan Calin discovered that PHP did not limit the number of temporary
+files created when handling multipart/form-data POST requests. A remote
+attacker could exploit this flaw and cause the PHP server to consume all
+available resources, resulting in a denial of service. (CVE-2009-4017)
+
+ATTENTION: This update changes previous PHP behaviour by limiting the
+number of files in a POST request to 50. This may be increased by adding a
+max_file_uploads directive to the php.ini configuration file.
+
+It was discovered that PHP did not properly enforce restrictions in the
+proc_open function. An attacker could exploit this issue to bypass
+safe_mode_protected_env_vars restrictions and possibly execute arbitrary
+code with application privileges. (CVE-2009-4018)
+
+Solution:
+The problem can be corrected by upgrading your system to the
+following package versions:
+
+Ubuntu 6.06 LTS:
+  libapache2-mod-php5             5.1.2-1ubuntu3.17
+  php5-cgi                        5.1.2-1ubuntu3.17
+  php5-cli                        5.1.2-1ubuntu3.17
+
+Ubuntu 8.04 LTS:
+  libapache2-mod-php5             5.2.4-2ubuntu5.9
+  php5-cgi                        5.2.4-2ubuntu5.9
+  php5-cli                        5.2.4-2ubuntu5.9
+
+Ubuntu 8.10:
+  libapache2-mod-php5             5.2.6-2ubuntu4.5
+  php5-cgi                        5.2.6-2ubuntu4.5
+  php5-cli                        5.2.6-2ubuntu4.5
+
+Ubuntu 9.04:
+  libapache2-mod-php5             5.2.6.dfsg.1-3ubuntu4.4
+  php5-cgi                        5.2.6.dfsg.1-3ubuntu4.4
+  php5-cli                        5.2.6.dfsg.1-3ubuntu4.4
+
+Ubuntu 9.10:
+  libapache2-mod-php5             5.2.10.dfsg.1-2ubuntu6.3
+  php5-cgi                        5.2.10.dfsg.1-2ubuntu6.3
+  php5-cli                        5.2.10.dfsg.1-2ubuntu6.3
+
+In general, a standard system upgrade is sufficient to effect the
+necessary changes.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=USN-862-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Ubuntu USN-862-1 (php5)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"php-pear", ver:"5.1.2-1ubuntu3.17", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5", ver:"5.1.2-1ubuntu3.17", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.1.2-1ubuntu3.17", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-cgi", ver:"5.1.2-1ubuntu3.17", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-cli", ver:"5.1.2-1ubuntu3.17", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-common", ver:"5.1.2-1ubuntu3.17", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-curl", ver:"5.1.2-1ubuntu3.17", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-dev", ver:"5.1.2-1ubuntu3.17", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-gd", ver:"5.1.2-1ubuntu3.17", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-ldap", ver:"5.1.2-1ubuntu3.17", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-mhash", ver:"5.1.2-1ubuntu3.17", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-mysql", ver:"5.1.2-1ubuntu3.17", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-mysqli", ver:"5.1.2-1ubuntu3.17", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-odbc", ver:"5.1.2-1ubuntu3.17", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-pgsql", ver:"5.1.2-1ubuntu3.17", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-recode", ver:"5.1.2-1ubuntu3.17", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-snmp", ver:"5.1.2-1ubuntu3.17", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-sqlite", ver:"5.1.2-1ubuntu3.17", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-sybase", ver:"5.1.2-1ubuntu3.17", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-xmlrpc", ver:"5.1.2-1ubuntu3.17", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-xsl", ver:"5.1.2-1ubuntu3.17", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php-pear", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-cgi", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-cli", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-common", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-curl", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-dev", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-gd", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-gmp", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-ldap", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-mhash", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-mysql", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-odbc", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-pgsql", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-pspell", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-recode", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-snmp", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-sqlite", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-sybase", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-tidy", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-xmlrpc", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-xsl", ver:"5.2.4-2ubuntu5.9", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php-pear", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libapache2-mod-php5filter", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-cgi", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-cli", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-common", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-curl", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-dbg", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-dev", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-gd", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-gmp", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-ldap", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-mhash", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-mysql", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-odbc", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-pgsql", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-pspell", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-recode", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-snmp", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-sqlite", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-sybase", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-tidy", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-xmlrpc", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-xsl", ver:"5.2.6-2ubuntu4.5", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php-pear", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-cgi", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-cli", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-common", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-curl", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-dbg", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-dev", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-gd", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-gmp", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-ldap", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-mhash", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-mysql", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-odbc", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-pgsql", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-pspell", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-recode", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-snmp", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-sqlite", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-sybase", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-tidy", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-xmlrpc", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-xsl", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libapache2-mod-php5filter", ver:"5.2.6.dfsg.1-3ubuntu4.4", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php-pear", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-cgi", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-cli", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-common", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-curl", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-dbg", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-dev", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-gd", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-gmp", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-ldap", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-mhash", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-mysql", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-odbc", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-pgsql", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-pspell", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-recode", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-snmp", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-sqlite", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-sybase", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-tidy", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-xmlrpc", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-xsl", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libapache2-mod-php5filter", ver:"5.2.10.dfsg.1-2ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}



More information about the Openvas-commits mailing list