[Openvas-commits] r6120 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Thu Dec 10 00:23:59 CET 2009


Author: reinke
Date: 2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)
New Revision: 6120

Added:
   trunk/openvas-plugins/scripts/RHSA_2009_1625.nasl
   trunk/openvas-plugins/scripts/RHSA_2009_1635.nasl
   trunk/openvas-plugins/scripts/RHSA_2009_1642.nasl
   trunk/openvas-plugins/scripts/deb_1942_1.nasl
   trunk/openvas-plugins/scripts/deb_1943_1.nasl
   trunk/openvas-plugins/scripts/deb_1944_1.nasl
   trunk/openvas-plugins/scripts/deb_1945_1.nasl
   trunk/openvas-plugins/scripts/deb_1946_1.nasl
   trunk/openvas-plugins/scripts/fcore_2009_10891.nasl
   trunk/openvas-plugins/scripts/fcore_2009_11062.nasl
   trunk/openvas-plugins/scripts/fcore_2009_11314.nasl
   trunk/openvas-plugins/scripts/fcore_2009_11499.nasl
   trunk/openvas-plugins/scripts/fcore_2009_11618.nasl
   trunk/openvas-plugins/scripts/fcore_2009_11739.nasl
   trunk/openvas-plugins/scripts/fcore_2009_11740.nasl
   trunk/openvas-plugins/scripts/fcore_2009_11836.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12017.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12348.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12370.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12395.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12439.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12444.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12457.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12481.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12652.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12663.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12674.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12690.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12716.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12737.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12750.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12775.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12782.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12786.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12825.nasl
   trunk/openvas-plugins/scripts/fcore_2009_7998.nasl
   trunk/openvas-plugins/scripts/freebsd_expat2.nasl
   trunk/openvas-plugins/scripts/freebsd_expat20.nasl
   trunk/openvas-plugins/scripts/freebsd_opera19.nasl
   trunk/openvas-plugins/scripts/freebsdsa_freebsd.nasl
   trunk/openvas-plugins/scripts/freebsdsa_rtld.nasl
   trunk/openvas-plugins/scripts/freebsdsa_ssl.nasl
   trunk/openvas-plugins/scripts/mdksa_2008_233_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_103_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_106_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_107_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_108_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_112_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_113_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_121_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_128_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_130_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_132_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_142_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_157_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_158_3.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_169_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_197_3.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_199_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_200_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_201_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_203_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_206_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_208_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_211_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_212_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_213_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_215_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_217_3.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_218_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_219_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_223_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_224_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_229_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_231_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_232_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_234_2.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_243_2.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_249_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_252_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_254_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_256_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_260_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_272_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_284_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_287_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_290_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_292_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_297_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_305.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_307_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_308.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_309.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_310.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_311.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_312.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_313_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_314.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_315.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_317.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_318.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_319.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_320.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_321.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_322.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_323.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_324.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_325.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_326.nasl
   trunk/openvas-plugins/scripts/ovcesa2009_1625.nasl
   trunk/openvas-plugins/scripts/suse_sa_2009_059.nasl
   trunk/openvas-plugins/scripts/suse_sa_2009_060.nasl
   trunk/openvas-plugins/scripts/ubuntu_863_1.nasl
   trunk/openvas-plugins/scripts/ubuntu_865_1.nasl
   trunk/openvas-plugins/scripts/ubuntu_866_1.nasl
Modified:
   trunk/openvas-plugins/ChangeLog
Log:
New scripts added

Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/ChangeLog	2009-12-09 23:23:54 UTC (rev 6120)
@@ -1,5 +1,124 @@
-009-12-09 Michael Meyer <michael.meyer at intevation.de>
+2009-12-09  Thomas Reinke <reinke at securityspace.com>
 
+	* scripts/deb_1942_1.nasl,
+	scripts/deb_1943_1.nasl,
+	scripts/deb_1944_1.nasl,
+	scripts/deb_1945_1.nasl,
+	scripts/deb_1946_1.nasl,
+	scripts/freebsd_expat2.nasl,
+	scripts/freebsd_expat20.nasl,
+	scripts/freebsd_opera19.nasl,
+	scripts/freebsdsa_freebsd.nasl,
+	scripts/freebsdsa_rtld.nasl,
+	scripts/freebsdsa_ssl.nasl,
+	scripts/suse_sa_2009_059.nasl,
+	scripts/suse_sa_2009_060.nasl,
+	scripts/ubuntu_863_1.nasl,
+	scripts/ubuntu_865_1.nasl,
+	scripts/ubuntu_866_1.nasl,
+	scripts/mdksa_2008_233_1.nasl,
+	scripts/mdksa_2009_103_1.nasl,
+	scripts/mdksa_2009_106_1.nasl,
+	scripts/mdksa_2009_107_1.nasl,
+	scripts/mdksa_2009_108_1.nasl,
+	scripts/mdksa_2009_112_1.nasl,
+	scripts/mdksa_2009_113_1.nasl,
+	scripts/mdksa_2009_121_1.nasl,
+	scripts/mdksa_2009_128_1.nasl,
+	scripts/mdksa_2009_130_1.nasl,
+	scripts/mdksa_2009_132_1.nasl,
+	scripts/mdksa_2009_142_1.nasl,
+	scripts/mdksa_2009_157_1.nasl,
+	scripts/mdksa_2009_158_3.nasl,
+	scripts/mdksa_2009_169_1.nasl,
+	scripts/mdksa_2009_197_3.nasl,
+	scripts/mdksa_2009_199_1.nasl,
+	scripts/mdksa_2009_200_1.nasl,
+	scripts/mdksa_2009_201_1.nasl,
+	scripts/mdksa_2009_203_1.nasl,
+	scripts/mdksa_2009_206_1.nasl,
+	scripts/mdksa_2009_208_1.nasl,
+	scripts/mdksa_2009_211_1.nasl,
+	scripts/mdksa_2009_212_1.nasl,
+	scripts/mdksa_2009_213_1.nasl,
+	scripts/mdksa_2009_215_1.nasl,
+	scripts/mdksa_2009_217_3.nasl,
+	scripts/mdksa_2009_218_1.nasl,
+	scripts/mdksa_2009_219_1.nasl,
+	scripts/mdksa_2009_223_1.nasl,
+	scripts/mdksa_2009_224_1.nasl,
+	scripts/mdksa_2009_229_1.nasl,
+	scripts/mdksa_2009_231_1.nasl,
+	scripts/mdksa_2009_232_1.nasl,
+	scripts/mdksa_2009_234_2.nasl,
+	scripts/mdksa_2009_243_2.nasl,
+	scripts/mdksa_2009_249_1.nasl,
+	scripts/mdksa_2009_252_1.nasl,
+	scripts/mdksa_2009_254_1.nasl,
+	scripts/mdksa_2009_256_1.nasl,
+	scripts/mdksa_2009_260_1.nasl,
+	scripts/mdksa_2009_272_1.nasl,
+	scripts/mdksa_2009_284_1.nasl,
+	scripts/mdksa_2009_287_1.nasl,
+	scripts/mdksa_2009_290_1.nasl,
+	scripts/mdksa_2009_292_1.nasl,
+	scripts/mdksa_2009_297_1.nasl,
+	scripts/mdksa_2009_305.nasl,
+	scripts/mdksa_2009_307_1.nasl,
+	scripts/mdksa_2009_308.nasl,
+	scripts/mdksa_2009_309.nasl,
+	scripts/mdksa_2009_310.nasl,
+	scripts/mdksa_2009_311.nasl,
+	scripts/mdksa_2009_312.nasl,
+	scripts/mdksa_2009_313_1.nasl,
+	scripts/mdksa_2009_314.nasl,
+	scripts/mdksa_2009_315.nasl,
+	scripts/mdksa_2009_317.nasl,
+	scripts/mdksa_2009_318.nasl,
+	scripts/mdksa_2009_319.nasl,
+	scripts/mdksa_2009_320.nasl,
+	scripts/mdksa_2009_321.nasl,
+	scripts/mdksa_2009_322.nasl,
+	scripts/mdksa_2009_323.nasl,
+	scripts/mdksa_2009_324.nasl,
+	scripts/mdksa_2009_325.nasl,
+	scripts/mdksa_2009_326.nasl,
+	scripts/RHSA_2009_1625.nasl,
+	scripts/RHSA_2009_1635.nasl,
+	scripts/RHSA_2009_1642.nasl,
+	scripts/fcore_2009_10891.nasl,
+	scripts/fcore_2009_11062.nasl,
+	scripts/fcore_2009_11314.nasl,
+	scripts/fcore_2009_11499.nasl,
+	scripts/fcore_2009_11618.nasl,
+	scripts/fcore_2009_11739.nasl,
+	scripts/fcore_2009_11740.nasl,
+	scripts/fcore_2009_11836.nasl,
+	scripts/fcore_2009_12017.nasl,
+	scripts/fcore_2009_12348.nasl,
+	scripts/fcore_2009_12370.nasl,
+	scripts/fcore_2009_12395.nasl,
+	scripts/fcore_2009_12439.nasl,
+	scripts/fcore_2009_12444.nasl,
+	scripts/fcore_2009_12457.nasl,
+	scripts/fcore_2009_12481.nasl,
+	scripts/fcore_2009_12652.nasl,
+	scripts/fcore_2009_12663.nasl,
+	scripts/fcore_2009_12674.nasl,
+	scripts/fcore_2009_12690.nasl,
+	scripts/fcore_2009_12716.nasl,
+	scripts/fcore_2009_12737.nasl,
+	scripts/fcore_2009_12750.nasl,
+	scripts/fcore_2009_12775.nasl,
+	scripts/fcore_2009_12782.nasl,
+	scripts/fcore_2009_12786.nasl,
+	scripts/fcore_2009_12825.nasl,
+	scripts/fcore_2009_7998.nasl,
+	scripts/ovcesa2009_1625.nasl:
+	New scripts
+
+2009-12-09 Michael Meyer <michael.meyer at intevation.de>
+
 	* scripts/gb_php_mult_vuln_dec09.nasl:
 	Added port to security_hole().
 

Added: trunk/openvas-plugins/scripts/RHSA_2009_1625.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RHSA_2009_1625.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/RHSA_2009_1625.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,111 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory RHSA-2009:1625 ()
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66357);
+ script_cve_id("CVE-2009-3560", "CVE-2009-3720");
+ script_version ("$Revision$");
+ script_name("RedHat Security Advisory RHSA-2009:1625");
+
+ desc = "
+The remote host is missing updates announced in
+advisory RHSA-2009:1625.
+
+Expat is a C library written by James Clark for parsing XML documents.
+
+Two buffer over-read flaws were found in the way Expat handled malformed
+UTF-8 sequences when processing XML files. A specially-crafted XML file
+could cause applications using Expat to crash while parsing the file.
+(CVE-2009-3560, CVE-2009-3720)
+
+All expat users should upgrade to these updated packages, which contain
+backported patches to correct these issues. After installing the updated
+packages, applications using the Expat library must be restarted for the
+update to take effect.
+
+Solution:
+Please note that this update is available via
+Red Hat Network.  To use Red Hat Network, launch the Red
+Hat Update Agent with the following command: up2date
+
+http://rhn.redhat.com/errata/RHSA-2009-1625.html
+http://www.redhat.com/security/updates/classification/#moderate
+
+Risk factor : Medium";
+
+ script_description(desc);
+
+ script_summary("Redhat Security Advisory RHSA-2009:1625");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"expat", rpm:"expat~1.95.5~6.2", rls:"RHENT_3")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"expat-debuginfo", rpm:"expat-debuginfo~1.95.5~6.2", rls:"RHENT_3")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"expat-devel", rpm:"expat-devel~1.95.5~6.2", rls:"RHENT_3")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"expat", rpm:"expat~1.95.7~4.el4_8.2", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"expat-debuginfo", rpm:"expat-debuginfo~1.95.7~4.el4_8.2", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"expat-devel", rpm:"expat-devel~1.95.7~4.el4_8.2", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"expat", rpm:"expat~1.95.8~8.3.el5_4.2", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"expat-debuginfo", rpm:"expat-debuginfo~1.95.8~8.3.el5_4.2", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"expat-devel", rpm:"expat-devel~1.95.8~8.3.el5_4.2", rls:"RHENT_5")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/RHSA_2009_1635.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RHSA_2009_1635.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/RHSA_2009_1635.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,136 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory RHSA-2009:1635 ()
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66356);
+ script_cve_id("CVE-2009-3726", "CVE-2009-3889", "CVE-2009-3939");
+ script_version ("$Revision$");
+ script_name("RedHat Security Advisory RHSA-2009:1635");
+
+ desc = "
+The remote host is missing updates announced in
+advisory RHSA-2009:1635.
+
+The kernel-rt packages contain the Linux kernel, the core of any Linux
+operating system.
+
+These updated packages fix the following security issues:
+
+* a NULL pointer dereference flaw was found in the NFSv4 implementation in
+the Linux kernel. Several of the NFSv4 file locking functions failed to
+check whether a file had been opened on the server before performing
+locking operations on it. A local user on a system with an NFSv4 share
+mounted could possibly use this flaw to cause a denial of service or
+escalate their privileges. (CVE-2009-3726, Important)
+
+* permission issues were found in the megaraid_sas driver (for SAS based
+RAID controllers) in the Linux kernel. The dbg_lvl and poll_mode_io
+files on the sysfs file system (/sys/) had world-writable permissions.
+This could allow local, unprivileged users to change the behavior of the
+driver. (CVE-2009-3889, CVE-2009-3939, Moderate)
+
+Users should upgrade to these updated packages, which contain backported
+patches to correct these issues and add these enhancements. The system must
+be rebooted for this update to take effect.
+
+Solution:
+Please note that this update is available via
+Red Hat Network.  To use Red Hat Network, launch the Red
+Hat Update Agent with the following command: up2date
+
+http://rhn.redhat.com/errata/RHSA-2009-1635.html
+http://www.redhat.com/security/updates/classification/#important
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Redhat Security Advisory RHSA-2009:1635");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"kernel-rt", rpm:"kernel-rt~2.6.24.7~139.el5rt", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-rt-debug", rpm:"kernel-rt-debug~2.6.24.7~139.el5rt", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-rt-debug-debuginfo", rpm:"kernel-rt-debug-debuginfo~2.6.24.7~139.el5rt", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-rt-debug-devel", rpm:"kernel-rt-debug-devel~2.6.24.7~139.el5rt", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-rt-debuginfo", rpm:"kernel-rt-debuginfo~2.6.24.7~139.el5rt", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-rt-debuginfo-common", rpm:"kernel-rt-debuginfo-common~2.6.24.7~139.el5rt", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-rt-devel", rpm:"kernel-rt-devel~2.6.24.7~139.el5rt", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-rt-trace", rpm:"kernel-rt-trace~2.6.24.7~139.el5rt", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-rt-trace-debuginfo", rpm:"kernel-rt-trace-debuginfo~2.6.24.7~139.el5rt", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-rt-trace-devel", rpm:"kernel-rt-trace-devel~2.6.24.7~139.el5rt", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-rt-vanilla", rpm:"kernel-rt-vanilla~2.6.24.7~139.el5rt", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-rt-vanilla-debuginfo", rpm:"kernel-rt-vanilla-debuginfo~2.6.24.7~139.el5rt", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-rt-vanilla-devel", rpm:"kernel-rt-vanilla-devel~2.6.24.7~139.el5rt", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-rt-doc", rpm:"kernel-rt-doc~2.6.24.7~139.el5rt", rls:"RHENT_5")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/RHSA_2009_1642.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RHSA_2009_1642.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/RHSA_2009_1642.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,93 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory RHSA-2009:1642 ()
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66358);
+ script_cve_id("CVE-2009-4033");
+ script_version ("$Revision$");
+ script_name("RedHat Security Advisory RHSA-2009:1642");
+
+ desc = "
+The remote host is missing updates announced in
+advisory RHSA-2009:1642.
+
+acpid is a daemon that dispatches ACPI (Advanced Configuration and Power
+Interface) events to user-space programs.
+
+It was discovered that acpid could create its log file (/var/log/acpid)
+with random permissions on some systems. A local attacker could use this
+flaw to escalate their privileges if the log file was created as
+world-writable and with the setuid or setgid bit set. (CVE-2009-4033)
+
+Please note that this flaw was due to a Red Hat-specific patch
+(acpid-1.0.4-fd.patch) included in the Red Hat Enterprise Linux 5 acpid
+package.
+
+Users are advised to upgrade to this updated package, which contains a
+backported patch to correct this issue.
+
+Solution:
+Please note that this update is available via
+Red Hat Network.  To use Red Hat Network, launch the Red
+Hat Update Agent with the following command: up2date
+
+http://rhn.redhat.com/errata/RHSA-2009-1642.html
+http://www.redhat.com/security/updates/classification/#important
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Redhat Security Advisory RHSA-2009:1642");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"acpid", rpm:"acpid~1.0.4~9.el5_4.1", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"acpid-debuginfo", rpm:"acpid-debuginfo~1.0.4~9.el5_4.1", rls:"RHENT_5")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_1942_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1942_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/deb_1942_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,137 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1942-1 (wireshark)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66454);
+ script_cve_id("CVE-2009-1268", "CVE-2008-1829", "CVE-2009-2560", "CVE-2009-2562", "CVE-2009-3241", "CVE-2009-3550", "CVE-2009-3829");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1942-1 (wireshark)");
+
+ desc = "
+The remote host is missing an update to wireshark
+announced via advisory DSA 1942-1.
+
+Several remote vulnerabilities have been discovered in the Wireshark
+network traffic analyzer, which may lead to the execution of arbitrary
+code or denial of service. The Common Vulnerabilities and Exposures
+project identifies the following problems:
+
+CVE-2009-2560
+
+A NULL pointer dereference was found in the RADIUS dissector.
+
+CVE-2009-3550
+
+A NULL pointer dereference was found in the DCERP/NT dissector.
+
+CVE-2009-3829
+
+An integer overflow was discovered in the ERF parser.
+
+This update also includes fixes for three minor issues, which were
+scheduled for the next stable point update. (CVE-2008-1829,
+CVE-2009-2562, CVE-2009-3241). Also CVE-2009-1268 was fixed for Etch.
+Since this security update was issued prior to the release of the
+point update, the fixes were included.
+
+For the old stable distribution (etch), this problem has been fixed in
+version 0.99.4-5.etch.4.
+
+For the stable distribution (lenny), this problem has been fixed in
+version 1.0.2-3+lenny7.
+
+For the unstable distribution (sid) these problems have been fixed in
+version 1.2.3-1.
+
+We recommend that you upgrade your Wireshark packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201942-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1942-1 (wireshark)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"ethereal-common", ver:"0.99.4-5.etch.4", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"wireshark-dev", ver:"0.99.4-5.etch.4", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"ethereal", ver:"0.99.4-5.etch.4", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"tshark", ver:"0.99.4-5.etch.4", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"wireshark-common", ver:"0.99.4-5.etch.4", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"wireshark", ver:"0.99.4-5.etch.4", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"ethereal-dev", ver:"0.99.4-5.etch.4", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"tethereal", ver:"0.99.4-5.etch.4", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"tshark", ver:"1.0.2-3+lenny7", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"wireshark", ver:"1.0.2-3+lenny7", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"wireshark-common", ver:"1.0.2-3+lenny7", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"wireshark-dev", ver:"1.0.2-3+lenny7", rls:"DEB5.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_1943_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1943_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/deb_1943_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,112 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1943-1 (openldap openldap2.3)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66455);
+ script_cve_id("CVE-2009-3767");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1943-1 (openldap openldap2.3)");
+
+ desc = "
+The remote host is missing an update to openldap openldap2.3
+announced via advisory DSA 1943-1.
+
+It was discovered that OpenLDAP, a free implementation of the Lightweight
+Directory Access Protocol, when OpenSSL is used, does not properly handle a '\0'
+character in a domain name in the subject's Common Name (CN) field of an X.509
+certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL
+servers via a crafted certificate issued by a legitimate Certification Authority.
+
+For the oldstable distribution (etch), this problem has been fixed in version
+2.3.30-5+etch3 for openldap2.3.
+
+For the stable distribution (lenny), this problem has been fixed in version
+2.4.11-1+lenny1 for openldap.
+
+For the testing distribution (squeeze), and the  unstable distribution (sid),
+this problem has been fixed in version 2.4.17-2.1 for openldap.
+
+
+We recommend that you upgrade your openldap2.3/openldap packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201943-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1943-1 (openldap openldap2.3)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"libldap-2.3-0", ver:"2.3.30-5+etch3", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"slapd", ver:"2.3.30-5+etch3", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"ldap-utils", ver:"2.3.30-5+etch3", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"slapd-dbg", ver:"2.4.11-1+lenny1", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libldap-2.4-2", ver:"2.4.11-1+lenny1", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"ldap-utils", ver:"2.4.11-1+lenny1", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"slapd", ver:"2.4.11-1+lenny1", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libldap2-dev", ver:"2.4.11-1+lenny1", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libldap-2.4-2-dbg", ver:"2.4.11-1+lenny1", rls:"DEB5.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_1944_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1944_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/deb_1944_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,129 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1944-1 (request-tracker3.4/request-tracker3.6)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66456);
+ script_cve_id("CVE-2009-3585");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1944-1 (request-tracker3.4/request-tracker3.6)");
+
+ desc = "
+The remote host is missing an update to request-tracker3.4/request-tracker3.6
+announced via advisory DSA 1944-1.
+
+
+Mikal Gule discovered that request-tracker, an extensible trouble-ticket
+tracking system, is prone to an attack, where an attacker with access
+to the same domain can hijack a user's RT session.
+
+
+For the stable distribution (lenny), this problem has been fixed in
+version 3.6.7-5+lenny3.
+
+For the oldstable distribution (etch), this problem has been fixed in
+version 3.6.1-4+etch1 of request-tracker3.6 and version 3.4.5-2+etch1
+of request-tracker3.4.
+
+For the testing distribution (squeeze), this problem will be fixed soon.
+
+For the unstable distribution (sid), this problem has been fixed in
+version 3.6.9-2.
+
+We recommend that you upgrade your request-tracker packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201944-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1944-1 (request-tracker3.4/request-tracker3.6)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"rt3.6-apache2", ver:"3.6.1-4+etch1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"rt3.6-apache", ver:"3.6.1-4+etch1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"rt3.4-clients", ver:"3.4.5-2+etch1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"request-tracker3.4", ver:"3.4.5-2+etch1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"rt3.4-apache", ver:"3.4.5-2+etch1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"request-tracker3.6", ver:"3.6.1-4+etch1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"rt3.6-clients", ver:"3.6.1-4+etch1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"rt3.4-apache2", ver:"3.4.5-2+etch1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"rt3.6-db-mysql", ver:"3.6.7-5+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"rt3.6-db-sqlite", ver:"3.6.7-5+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"rt3.6-apache2", ver:"3.6.7-5+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"rt3.6-db-postgresql", ver:"3.6.7-5+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"request-tracker3.6", ver:"3.6.7-5+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"rt3.6-clients", ver:"3.6.7-5+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_1945_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1945_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/deb_1945_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,173 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1945-1 (gforge)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66457);
+ script_cve_id("CVE-2009-3304");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1945-1 (gforge)");
+
+ desc = "
+The remote host is missing an update to gforge
+announced via advisory DSA 1945-1.
+
+Sylvain Beucler discovered that gforge, a collaborative development
+tool, is prone to a symlink attack, which allows local users to perform
+a denial of service attack by overwriting arbitrary files.
+
+
+For the stable distribution (lenny), this problem has been fixed in
+version 4.7~rc2-7lenny3.
+
+The oldstable distribution (etch), this problem has been fixed in
+version 4.5.14-22etch13.
+
+For the testing distribution (squeeze), this problem will be fixed soon.
+
+For the unstable distribution (sid), this problem has been fixed in
+version 4.8.2-1.
+
+
+We recommend that you upgrade your gforge packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201945-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1945-1 (gforge)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"gforge-shell-ldap", ver:"4.5.14-22etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-common", ver:"4.5.14-22etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-db-postgresql", ver:"4.5.14-22etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-web-apache", ver:"4.5.14-22etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-ftp-proftpd", ver:"4.5.14-22etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge", ver:"4.5.14-22etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-mta-postfix", ver:"4.5.14-22etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-mta-courier", ver:"4.5.14-22etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-mta-exim4", ver:"4.5.14-22etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-shell-postgresql", ver:"4.5.14-22etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-mta-exim", ver:"4.5.14-22etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-lists-mailman", ver:"4.5.14-22etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-ldap-openldap", ver:"4.5.14-22etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-dns-bind9", ver:"4.5.14-22etch13", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-plugin-mediawiki", ver:"4.7~rc2-7lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-dns-bind9", ver:"4.7~rc2-7lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-mta-courier", ver:"4.7~rc2-7lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-shell-postgresql", ver:"4.7~rc2-7lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-common", ver:"4.7~rc2-7lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-db-postgresql", ver:"4.7~rc2-7lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-mta-postfix", ver:"4.7~rc2-7lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-mta-exim4", ver:"4.7~rc2-7lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-web-apache", ver:"4.7~rc2-7lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-plugin-scmsvn", ver:"4.7~rc2-7lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-web-apache2", ver:"4.7~rc2-7lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge", ver:"4.7~rc2-7lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-lists-mailman", ver:"4.7~rc2-7lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-ftp-proftpd", ver:"4.7~rc2-7lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gforge-plugin-scmcvs", ver:"4.7~rc2-7lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_1946_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1946_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/deb_1946_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,103 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1946-1 (belpic)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66458);
+ script_cve_id("CVE-2009-0049");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1946-1 (belpic)");
+
+ desc = "
+The remote host is missing an update to belpic
+announced via advisory DSA 1946-1.
+
+It was discovered that belpic, the belgian eID PKCS11 library, does not
+properly check the result of an OpenSSL function for verifying
+cryptographic signatures, which could be used to bypass the certificate
+validation.
+
+
+For the oldstable distribution (etch), this problem has been fixed in
+version 2.5.9-7.etch.1.
+
+For the stable distribution (lenny), this problem has been fixed in
+version 2.6.0-6, which was already included in the lenny release.
+
+For the testing distribution (squeeze) and the unstable distribution
+(sid), this problem has been fixed in version 2.6.0-6.
+
+
+We recommend that you upgrade your belpic packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201946-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1946-1 (belpic)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"libbeid2-dev", ver:"2.5.9-7.etch.1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"beid-tools", ver:"2.5.9-7.etch.1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"beidgui", ver:"2.5.9-7.etch.1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libbeidlibopensc2", ver:"2.5.9-7.etch.1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libbeid2", ver:"2.5.9-7.etch.1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libbeidlibopensc2-dev", ver:"2.5.9-7.etch.1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_10891.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_10891.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_10891.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,127 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-10891 (cups)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66426);
+ script_cve_id("CVE-2009-2820", "CVE-2009-3553", "CVE-2009-0163", "CVE-2009-0164");
+ script_version ("$Revision$");
+ script_name("Fedora Core 11 FEDORA-2009-10891 (cups)");
+
+ desc = "
+The remote host is missing an update to cups
+announced via advisory FEDORA-2009-10891.
+
+Updated to 1.4.2 including XSS security fix (CVE-2009-2820).
+
+Fixed improper reference counting in abstract file descriptors
+handling interface (CVE-2009-3553).
+
+ChangeLog:
+
+* Thu Nov 19 2009 Tim Waugh  1:1.4.2-7
+- Applied patch to fix CVE-2009-3553 (bug #530111, STR #3200).
+* Tue Nov 17 2009 Tim Waugh  1:1.4.2-6
+- Fixed display of current driver (bug #537182, STR #3418).
+- Fixed out-of-memory handling when loading jobs (bug #538054,
+STR #3407).
+* Mon Nov 16 2009 Tim Waugh  1:1.4.2-5
+- Fixed typo in admin web template (bug #537884, STR #3403).
+- Reset SIGPIPE handler for child processes (bug #537886, STR #3399).
+* Mon Nov 16 2009 Tim Waugh  1:1.4.2-4
+- Upstream fix for GNU TLS error handling bug (bug #537883, STR #3381).
+* Wed Nov 11 2009 Jiri Popelka  1:1.4.2-3
+- Fixed lspp-patch to avoid memory leak (bug #536741).
+* Tue Nov 10 2009 Tim Waugh  1:1.4.2-2
+- Added explicit version dependency on cups-libs to cups-lpd
+(bug #502205).
+* Tue Nov 10 2009 Tim Waugh  1:1.4.2-1
+- 1.4.2.  No longer need str3380, str3332, str3356, str3396 patches.
+- Removed postscript.ppd.gz (bug #533371).
+* Tue Nov  3 2009 Tim Waugh  1:1.4.1-8
+- Removed stale patch from STR #2831 which was causing problems with
+number-up (bug #532516).
+References:
+
+[ 1 ] Bug #529833 - CVE-2009-2820 cups: Several XSS flaws in forms processed by CUPS web interface
+https://bugzilla.redhat.com/show_bug.cgi?id=529833
+[ 2 ] Bug #530111 - CVE-2009-3553 cups: Use-after-free (crash) due improper reference counting in abstract file descriptors handling interface
+https://bugzilla.redhat.com/show_bug.cgi?id=530111
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update cups' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-10891
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 11 FEDORA-2009-10891 (cups)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"cups", rpm:"cups~1.4.2~7.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.4.2~7.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.4.2~7.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-lpd", rpm:"cups-lpd~1.4.2~7.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-php", rpm:"cups-php~1.4.2~7.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-debuginfo", rpm:"cups-debuginfo~1.4.2~7.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_11062.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_11062.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_11062.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,112 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-11062 (cups)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66435);
+ script_cve_id("CVE-2009-2820", "CVE-2008-5183", "CVE-2008-5286", "CVE-2008-1722");
+ script_version ("$Revision$");
+ script_name("Fedora Core 10 FEDORA-2009-11062 (cups)");
+
+ desc = "
+The remote host is missing an update to cups
+announced via advisory FEDORA-2009-11062.
+
+Update Information:
+
+This fixes CVE-2009-2820, an XSS vulnerability in the web interface.    This
+also updates cups to the latest stable release on the 1.3 branch, and fixes a
+problem with number-up handling.
+
+ChangeLog:
+
+* Tue Nov 10 2009 Tim Waugh  1:1.3.11-2
+- Added fix for CVE-2009-2820 (bug #529833).
+* Tue Nov  3 2009 Tim Waugh  1:1.3.11-1
+- 1.3.11.
+* Tue Nov  3 2009 Tim Waugh  1:1.3.10-7
+- Removed stale patch from STR #2831 which was causing problems with
+number-up (bug #532516).
+
+References:
+
+[ 1 ] Bug #529833 - CVE-2009-2820 cups: Several XSS flaws in forms processed by CUPS web interface
+https://bugzilla.redhat.com/show_bug.cgi?id=529833
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update cups' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11062
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 10 FEDORA-2009-11062 (cups)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"cups", rpm:"cups~1.3.11~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.3.11~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.3.11~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-lpd", rpm:"cups-lpd~1.3.11~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-php", rpm:"cups-php~1.3.11~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-debuginfo", rpm:"cups-debuginfo~1.3.11~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_11314.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_11314.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_11314.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,127 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-11314 (cups)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66430);
+ script_cve_id("CVE-2009-2820", "CVE-2009-3553");
+ script_version ("$Revision$");
+ script_name("Fedora Core 12 FEDORA-2009-11314 (cups)");
+
+ desc = "
+The remote host is missing an update to cups
+announced via advisory FEDORA-2009-11314.
+
+Update Information:
+
+New release, including fix for XSS vulnerability in web interface
+(CVE-2009-2820) and for improper reference counting in abstract file descriptors
+handling interface (CVE-2009-3553).
+
+ChangeLog:
+
+* Thu Nov 19 2009 Tim Waugh  1:1.4.2-7
+- Applied patch to fix CVE-2009-3553 (bug #530111, STR #3200).
+* Tue Nov 17 2009 Tim Waugh  1:1.4.2-6
+- Fixed display of current driver (bug #537182, STR #3418).
+- Fixed out-of-memory handling when loading jobs (bug #538054,
+STR #3407).
+* Mon Nov 16 2009 Tim Waugh  1:1.4.2-5
+- Fixed typo in admin web template (bug #537884, STR #3403).
+- Reset SIGPIPE handler for child processes (bug #537886, STR #3399).
+* Mon Nov 16 2009 Tim Waugh  1:1.4.2-4
+- Upstream fix for GNU TLS error handling bug (bug #537883, STR #3381).
+* Wed Nov 11 2009 Jiri Popelka  1:1.4.2-3
+- Fixed lspp-patch to avoid memory leak (bug #536741).
+* Tue Nov 10 2009 Tim Waugh  1:1.4.2-2
+- Added explicit version dependency on cups-libs to cups-lpd
+(bug #502205).
+* Tue Nov 10 2009 Tim Waugh  1:1.4.2-1
+- 1.4.2.  No longer need str3380, str3332, str3356, str3396 patches.
+- Removed postscript.ppd.gz (bug #533371).
+- Renumbered patches and sources.
+
+References:
+
+[ 1 ] Bug #529833 - CVE-2009-2820 cups: Several XSS flaws in forms processed by CUPS web interface
+https://bugzilla.redhat.com/show_bug.cgi?id=529833
+[ 2 ] Bug #530111 - CVE-2009-3553 cups: Use-after-free (crash) due improper reference counting in abstract file descriptors handling interface
+https://bugzilla.redhat.com/show_bug.cgi?id=530111
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update cups' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11314
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 12 FEDORA-2009-11314 (cups)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"cups", rpm:"cups~1.4.2~7.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.4.2~7.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.4.2~7.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-lpd", rpm:"cups-lpd~1.4.2~7.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-php", rpm:"cups-php~1.4.2~7.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-debuginfo", rpm:"cups-debuginfo~1.4.2~7.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_11499.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_11499.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_11499.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,113 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-11499 (libsndfile)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66438);
+ script_cve_id("CVE-2009-0186", "CVE-2009-1788", "CVE-2009-1791");
+ script_version ("$Revision$");
+ script_name("Fedora Core 10 FEDORA-2009-11499 (libsndfile)");
+
+ desc = "
+The remote host is missing an update to libsndfile
+announced via advisory FEDORA-2009-11499.
+
+Update Information:
+
+Version 1.0.20 (2009-03-14)
+* Fix potential heap overflow in VOC file parser
+  (Tobias Klein, http://www.trapkit.de/).
+Version 1.0.19 (2009-03-02)
+* Fix for CVE-2009-0186 (Alin Rad Pop, Secunia Research).
+* Huge number of minor bug fixes as a result of static analysis.
+Version 1.0.18 (2009-02-07)
+* Add Ogg/Vorbis support (thanks to John ffitch).
+* Remove captive FLAC library.
+* Many new features and bug fixes.
+
+ChangeLog:
+
+* Sat Nov 14 2009 Orcan Ogetbil  - 1.0.20-3
+- Add FLAC/Ogg/Vorbis support (BR: libvorbis-devel)
+- Make build verbose
+- Remove rpath
+- Fix ChangeLog encoding
+- Move the big Changelog to the devel package
+
+References:
+
+[ 1 ] Bug #488361 - CVE-2009-0186 libsndfile: overflows may lead to execution of arbitrary code
+https://bugzilla.redhat.com/show_bug.cgi?id=488361
+[ 2 ] Bug #502657 - CVE-2009-1788 libsndfile VOC file heap based buffer overflow
+https://bugzilla.redhat.com/show_bug.cgi?id=502657
+[ 3 ] Bug #502658 - CVE-2009-1791 libsndfile AIFF file heap based buffer overflow
+https://bugzilla.redhat.com/show_bug.cgi?id=502658
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update libsndfile' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11499
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 10 FEDORA-2009-11499 (libsndfile)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libsndfile", rpm:"libsndfile~1.0.20~3.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsndfile-devel", rpm:"libsndfile-devel~1.0.20~3.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsndfile-debuginfo", rpm:"libsndfile-debuginfo~1.0.20~3.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_11618.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_11618.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_11618.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,117 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-11618 (libsndfile)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66439);
+ script_cve_id("CVE-2009-0186", "CVE-2009-1788", "CVE-2009-1791");
+ script_version ("$Revision$");
+ script_name("Fedora Core 11 FEDORA-2009-11618 (libsndfile)");
+
+ desc = "
+The remote host is missing an update to libsndfile
+announced via advisory FEDORA-2009-11618.
+
+Update Information:
+
+Version 1.0.20 (2009-03-14)
+* Fix potential heap overflow in VOC file parser
+  (Tobias Klein, http://www.trapkit.de/).
+Version 1.0.19 (2009-03-02)
+* Fix for CVE-2009-0186 (Alin Rad Pop, Secunia Research).
+* Huge number of minor bug fixes as a result of static analysis.
+Version 1.0.18 (2009-02-07)
+* Add Ogg/Vorbis support (thanks to John ffitch).
+* Remove captive FLAC library.
+* Many new features and bug fixes.
+
+ChangeLog:
+
+* Sat Nov 14 2009 Orcan Ogetbil  - 1.0.20-3
+- Add FLAC/Ogg/Vorbis support (BR: libvorbis-devel)
+- Make build verbose
+- Remove rpath
+- Fix ChangeLog encoding
+- Move the big Changelog to the devel package
+* Sat Jul 25 2009 Fedora Release Engineering  - 1.0.20-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+* Sat Jun  6 2009 Lennart Poettering  - 1.0.20-1
+- Updated to 1.0.20
+
+References:
+
+[ 1 ] Bug #488361 - CVE-2009-0186 libsndfile: overflows may lead to execution of arbitrary code
+https://bugzilla.redhat.com/show_bug.cgi?id=488361
+[ 2 ] Bug #502657 - CVE-2009-1788 libsndfile VOC file heap based buffer overflow
+https://bugzilla.redhat.com/show_bug.cgi?id=502657
+[ 3 ] Bug #502658 - CVE-2009-1791 libsndfile AIFF file heap based buffer overflow
+https://bugzilla.redhat.com/show_bug.cgi?id=502658
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update libsndfile' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11618
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 11 FEDORA-2009-11618 (libsndfile)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libsndfile", rpm:"libsndfile~1.0.20~3.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsndfile-devel", rpm:"libsndfile-devel~1.0.20~3.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsndfile-debuginfo", rpm:"libsndfile-debuginfo~1.0.20~3.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_11739.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_11739.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_11739.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,93 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-11739 (wget)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66440);
+ script_cve_id("CVE-2009-3490");
+ script_version ("$Revision$");
+ script_name("Fedora Core 10 FEDORA-2009-11739 (wget)");
+
+ desc = "
+The remote host is missing an update to wget
+announced via advisory FEDORA-2009-11739.
+
+ChangeLog:
+
+* Wed Nov 18 2009 Karsten Hopp  1.12-2
+- don't provide /usr/share/info/dir
+* Tue Nov 17 2009 Karsten Hopp  1.12-1
+- update to wget-1.12
+- fixes CVE-2009-3490 wget: incorrect verification of SSL certificate
+with NUL in name
+
+References:
+
+[ 1 ] Bug #520454 - CVE-2009-3490 wget: incorrect verification of SSL certificate with NUL in name
+https://bugzilla.redhat.com/show_bug.cgi?id=520454
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update wget' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11739
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 10 FEDORA-2009-11739 (wget)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"wget", rpm:"wget~1.12~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"wget-debuginfo", rpm:"wget-debuginfo~1.12~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_11740.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_11740.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_11740.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,93 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-11740 (wget)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66437);
+ script_cve_id("CVE-2009-3490");
+ script_version ("$Revision$");
+ script_name("Fedora Core 11 FEDORA-2009-11740 (wget)");
+
+ desc = "
+The remote host is missing an update to wget
+announced via advisory FEDORA-2009-11740.
+
+ChangeLog:
+
+* Wed Nov 18 2009 Karsten Hopp  1.12-2
+- don't provide /usr/share/info/dir
+* Tue Nov 17 2009 Karsten Hopp  1.12-1
+- update to wget-1.12
+- fixes CVE-2009-3490 wget: incorrect verification of SSL certificate
+with NUL in name
+
+References:
+
+[ 1 ] Bug #520454 - CVE-2009-3490 wget: incorrect verification of SSL certificate with NUL in name
+https://bugzilla.redhat.com/show_bug.cgi?id=520454
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update wget' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11740
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 11 FEDORA-2009-11740 (wget)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"wget", rpm:"wget~1.12~2.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"wget-debuginfo", rpm:"wget-debuginfo~1.12~2.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_11836.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_11836.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_11836.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,92 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-11836 (wget)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66436);
+ script_cve_id("CVE-2009-3490");
+ script_version ("$Revision$");
+ script_name("Fedora Core 12 FEDORA-2009-11836 (wget)");
+
+ desc = "
+The remote host is missing an update to wget
+announced via advisory FEDORA-2009-11836.
+
+ChangeLog:
+
+* Wed Nov 18 2009 Karsten Hopp  1.12-2
+- don't provide /usr/share/info/dir
+* Tue Nov 17 2009 Karsten Hopp  1.12-1
+- update to wget-1.12
+- CVE-2009-3490 : incorrect verification of SSL certificate with NUL in name
+
+References:
+
+[ 1 ] Bug #520454 - CVE-2009-3490 wget: incorrect verification of SSL certificate with NUL in name
+https://bugzilla.redhat.com/show_bug.cgi?id=520454
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update wget' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11836
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 12 FEDORA-2009-11836 (wget)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"wget", rpm:"wget~1.12~2.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"wget-debuginfo", rpm:"wget-debuginfo~1.12~2.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12017.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12017.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_12017.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,97 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12017 (maniadrive)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66441);
+ script_cve_id("CVE-2009-3546");
+ script_version ("$Revision$");
+ script_name("Fedora Core 12 FEDORA-2009-12017 (maniadrive)");
+
+ desc = "
+The remote host is missing an update to maniadrive
+announced via advisory FEDORA-2009-12017.
+
+Update Information:
+
+Update to upstream PHP version 5.3.1
+
+References:
+
+[ 1 ] Bug #529213 - CVE-2009-3546 gd: insufficient input validation in _gdGetColors()
+https://bugzilla.redhat.com/show_bug.cgi?id=529213
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update maniadrive' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12017
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 12 FEDORA-2009-12017 (maniadrive)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"maniadrive", rpm:"maniadrive~1.2~19.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"maniadrive-track-editor", rpm:"maniadrive-track-editor~1.2~19.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"raydium", rpm:"raydium~1.2~19.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"raydium-devel", rpm:"raydium-devel~1.2~19.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"maniadrive-debuginfo", rpm:"maniadrive-debuginfo~1.2~19.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12348.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12348.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_12348.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,98 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12348 (php-pear-Mail)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66427);
+ script_cve_id("CVE-2009-4023", "CVE-2009-4111");
+ script_version ("$Revision$");
+ script_name("Fedora Core 11 FEDORA-2009-12348 (php-pear-Mail)");
+
+ desc = "
+The remote host is missing an update to php-pear-Mail
+announced via advisory FEDORA-2009-12348.
+
+Update Information:
+
+Fix CVE-2009-4023, CVE-2009-4111    PEAR's Mail class did not properly escape
+content of mail header fields, when using the sendmail backend. A remote
+attacker could send an email message, with specially-crafted headers to local
+user, leading to disclosure of content and potentially, to modification of
+arbitrary system file, once the email message was processed by the PEAR's Mail
+class.
+
+ChangeLog:
+
+* Fri Nov 27 2009 Remi Collet  1.1.14-5
+- Fix CVE-2009-4023 (#540842)
+- rename Mail.xml to php-pear-Mail.xml
+* Sun Jul 26 2009 Fedora Release Engineering  - 1.1.14-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+References:
+
+[ 1 ] Bug #540842 - CVE-2009-4023 php-pear-Mail: Absent sanitization of mail header fields
+https://bugzilla.redhat.com/show_bug.cgi?id=540842
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update php-pear-Mail' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12348
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 11 FEDORA-2009-12348 (php-pear-Mail)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"php-pear-Mail", rpm:"php-pear-Mail~1.1.14~5.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12370.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12370.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_12370.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,91 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12370 (awstats)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66428);
+ script_version ("$Revision$");
+ script_name("Fedora Core 12 FEDORA-2009-12370 (awstats)");
+
+ desc = "
+The remote host is missing an update to awstats
+announced via advisory FEDORA-2009-12370.
+
+Update Information:
+
+- Fix security in awredir.pl script by adding security key required by default.
+- Enhance security of parameter sanitizing function.
+
+ChangeLog:
+
+* Thu Nov 26 2009 Aurelien Bompard  -  6.95-1
+- version 6.95 (security fix)
+- drop patch0
+
+References:
+
+[ 1 ] Bug #540404 - Awstats: awredir.pl - require security key by default and enhance security of parameter sanitizing function
+https://bugzilla.redhat.com/show_bug.cgi?id=540404
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update awstats' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12370
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 12 FEDORA-2009-12370 (awstats)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"awstats", rpm:"awstats~6.95~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12395.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12395.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_12395.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,96 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12395 (php-pear-Mail)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66429);
+ script_cve_id("CVE-2009-4023", "CVE-2009-4111");
+ script_version ("$Revision$");
+ script_name("Fedora Core 12 FEDORA-2009-12395 (php-pear-Mail)");
+
+ desc = "
+The remote host is missing an update to php-pear-Mail
+announced via advisory FEDORA-2009-12395.
+
+Update Information:
+
+Fix CVE-2009-4023, CVE-2009-4111   PEAR's Mail class did not properly escape
+content of mail header fields, when using the sendmail backend. A remote
+attacker could send an email message, with specially-crafted headers to local
+user, leading to disclosure of content and potentially, to modification of
+arbitrary system file, once the email message was processed by the PEAR's Mail
+class.
+
+ChangeLog:
+
+* Fri Nov 27 2009 Remi Collet  1.1.14-5
+- Fix CVE-2009-4023 (#540842)
+- rename Mail.xml to php-pear-Mail.xml
+
+References:
+
+[ 1 ] Bug #540842 - CVE-2009-4023 php-pear-Mail: Absent sanitization of mail header fields
+https://bugzilla.redhat.com/show_bug.cgi?id=540842
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update php-pear-Mail' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12395
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 12 FEDORA-2009-12395 (php-pear-Mail)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"php-pear-Mail", rpm:"php-pear-Mail~1.1.14~5.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12439.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12439.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_12439.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,100 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12439 (php-pear-Mail)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66431);
+ script_cve_id("CVE-2009-4023", "CVE-2009-4111");
+ script_version ("$Revision$");
+ script_name("Fedora Core 10 FEDORA-2009-12439 (php-pear-Mail)");
+
+ desc = "
+The remote host is missing an update to php-pear-Mail
+announced via advisory FEDORA-2009-12439.
+
+Update Information:
+
+Fix CVE-2009-4023, CVE-2009-4111    PEAR's Mail class did not properly escape
+content of mail header fields, when using the sendmail backend. A remote
+attacker could send an email message, with specially-crafted headers to local
+user, leading to disclosure of content and potentially, to modification of
+arbitrary system file, once the email message was processed by the PEAR's Mail
+class.
+
+ChangeLog:
+
+* Fri Nov 27 2009 Remi Collet  1.1.14-5
+- Fix CVE-2009-4023 (#540842)
+- rename Mail.xml to php-pear-Mail.xml
+* Sun Jul 26 2009 Fedora Release Engineering  - 1.1.14-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+* Thu Feb 26 2009 Fedora Release Engineering  - 1.1.14-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+References:
+
+[ 1 ] Bug #540842 - CVE-2009-4023 php-pear-Mail: Absent sanitization of mail header fields
+https://bugzilla.redhat.com/show_bug.cgi?id=540842
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update php-pear-Mail' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12439
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 10 FEDORA-2009-12439 (php-pear-Mail)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"php-pear-Mail", rpm:"php-pear-Mail~1.1.14~5.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12444.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12444.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_12444.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,87 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12444 (awstats)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66432);
+ script_cve_id("CVE-2008-3714");
+ script_version ("$Revision$");
+ script_name("Fedora Core 10 FEDORA-2009-12444 (awstats)");
+
+ desc = "
+The remote host is missing an update to awstats
+announced via advisory FEDORA-2009-12444.
+
+Update Information:
+
+- Fix security in awredir.pl by adding a security key required by default.
+- Enhance security of parameter sanitizing function.
+
+ChangeLog:
+
+* Thu Nov 26 2009 Aurelien Bompard  -  6.95-1
+- version 6.95 (security fix)
+- drop patch0
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update awstats' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12444
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 10 FEDORA-2009-12444 (awstats)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"awstats", rpm:"awstats~6.95~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12457.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12457.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_12457.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,86 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12457 (awstats)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66433);
+ script_version ("$Revision$");
+ script_name("Fedora Core 11 FEDORA-2009-12457 (awstats)");
+
+ desc = "
+The remote host is missing an update to awstats
+announced via advisory FEDORA-2009-12457.
+
+Update Information:
+
+- Fix security in awredir.pl by adding a security key required by default.
+- Enhance security of parameter sanitizing function.
+
+ChangeLog:
+
+* Thu Nov 26 2009 Aurelien Bompard  -  6.95-1
+- version 6.95 (security fix)
+- drop patch0
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update awstats' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12457
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 11 FEDORA-2009-12457 (awstats)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"awstats", rpm:"awstats~6.95~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12481.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12481.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_12481.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,90 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12481 (roundcubemail)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66434);
+ script_cve_id("CVE-2009-4076", "CVE-2009-4077", "CVE-2009-0413");
+ script_version ("$Revision$");
+ script_name("Fedora Core 10 FEDORA-2009-12481 (roundcubemail)");
+
+ desc = "
+The remote host is missing an update to roundcubemail
+announced via advisory FEDORA-2009-12481.
+
+Update Information:
+
+Fixes for CVE-2009-4076 and CVE-2009-4077.
+
+ChangeLog:
+
+* Mon Nov 30 2009 Jon Ciesla  = 0.2.2-4
+- Fix for CVE-2009-4076 and CVE-2009-4077.
+
+References:
+
+[ 1 ] Bug #541558 - CVE-2009-4076 CVE-2009-4077 RoundCube Webmail: Multiple CSRF flaws
+https://bugzilla.redhat.com/show_bug.cgi?id=541558
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update roundcubemail' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12481
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 10 FEDORA-2009-12481 (roundcubemail)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"roundcubemail", rpm:"roundcubemail~0.2.2~4.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12652.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12652.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_12652.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,118 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12652 (cups)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66443);
+ script_cve_id("CVE-2009-3553", "CVE-2009-2820", "CVE-2008-5183", "CVE-2008-5286", "CVE-2008-1722");
+ script_version ("$Revision$");
+ script_name("Fedora Core 10 FEDORA-2009-12652 (cups)");
+
+ desc = "
+The remote host is missing an update to cups
+announced via advisory FEDORA-2009-12652.
+
+Update Information:
+
+This update include a fix for improper reference counting in abstract file
+descriptors handling interface (CVE-2009-3553), and for a memory leak in the
+LSPP support.
+
+ChangeLog:
+
+* Thu Dec  3 2009 Tim Waugh  - 1:1.3.11-4
+- Applied patch to fix CVE-2009-3553 (bug #530111, STR #3200).
+* Wed Nov 11 2009 Jiri Popelka  1:1.3.11-3
+- Fixed lspp-patch to avoid memory leak (bug #536741).
+* Tue Nov 10 2009 Tim Waugh  1:1.3.11-2
+- Added fix for CVE-2009-2820 (bug #529833).
+* Tue Nov  3 2009 Tim Waugh  1:1.3.11-1
+- 1.3.11.
+* Tue Nov  3 2009 Tim Waugh  1:1.3.10-7
+- Removed stale patch from STR #2831 which was causing problems with
+number-up (bug #532516).
+* Tue Oct 20 2009 Jiri Popelka  1:1.3.10-6
+- Fix cups-lpd to create unique temporary data files (bug #529838, STR #3382).
+
+References:
+
+[ 1 ] Bug #530111 - CVE-2009-3553 cups: Use-after-free (crash) due improper reference counting in abstract file descriptors handling interface
+https://bugzilla.redhat.com/show_bug.cgi?id=530111
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update cups' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12652
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 10 FEDORA-2009-12652 (cups)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"cups", rpm:"cups~1.3.11~4.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.3.11~4.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.3.11~4.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-lpd", rpm:"cups-lpd~1.3.11~4.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-php", rpm:"cups-php~1.3.11~4.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-debuginfo", rpm:"cups-debuginfo~1.3.11~4.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12663.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12663.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_12663.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,86 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12663 (dstat)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66444);
+ script_cve_id("CVE-2009-3894");
+ script_version ("$Revision$");
+ script_name("Fedora Core 11 FEDORA-2009-12663 (dstat)");
+
+ desc = "
+The remote host is missing an update to dstat
+announced via advisory FEDORA-2009-12663.
+
+ChangeLog:
+
+* Thu Dec  3 2009 Jan Zeleny  - 0.6.9-5
+- added patch fixing security issue CVE-2009-3894
+
+References:
+
+[ 1 ] Bug #538459 - CVE-2009-3894 dstat insecure module search path
+https://bugzilla.redhat.com/show_bug.cgi?id=538459
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update dstat' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12663
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 11 FEDORA-2009-12663 (dstat)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"dstat", rpm:"dstat~0.6.9~5.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12674.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12674.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_12674.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,91 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12674 (dstat)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66445);
+ script_cve_id("CVE-2009-3894");
+ script_version ("$Revision$");
+ script_name("Fedora Core 12 FEDORA-2009-12674 (dstat)");
+
+ desc = "
+The remote host is missing an update to dstat
+announced via advisory FEDORA-2009-12674.
+
+Update Information:
+
+This release fixes above mentioned security issue, adds several enhancements and
+fixes few other bugs. For complete information, please see changelog.
+
+ChangeLog:
+
+* Thu Dec  3 2009 Jan Zeleny  - 0.7.0-1
+- rebased to 0.7.0
+
+References:
+
+[ 1 ] Bug #538459 - CVE-2009-3894 dstat insecure module search path
+https://bugzilla.redhat.com/show_bug.cgi?id=538459
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update dstat' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12674
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 12 FEDORA-2009-12674 (dstat)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"dstat", rpm:"dstat~0.7.0~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12690.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12690.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_12690.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,101 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12690 (expat)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66446);
+ script_cve_id("CVE-2009-3560", "CVE-2009-3720");
+ script_version ("$Revision$");
+ script_name("Fedora Core 10 FEDORA-2009-12690 (expat)");
+
+ desc = "
+The remote host is missing an update to expat
+announced via advisory FEDORA-2009-12690.
+
+Update Information:
+
+A buffer over-read flaw was found in the way Expat handles malformed UTF-8
+sequences when processing XML files. A specially-crafted XML file could cause
+applications using Expat to crash while parsing the file. (CVE-2009-3560)
+
+ChangeLog:
+
+* Tue Dec  1 2009 Joe Orton  - 2.0.1-8
+- add security fix for CVE-2009-3560 (#533174)
+- run the test suite
+* Fri Oct 30 2009 Joe Orton  - 2.0.1-5.1
+- add security fix for CVE-2009-3720
+
+References:
+
+[ 1 ] Bug #533174 - CVE-2009-3560 expat: buffer over-read and crash in big2_toUtf8() on XML with malformed UTF-8 sequences
+https://bugzilla.redhat.com/show_bug.cgi?id=533174
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update expat' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12690
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 10 FEDORA-2009-12690 (expat)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"expat", rpm:"expat~2.0.1~8.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"expat-devel", rpm:"expat-devel~2.0.1~8.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"expat-debuginfo", rpm:"expat-debuginfo~2.0.1~8.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12716.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12716.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_12716.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,101 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12716 (expat)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66447);
+ script_cve_id("CVE-2009-3560", "CVE-2009-3720");
+ script_version ("$Revision$");
+ script_name("Fedora Core 11 FEDORA-2009-12716 (expat)");
+
+ desc = "
+The remote host is missing an update to expat
+announced via advisory FEDORA-2009-12716.
+
+Update Information:
+
+A buffer over-read flaw was found in the way Expat handles malformed UTF-8
+sequences when processing XML files. A specially-crafted XML file could cause
+applications using Expat to crash while parsing the file. (CVE-2009-3560)
+
+ChangeLog:
+
+* Tue Dec  1 2009 Joe Orton  - 2.0.1-8
+- add security fix for CVE-2009-3560 (#533174)
+- run the test suite
+* Fri Oct 30 2009 Joe Orton  - 2.0.1-6.1
+- add security fix for CVE-2009-3720
+
+References:
+
+[ 1 ] Bug #533174 - CVE-2009-3560 expat: buffer over-read and crash in big2_toUtf8() on XML with malformed UTF-8 sequences
+https://bugzilla.redhat.com/show_bug.cgi?id=533174
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update expat' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12716
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 11 FEDORA-2009-12716 (expat)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"expat", rpm:"expat~2.0.1~8.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"expat-devel", rpm:"expat-devel~2.0.1~8.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"expat-debuginfo", rpm:"expat-debuginfo~2.0.1~8.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12737.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12737.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_12737.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,103 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12737 (expat)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66448);
+ script_cve_id("CVE-2009-3560", "CVE-2009-3720");
+ script_version ("$Revision$");
+ script_name("Fedora Core 12 FEDORA-2009-12737 (expat)");
+
+ desc = "
+The remote host is missing an update to expat
+announced via advisory FEDORA-2009-12737.
+
+Update Information:
+
+Two buffer over-read flaws were found in the way Expat handled malformed UTF-8
+sequences when processing XML files.  A specially-crafted XML file could cause
+applications using Expat to crash while parsing the file. (CVE-2009-3560,
+CVE-2009-3720)
+
+ChangeLog:
+
+* Tue Dec  1 2009 Joe Orton  - 2.0.1-8
+- add security fix for CVE-2009-3560 (#533174)
+- add security fix for CVE-2009-3720 (#531697)
+- run the test suite
+
+References:
+
+[ 1 ] Bug #533174 - CVE-2009-3560 expat: buffer over-read and crash in big2_toUtf8() on XML with malformed UTF-8 sequences
+https://bugzilla.redhat.com/show_bug.cgi?id=533174
+[ 2 ] Bug #531697 - CVE-2009-3720 expat: buffer over-read and crash on XML with malformed UTF-8 sequences
+https://bugzilla.redhat.com/show_bug.cgi?id=531697
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update expat' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12737
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 12 FEDORA-2009-12737 (expat)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"expat", rpm:"expat~2.0.1~8.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"expat-devel", rpm:"expat-devel~2.0.1~8.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"expat-debuginfo", rpm:"expat-debuginfo~2.0.1~8.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12750.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12750.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_12750.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,92 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12750 (nginx)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66449);
+ script_cve_id("CVE-2009-3555", "CVE-2009-3896", "CVE-2009-2629");
+ script_version ("$Revision$");
+ script_name("Fedora Core 12 FEDORA-2009-12750 (nginx)");
+
+ desc = "
+The remote host is missing an update to nginx
+announced via advisory FEDORA-2009-12750.
+
+ChangeLog:
+
+* Fri Dec  4 2009 Jeremy Hinegardner  - 0.7.64-1
+- Update to new stable 0.7.64
+* Thu Oct 29 2009 Jeremy Hinegardner  - 0.7.63-1
+- Update to new stable 0.7.63
+- reinstate zlib dependency
+
+References:
+
+[ 1 ] Bug #539573 - CVE-2009-3555 CVE-2009-3896 CVE-2009-2629 Multiple nginx vulnerabilities [Fedora all]
+https://bugzilla.redhat.com/show_bug.cgi?id=539573
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update nginx' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12750
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 12 FEDORA-2009-12750 (nginx)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"nginx", rpm:"nginx~0.7.64~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"nginx-debuginfo", rpm:"nginx-debuginfo~0.7.64~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12775.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12775.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_12775.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,91 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12775 (nginx)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66450);
+ script_cve_id("CVE-2009-2629", "CVE-2009-3555", "CVE-2009-3896");
+ script_version ("$Revision$");
+ script_name("Fedora Core 10 FEDORA-2009-12775 (nginx)");
+
+ desc = "
+The remote host is missing an update to nginx
+announced via advisory FEDORA-2009-12775.
+
+ChangeLog:
+
+* Fri Dec  4 2009 Jeremy Hinegardner  - 0.7.64-1
+- update to 0.7.64
+* Thu Oct 29 2009 Jeremy Hinegardner  - 0.7.63-1
+- update to 0.7.63
+
+References:
+
+[ 1 ] Bug #539573 - CVE-2009-3555 CVE-2009-3896 CVE-2009-2629 Multiple nginx vulnerabilities [Fedora all]
+https://bugzilla.redhat.com/show_bug.cgi?id=539573
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update nginx' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12775
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 10 FEDORA-2009-12775 (nginx)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"nginx", rpm:"nginx~0.7.64~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"nginx-debuginfo", rpm:"nginx-debuginfo~0.7.64~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12782.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12782.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_12782.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,91 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12782 (nginx)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66451);
+ script_cve_id("CVE-2009-2629", "CVE-2009-3555", "CVE-2009-3896");
+ script_version ("$Revision$");
+ script_name("Fedora Core 11 FEDORA-2009-12782 (nginx)");
+
+ desc = "
+The remote host is missing an update to nginx
+announced via advisory FEDORA-2009-12782.
+
+ChangeLog:
+
+* Fri Dec  4 2009 Jeremy Hinegardner  - 0.7.64-1
+- update to 0.7.64
+* Thu Oct 29 2009 Jeremy Hinegardner  - 0.7.63-1
+- update to 0.7.63
+
+References:
+
+[ 1 ] Bug #539573 - CVE-2009-3555 CVE-2009-3896 CVE-2009-2629 Multiple nginx vulnerabilities [Fedora all]
+https://bugzilla.redhat.com/show_bug.cgi?id=539573
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update nginx' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12782
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 11 FEDORA-2009-12782 (nginx)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"nginx", rpm:"nginx~0.7.64~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"nginx-debuginfo", rpm:"nginx-debuginfo~0.7.64~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12786.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12786.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_12786.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,153 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12786 (kernel)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66452);
+ script_cve_id("CVE-2009-1298", "CVE-2009-3547", "CVE-2009-3638", "CVE-2009-3624", "CVE-2009-3621", "CVE-2009-3620", "CVE-2009-3612", "CVE-2009-2909", "CVE-2009-2908", "CVE-2009-2903", "CVE-2009-3290", "CVE-2009-2847");
+ script_version ("$Revision$");
+ script_name("Fedora Core 11 FEDORA-2009-12786 (kernel)");
+
+ desc = "
+The remote host is missing an update to the Linux kernel
+announced via advisory FEDORA-2009-12786.
+
+For details on the issues addressed with this update, please
+visit the referenced security advisories.
+
+References:
+
+[ 1 ] Bug #544144 - CVE-2009-1298 kernel: ip_frag_reasm() NULL pointer dereference
+https://bugzilla.redhat.com/show_bug.cgi?id=544144
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update kernel' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12786
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 11 FEDORA-2009-12786 (kernel)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.30.9~102.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~i586~2.6.30.9", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.30.9~102.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.30.9~102.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.6.30.9~102.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAE", rpm:"kernel-PAE~2.6.30.9~102.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAE-devel", rpm:"kernel-PAE-devel~2.6.30.9~102.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAEdebug", rpm:"kernel-PAEdebug~2.6.30.9~102.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAEdebug-devel", rpm:"kernel-PAEdebug-devel~2.6.30.9~102.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~i686~2.6.30.9", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAE-debuginfo", rpm:"kernel-PAE-debuginfo~2.6.30.9~102.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAEdebug-debuginfo", rpm:"kernel-PAEdebug-debuginfo~2.6.30.9~102.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.30.9~102.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-firmware", rpm:"kernel-firmware~2.6.30.9~102.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-bootwrapper", rpm:"kernel-bootwrapper~2.6.30.9~102.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~ppc~2.6.30.9", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.6.30.9~102.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-smp-devel", rpm:"kernel-smp-devel~2.6.30.9~102.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-smp-debuginfo", rpm:"kernel-smp-debuginfo~2.6.30.9~102.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~ppc64~2.6.30.9", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.30.9~102.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.30.9~102.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~x86_64~2.6.30.9", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.30.9~102.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12825.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12825.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_12825.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,153 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12825 (kernel)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66453);
+ script_cve_id("CVE-2009-1298");
+ script_version ("$Revision$");
+ script_name("Fedora Core 12 FEDORA-2009-12825 (kernel)");
+
+ desc = "
+The remote host is missing an update to the linux kernel
+announced via advisory FEDORA-2009-12825.
+
+For details on the issues addressed with this update, please
+visit the referenced security advisories.
+
+References:
+
+[ 1 ] Bug #544144 - CVE-2009-1298 kernel: ip_frag_reasm() NULL pointer dereference
+https://bugzilla.redhat.com/show_bug.cgi?id=544144
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update kernel' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12825
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 12 FEDORA-2009-12825 (kernel)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.31.6~162.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAE", rpm:"kernel-PAE~2.6.31.6~162.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAE-devel", rpm:"kernel-PAE-devel~2.6.31.6~162.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAEdebug", rpm:"kernel-PAEdebug~2.6.31.6~162.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAEdebug-devel", rpm:"kernel-PAEdebug-devel~2.6.31.6~162.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.31.6~162.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.31.6~162.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~i686~2.6.31.6", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.31.6~162.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.31.6~162.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAE-debuginfo", rpm:"kernel-PAE-debuginfo~2.6.31.6~162.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAEdebug-debuginfo", rpm:"kernel-PAEdebug-debuginfo~2.6.31.6~162.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.31.6~162.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.6.31.6~162.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.31.6~162.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-firmware", rpm:"kernel-firmware~2.6.31.6~162.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"perf", rpm:"perf~2.6.31.6~162.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-bootwrapper", rpm:"kernel-bootwrapper~2.6.31.6~162.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~ppc~2.6.31.6", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.6.31.6~162.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-smp-devel", rpm:"kernel-smp-devel~2.6.31.6~162.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-smp-debuginfo", rpm:"kernel-smp-debuginfo~2.6.31.6~162.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~ppc64~2.6.31.6", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~x86_64~2.6.31.6", rls:"FC12")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_7998.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_7998.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/fcore_2009_7998.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,107 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-7998 (wireshark)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66442);
+ script_cve_id("CVE-2009-1210", "CVE-2009-1268", "CVE-2009-1269", "CVE-2009-2559", "CVE-2009-2560", "CVE-2009-2561", "CVE-2009-2562", "CVE-2009-2563");
+ script_version ("$Revision$");
+ script_name("Fedora Core 10 FEDORA-2009-7998 (wireshark)");
+
+ desc = "
+The remote host is missing an update to wireshark
+announced via advisory FEDORA-2009-7998.
+
+Update Information:
+
+Rebased to 1.2.x, fixing several security flaws, see the security advisory for
+details: http://www.wireshark.org/security/wnpa-sec-2009-04.html
+
+ChangeLog:
+
+* Wed Jul 22 2009 Radek Vokal  1.2.1-1
+- upgrade to 1.2.1
+- fixes several security flaws
+- http://www.wireshark.org/docs/relnotes/wireshark-1.2.1.html
+
+References:
+
+[ 1 ] Bug #512953 - CVE-2009-2559 Wireshark-1.2.0: DoS (crash) due array index error in IPMI dissector
+https://bugzilla.redhat.com/show_bug.cgi?id=512953
+[ 2 ] Bug #513008 - CVE-2009-2560 Wireshark: Null-ptr dereference in the RADIUS dissector
+https://bugzilla.redhat.com/show_bug.cgi?id=513008
+[ 3 ] Bug #513033 - CVE-2009-2561 Wireshark: Dos (excessive CPU and memory use) via large amount of tree items in the sFlow dissector
+https://bugzilla.redhat.com/show_bug.cgi?id=513033
+[ 4 ] Bug #512987 - CVE-2009-2562 Wireshark: Integer overflow in the AFS dissector
+https://bugzilla.redhat.com/show_bug.cgi?id=512987
+[ 5 ] Bug #512992 - CVE-2009-2563 Wireshark: Null-ptr dereference in the InfiniBand dissector
+https://bugzilla.redhat.com/show_bug.cgi?id=512992
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update wireshark' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-7998
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 10 FEDORA-2009-7998 (wireshark)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"wireshark", rpm:"wireshark~1.2.1~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"wireshark-gnome", rpm:"wireshark-gnome~1.2.1~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"wireshark-debuginfo", rpm:"wireshark-debuginfo~1.2.1~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_expat2.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_expat2.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/freebsd_expat2.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,77 @@
+#
+#VID 5f030587-e39a-11de-881e-001aa0166822
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID 5f030587-e39a-11de-881e-001aa0166822
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66465);
+ script_cve_id("CVE-2009-3720");
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: expat2");
+
+ desc = "
+The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: expat2
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: expat2");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"expat2");
+if(!isnull(bver) && revcomp(a:bver, b:"2.0.1_1")<0) {
+    security_note(0, data:"Package expat2 version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_expat20.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_expat20.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/freebsd_expat20.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,77 @@
+#
+#VID e9fca207-e399-11de-881e-001aa0166822
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID e9fca207-e399-11de-881e-001aa0166822
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66466);
+ script_cve_id("CVE-2009-3560");
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: expat2");
+
+ desc = "
+The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: expat2
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: expat2");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"expat2");
+if(!isnull(bver) && revcomp(a:bver, b:"2.0.1_1")<0) {
+    security_note(0, data:"Package expat2 version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_opera19.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_opera19.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/freebsd_opera19.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,86 @@
+#
+#VID 6431c4db-deb4-11de-9078-0030843d3802
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID 6431c4db-deb4-11de-9078-0030843d3802
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66467);
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: opera");
+
+ desc = "
+The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following packages are affected:
+   opera
+   linux-opera
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://www.opera.com/support/kb/view/942/
+http://www.opera.com/support/kb/view/941/
+http://www.vuxml.org/freebsd/6431c4db-deb4-11de-9078-0030843d3802.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: opera");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"opera");
+if(!isnull(bver) && revcomp(a:bver, b:"10.10.20091120")<0) {
+    security_note(0, data:"Package opera version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"linux-opera");
+if(!isnull(bver) && revcomp(a:bver, b:"10.10")<0) {
+    security_note(0, data:"Package linux-opera version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsdsa_freebsd.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsdsa_freebsd.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/freebsdsa_freebsd.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,99 @@
+#
+#ADV FreeBSD-SA-09:17.freebsd.asc
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from ADV FreeBSD-SA-09:17.freebsd.asc
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66355);
+ script_version ("$Revision$");
+ script_name("FreeBSD Security Advisory (FreeBSD-SA-09:17.freebsd.asc)");
+
+ desc = "
+The remote host is missing an update to the system
+as announced in the referenced advisory FreeBSD-SA-09:17.freebsd.asc
+
+The freebsd-update(8) utility is used to fetch, install, and rollback
+updates to the FreeBSD base system, and also to upgrade from one FreeBSD
+release to another.
+
+When downloading updates to FreeBSD via 'freebsd-update fetch' or
+'freebsd-update upgrade', the freebsd-update(8) utility copies currently
+installed files into its working directory (/var/db/freebsd-update by
+default) both for the purpose of merging changes to configuration files
+and in order to be able to roll back installed updates.
+
+The default working directory used by freebsd-update(8) is normally
+created during the installation of FreeBSD with permissions which allow
+all local users to see its contents, and freebsd-update(8) does not take
+any steps to restrict access to files stored in said directory.
+
+Solution:
+Upgrade your system to the appropriate stable release
+or security branch dated after the correction date
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-09:17.freebsd.asc
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Security Advisory (FreeBSD-SA-09:17.freebsd.asc)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdpatchlevel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+if(patchlevelcmp(rel:"8.0", patchlevel:"1")<0) {
+    vuln = 1;
+}
+if(patchlevelcmp(rel:"7.2", patchlevel:"5")<0) {
+    vuln = 1;
+}
+if(patchlevelcmp(rel:"7.1", patchlevel:"9")<0) {
+    vuln = 1;
+}
+if(patchlevelcmp(rel:"6.4", patchlevel:"8")<0) {
+    vuln = 1;
+}
+if(patchlevelcmp(rel:"6.3", patchlevel:"14")<0) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsdsa_rtld.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsdsa_rtld.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/freebsdsa_rtld.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,88 @@
+#
+#ADV FreeBSD-SA-09:16.rtld.asc
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from ADV FreeBSD-SA-09:16.rtld.asc
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66354);
+ script_cve_id("CVE-2009-4146");
+ script_version ("$Revision$");
+ script_name("FreeBSD Security Advisory (FreeBSD-SA-09:16.rtld.asc)");
+
+ desc = "
+The remote host is missing an update to the system
+as announced in the referenced advisory FreeBSD-SA-09:16.rtld.asc
+
+The run-time link-editor, rtld, links dynamic executable with their
+needed libraries at run-time.  It also allows users to explicitly
+load libraries via various LD_ environmental variables.
+
+When running setuid programs rtld will normally remove potentially
+dangerous environment variables.  Due to recent changes in FreeBSD
+environment variable handling code, a corrupt environment may
+result in attempts to unset environment variables failing.
+
+Solution:
+Upgrade your system to the appropriate stable release
+or security branch dated after the correction date
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-09:16.rtld.asc
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Security Advisory (FreeBSD-SA-09:16.rtld.asc)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdpatchlevel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+if(patchlevelcmp(rel:"8.0", patchlevel:"1")<0) {
+    vuln = 1;
+}
+if(patchlevelcmp(rel:"7.2", patchlevel:"5")<0) {
+    vuln = 1;
+}
+if(patchlevelcmp(rel:"7.1", patchlevel:"9")<0) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsdsa_ssl.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsdsa_ssl.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/freebsdsa_ssl.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,96 @@
+#
+#ADV FreeBSD-SA-09:15.ssl.asc
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from ADV FreeBSD-SA-09:15.ssl.asc
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66353);
+ script_cve_id("CVE-2009-3555");
+ script_version ("$Revision$");
+ script_name("FreeBSD Security Advisory (FreeBSD-SA-09:15.ssl.asc)");
+
+ desc = "
+The remote host is missing an update to the system
+as announced in the referenced advisory FreeBSD-SA-09:15.ssl.asc
+
+The SSL (Secure Sockets Layer) and TLS (Transport Layer Security) protocols
+provide a secure communications layer over which other protocols can be
+utilized.  The most widespread use of SSL/TLS is to add security to the
+HTTP protocol, thus producing HTTPS.
+
+FreeBSD includes software from the OpenSSL Project which implements SSL
+and TLS.
+
+The SSL version 3 and TLS protocols support session renegotiation without
+cryptographically tying the new session parameters to the old parameters.
+
+Solution:
+Upgrade your system to the appropriate stable release
+or security branch dated after the correction date
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-09:15.ssl.asc
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Security Advisory (FreeBSD-SA-09:15.ssl.asc)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdpatchlevel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+if(patchlevelcmp(rel:"8.0", patchlevel:"1")<0) {
+    vuln = 1;
+}
+if(patchlevelcmp(rel:"7.2", patchlevel:"5")<0) {
+    vuln = 1;
+}
+if(patchlevelcmp(rel:"7.1", patchlevel:"9")<0) {
+    vuln = 1;
+}
+if(patchlevelcmp(rel:"6.4", patchlevel:"8")<0) {
+    vuln = 1;
+}
+if(patchlevelcmp(rel:"6.3", patchlevel:"14")<0) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2008_233_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2008_233_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2008_233_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,100 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2008:233-1 (libcdaudio)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66417);
+ script_cve_id("CVE-2008-5030", "CVE-2005-0706");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2008:233-1 (libcdaudio)");
+
+ desc = "
+The remote host is missing an update to libcdaudio
+announced via advisory MDVSA-2008:233-1.
+
+A heap overflow was found in the CDDB retrieval code of libcdaudio,
+which could result in the execution of arbitrary code (CVE-2008-5030).
+
+In addition, the fixes for CVE-2005-0706 were not applied to newer
+libcdaudio packages as shipped with Mandriva Linux, so the patch to fix
+that issue has been applied to 2008.1 and 2009.0 (this was originally
+fixed in MDKSA-2005:075).  This issue is a buffer overflow flaw found
+by Joseph VanAndel.  Corporate 3.0 has this fix already applied.
+
+The updated packages have been patched to prevent these issues.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2008:233-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2008:233-1 (libcdaudio)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libcdaudio1", rpm:"libcdaudio1~0.99.12~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libcdaudio1-devel", rpm:"libcdaudio1-devel~0.99.12~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64cdaudio1", rpm:"lib64cdaudio1~0.99.12~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64cdaudio1-devel", rpm:"lib64cdaudio1-devel~0.99.12~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_103_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_103_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_103_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,111 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:103-1 (udev)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66367);
+ script_cve_id("CVE-2009-1185", "CVE-2009-1186");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:103-1 (udev)");
+
+ desc = "
+The remote host is missing an update to udev
+announced via advisory MDVSA-2009:103-1.
+
+Security vulnerabilities have been identified and fixed in udev.
+
+udev before 1.4.1 does not verify whether a NETLINK message originates
+from kernel space, which allows local users to gain privileges by
+sending a NETLINK message from user space (CVE-2009-1185).
+
+Buffer overflow in the util_path_encode function in
+udev/lib/libudev-util.c in udev before 1.4.1 allows local users to
+cause a denial of service (service outage) via vectors that trigger
+a call with crafted arguments (CVE-2009-1186).
+
+The updated packages have been patched to prevent this.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:103-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:103-1 (udev)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libvolume_id0", rpm:"libvolume_id0~114~7.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libvolume_id0-devel", rpm:"libvolume_id0-devel~114~7.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"udev", rpm:"udev~114~7.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"udev-doc", rpm:"udev-doc~114~7.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"udev-tools", rpm:"udev-tools~114~7.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64volume_id0", rpm:"lib64volume_id0~114~7.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64volume_id0-devel", rpm:"lib64volume_id0-devel~114~7.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_106_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_106_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_106_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,99 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:106-1 (libwmf)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66365);
+ script_cve_id("CVE-2009-1364");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:106-1 (libwmf)");
+
+ desc = "
+The remote host is missing an update to libwmf
+announced via advisory MDVSA-2009:106-1.
+
+Use-after-free vulnerability in the embedded GD library in libwmf
+0.2.8.4 allows context-dependent attackers to cause a denial of service
+(application crash) or possibly execute arbitrary code via a crafted
+WMF file (CVE-2009-1364).
+
+The updated packages have been patched to prevent this.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:106-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:106-1 (libwmf)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libwmf0.2_7", rpm:"libwmf0.2_7~0.2.8.4~14.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libwmf0.2_7-devel", rpm:"libwmf0.2_7-devel~0.2.8.4~14.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libwmf", rpm:"libwmf~0.2.8.4~14.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64wmf0.2_7", rpm:"lib64wmf0.2_7~0.2.8.4~14.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64wmf0.2_7-devel", rpm:"lib64wmf0.2_7-devel~0.2.8.4~14.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_107_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_107_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_107_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,87 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:107-1 (acpid)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66363);
+ script_cve_id("CVE-2009-0798");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:107-1 (acpid)");
+
+ desc = "
+The remote host is missing an update to acpid
+announced via advisory MDVSA-2009:107-1.
+
+The daemon in acpid before 1.0.10 allows remote attackers to cause a
+denial of service (CPU consumption and connectivity loss) by opening
+a large number of UNIX sockets without closing them, which triggers
+an infinite loop (CVE-2009-0798).
+
+The updated packages have been patched to prevent this.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:107-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:107-1 (acpid)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"acpid", rpm:"acpid~1.0.6~1.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_108_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_108_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_108_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,89 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:108-1 (zsh)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66366);
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:108-1 (zsh)");
+
+ desc = "
+The remote host is missing an update to zsh
+announced via advisory MDVSA-2009:108-1.
+
+A stack-based buffer overflow was found in the zsh command
+interpreter. An attacker could use this flaw to cause a denial of
+service (zsh crash), when providing a specially-crafted string as
+input to the zsh shell.
+
+The updated packages have been patched to prevent this.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:108-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:108-1 (zsh)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"zsh", rpm:"zsh~4.3.4~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"zsh-doc", rpm:"zsh-doc~4.3.4~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_112_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_112_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_112_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,110 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:112-1 (ipsec-tools)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66364);
+ script_cve_id("CVE-2009-1574");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:112-1 (ipsec-tools)");
+
+ desc = "
+The remote host is missing an update to ipsec-tools
+announced via advisory MDVSA-2009:112-1.
+
+racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote
+attackers to cause a denial of service (crash) via crafted fragmented
+packets without a payload, which triggers a NULL pointer dereference
+(CVE-2009-1574).
+
+Updated packages are available that brings ipsec-tools to version
+0.7.2 for Mandriva Linux 2008.1/2009.0/2009.1 which provides numerous
+bugfixes over the previous 0.7.1 version, and also corrects this
+issue. ipsec-tools for Mandriva Linux Corporate Server 4 has been
+patched to address this issue.
+
+Additionally the flex package required for building ipsec-tools has
+been fixed due to ipsec-tools build problems and is also available
+with this update.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:112-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:112-1 (ipsec-tools)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"flex", rpm:"flex~2.5.33~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ipsec-tools", rpm:"ipsec-tools~0.7.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libipsec0", rpm:"libipsec0~0.7.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libipsec-devel", rpm:"libipsec-devel~0.7.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64ipsec0", rpm:"lib64ipsec0~0.7.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64ipsec-devel", rpm:"lib64ipsec-devel~0.7.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_113_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_113_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_113_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,165 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:113-1 (cyrus-sasl)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66369);
+ script_cve_id("CVE-2009-0688");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:113-1 (cyrus-sasl)");
+
+ desc = "
+The remote host is missing an update to cyrus-sasl
+announced via advisory MDVSA-2009:113-1.
+
+Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23
+might allow remote attackers to execute arbitrary code or cause a
+denial of service application crash) via strings that are used as
+input to the sasl_encode64 function in lib/saslutil.c (CVE-2009-0688).
+
+The updated packages have been patched to prevent this.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:113-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:113-1 (cyrus-sasl)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"cyrus-sasl", rpm:"cyrus-sasl~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsasl2", rpm:"libsasl2~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsasl2-devel", rpm:"libsasl2-devel~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsasl2-plug-anonymous", rpm:"libsasl2-plug-anonymous~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsasl2-plug-crammd5", rpm:"libsasl2-plug-crammd5~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsasl2-plug-digestmd5", rpm:"libsasl2-plug-digestmd5~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsasl2-plug-gssapi", rpm:"libsasl2-plug-gssapi~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsasl2-plug-ldapdb", rpm:"libsasl2-plug-ldapdb~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsasl2-plug-login", rpm:"libsasl2-plug-login~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsasl2-plug-ntlm", rpm:"libsasl2-plug-ntlm~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsasl2-plug-otp", rpm:"libsasl2-plug-otp~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsasl2-plug-plain", rpm:"libsasl2-plug-plain~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsasl2-plug-sasldb", rpm:"libsasl2-plug-sasldb~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsasl2-plug-sql", rpm:"libsasl2-plug-sql~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64sasl2", rpm:"lib64sasl2~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64sasl2-devel", rpm:"lib64sasl2-devel~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64sasl2-plug-anonymous", rpm:"lib64sasl2-plug-anonymous~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64sasl2-plug-crammd5", rpm:"lib64sasl2-plug-crammd5~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64sasl2-plug-digestmd5", rpm:"lib64sasl2-plug-digestmd5~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64sasl2-plug-gssapi", rpm:"lib64sasl2-plug-gssapi~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64sasl2-plug-ldapdb", rpm:"lib64sasl2-plug-ldapdb~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64sasl2-plug-login", rpm:"lib64sasl2-plug-login~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64sasl2-plug-ntlm", rpm:"lib64sasl2-plug-ntlm~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64sasl2-plug-otp", rpm:"lib64sasl2-plug-otp~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64sasl2-plug-plain", rpm:"lib64sasl2-plug-plain~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64sasl2-plug-sasldb", rpm:"lib64sasl2-plug-sasldb~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64sasl2-plug-sql", rpm:"lib64sasl2-plug-sql~2.1.22~23.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_121_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_121_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_121_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,116 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:121-1 (lcms)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66360);
+ script_cve_id("CVE-2009-0581", "CVE-2009-0723", "CVE-2009-0733", "CVE-2009-0793");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:121-1 (lcms)");
+
+ desc = "
+The remote host is missing an update to lcms
+announced via advisory MDVSA-2009:121-1.
+
+Multiple security vulnerabilities has been identified and fixed in
+Little cms:
+
+A memory leak flaw allows remote attackers to cause a denial of service
+(memory consumption and application crash) via a crafted image file
+(CVE-2009-0581).
+
+Multiple integer overflows allow remote attackers to execute arbitrary
+code via a crafted image file that triggers a heap-based buffer
+overflow (CVE-2009-0723).
+
+Multiple stack-based buffer overflows allow remote attackers to
+execute arbitrary code via a crafted image file associated with a large
+integer value for the (1) input or (2) output channel (CVE-2009-0733).
+
+A flaw in the transformations of monochrome profiles allows remote
+attackers to cause denial of service triggered by a NULL pointer
+dereference via a crafted image file (CVE-2009-0793).
+
+This update provides fixes for these issues.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:121-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:121-1 (lcms)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"lcms", rpm:"lcms~1.18~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"liblcms1", rpm:"liblcms1~1.18~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"liblcms-devel", rpm:"liblcms-devel~1.18~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"python-lcms", rpm:"python-lcms~1.18~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64lcms1", rpm:"lib64lcms1~1.18~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64lcms-devel", rpm:"lib64lcms-devel~1.18~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_128_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_128_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_128_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,105 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:128-1 (libmodplug)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66397);
+ script_cve_id("CVE-2009-1438", "CVE-2009-1513");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:128-1 (libmodplug)");
+
+ desc = "
+The remote host is missing an update to libmodplug
+announced via advisory MDVSA-2009:128-1.
+
+Multiple security vulnerabilities has been identified and fixed
+in libmodplug:
+
+Integer overflow in the CSoundFile::ReadMed function (src/load_med.cpp)
+in libmodplug before 0.8.6, as used in gstreamer-plugins and other
+products, allows context-dependent attackers to execute arbitrary
+code via a MED file with a crafted (1) song comment or (2) song name,
+which triggers a heap-based buffer overflow (CVE-2009-1438).
+
+Buffer overflow in the PATinst function in src/load_pat.cpp in
+libmodplug before 0.8.7 allows user-assisted remote attackers to
+cause a denial of service and possibly execute arbitrary code via a
+long instrument name (CVE-2009-1513).
+
+The updated packages have been patched to prevent this.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:128-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:128-1 (libmodplug)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libmodplug0", rpm:"libmodplug0~0.8.4~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libmodplug0-devel", rpm:"libmodplug0-devel~0.8.4~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64modplug0", rpm:"lib64modplug0~0.8.4~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64modplug0-devel", rpm:"lib64modplug0-devel~0.8.4~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_130_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_130_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_130_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,112 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:130-1 (gstreamer0.10-plugins-good)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66393);
+ script_cve_id("CVE-2009-1932");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:130-1 (gstreamer0.10-plugins-good)");
+
+ desc = "
+The remote host is missing an update to gstreamer0.10-plugins-good
+announced via advisory MDVSA-2009:130-1.
+
+Multiple integer overflows in the (1) user_info_callback,
+(2) user_endrow_callback, and (3) gst_pngdec_task functions
+(ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka
+gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote
+attackers to cause a denial of service and possibly execute arbitrary
+code via a crafted PNG file, which triggers a buffer overflow
+(CVE-2009-1932).
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:130-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:130-1 (gstreamer0.10-plugins-good)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"gstreamer0.10-aalib", rpm:"gstreamer0.10-aalib~0.10.6~3.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"gstreamer0.10-caca", rpm:"gstreamer0.10-caca~0.10.6~3.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"gstreamer0.10-dv", rpm:"gstreamer0.10-dv~0.10.6~3.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"gstreamer0.10-esound", rpm:"gstreamer0.10-esound~0.10.6~3.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"gstreamer0.10-flac", rpm:"gstreamer0.10-flac~0.10.6~3.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"gstreamer0.10-plugins-good", rpm:"gstreamer0.10-plugins-good~0.10.6~3.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"gstreamer0.10-raw1394", rpm:"gstreamer0.10-raw1394~0.10.6~3.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"gstreamer0.10-speex", rpm:"gstreamer0.10-speex~0.10.6~3.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"gstreamer0.10-wavpack", rpm:"gstreamer0.10-wavpack~0.10.6~3.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_132_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_132_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_132_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,114 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:132-1 (libsndfile)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66372);
+ script_cve_id("CVE-2009-1788", "CVE-2009-1791");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:132-1 (libsndfile)");
+
+ desc = "
+The remote host is missing an update to libsndfile
+announced via advisory MDVSA-2009:132-1.
+
+Multiple vulnerabilities has been found and corrected in libsndfile:
+
+Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15
+through 1.0.19, as used in Winamp 5.552 and possibly other media
+programs, allows remote attackers to cause a denial of service
+(application crash) and possibly execute arbitrary code via a VOC
+file with an invalid header value (CVE-2009-1788).
+
+Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15
+through 1.0.19, as used in Winamp 5.552 and possibly other media
+programs, allows remote attackers to cause a denial of service
+(application crash) and possibly execute arbitrary code via an AIFF
+file with an invalid header value (CVE-2009-1791).
+
+This update provides fixes for these vulnerabilities.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:132-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:132-1 (libsndfile)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libsndfile1", rpm:"libsndfile1~1.0.18~0.pre20.0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsndfile-devel", rpm:"libsndfile-devel~1.0.18~0.pre20.0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsndfile-progs", rpm:"libsndfile-progs~1.0.18~0.pre20.0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsndfile-static-devel", rpm:"libsndfile-static-devel~1.0.18~0.pre20.0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64sndfile1", rpm:"lib64sndfile1~1.0.18~0.pre20.0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64sndfile-devel", rpm:"lib64sndfile-devel~1.0.18~0.pre20.0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64sndfile-static-devel", rpm:"lib64sndfile-static-devel~1.0.18~0.pre20.0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_142_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_142_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_142_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,124 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:142-1 (jasper)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66379);
+ script_cve_id("CVE-2007-2721", "CVE-2008-3520", "CVE-2008-3521", "CVE-2008-3522");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:142-1 (jasper)");
+
+ desc = "
+The remote host is missing an update to jasper
+announced via advisory MDVSA-2009:142-1.
+
+Multiple security vulnerabilities has been identified and fixed
+in jasper:
+
+The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer
+JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted
+attackers to cause a denial of service (crash) and possibly corrupt
+the heap via malformed image files, as originally demonstrated using
+imagemagick convert (CVE-2007-2721).
+
+Multiple integer overflows in JasPer 1.900.1 might allow
+context-dependent attackers to have an unknown impact via a crafted
+image file, related to integer multiplication for memory allocation
+(CVE-2008-3520).
+
+The jas_stream_tmpfile function in libjasper/base/jas_stream.c in
+JasPer 1.900.1 allows local users to overwrite arbitrary files via
+a symlink attack on a tmp.XXXXXXXXXX temporary file (CVE-2008-3521).
+
+Buffer overflow in the jas_stream_printf function in
+libjasper/base/jas_stream.c in JasPer 1.900.1 might allow
+context-dependent attackers to have an unknown impact via
+vectors related to the mif_hdr_put function and use of vsprintf
+(CVE-2008-3522).
+
+The updated packages have been patched to prevent this.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:142-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:142-1 (jasper)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"jasper", rpm:"jasper~1.900.1~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libjasper1", rpm:"libjasper1~1.900.1~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libjasper1-devel", rpm:"libjasper1-devel~1.900.1~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libjasper1-static-devel", rpm:"libjasper1-static-devel~1.900.1~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64jasper1", rpm:"lib64jasper1~1.900.1~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64jasper1-devel", rpm:"lib64jasper1-devel~1.900.1~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64jasper1-static-devel", rpm:"lib64jasper1-static-devel~1.900.1~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_157_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_157_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_157_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,92 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:157-1 (perl-Compress-Raw-Zlib)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66382);
+ script_cve_id("CVE-2009-1391");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:157-1 (perl-Compress-Raw-Zlib)");
+
+ desc = "
+The remote host is missing an update to perl-Compress-Raw-Zlib
+announced via advisory MDVSA-2009:157-1.
+
+A vulnerability has been found and corrected in perl-Compress-Raw-Zlib:
+
+Off-by-one error in the inflate function in Zlib.xs in
+Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS,
+SpamAssassin, and possibly other products, allows context-dependent
+attackers to cause a denial of service (hang or crash) via a crafted
+zlib compressed stream that triggers a heap-based buffer overflow,
+as exploited in the wild by Trojan.Downloader-71014 in June 2009
+(CVE-2009-1391).
+
+This update provides fixes for this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:157-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:157-1 (perl-Compress-Raw-Zlib)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"perl-Compress-Raw-Zlib", rpm:"perl-Compress-Raw-Zlib~2.006~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_158_3.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_158_3.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_158_3.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,109 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:158-3 (pango)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66378);
+ script_cve_id("CVE-2009-1194");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:158-3 (pango)");
+
+ desc = "
+The remote host is missing an update to pango
+announced via advisory MDVSA-2009:158-3.
+
+Integer overflow in the pango_glyph_string_set_size function in
+pango/glyphstring.c in Pango before 1.24 allows context-dependent
+attackers to cause a denial of service (application crash) or possibly
+execute arbitrary code via a long glyph string that triggers a
+heap-based buffer overflow.
+
+This update corrects the issue.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:158-3
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:158-3 (pango)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libpango1.0_0", rpm:"libpango1.0_0~1.18.2~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libpango1.0_0-modules", rpm:"libpango1.0_0-modules~1.18.2~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libpango1.0-devel", rpm:"libpango1.0-devel~1.18.2~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"pango", rpm:"pango~1.18.2~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"pango-doc", rpm:"pango-doc~1.18.2~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64pango1.0_0", rpm:"lib64pango1.0_0~1.18.2~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64pango1.0_0-modules", rpm:"lib64pango1.0_0-modules~1.18.2~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64pango1.0-devel", rpm:"lib64pango1.0-devel~1.18.2~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_169_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_169_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_169_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,111 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:169-1 (libtiff)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66375);
+ script_cve_id("CVE-2008-2327", "CVE-2009-2285", "CVE-2009-2347");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:169-1 (libtiff)");
+
+ desc = "
+The remote host is missing an update to libtiff
+announced via advisory MDVSA-2009:169-1.
+
+Multiple vulnerabilities has been found and corrected in libtiff:
+
+Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2
+allows context-dependent attackers to cause a denial of service (crash)
+via a crafted TIFF image, a different vulnerability than CVE-2008-2327
+(CVE-2009-2285).
+
+Fix several places in tiff2rgba and rgb2ycbcr that were being careless
+about possible integer overflow in calculation of buffer sizes
+(CVE-2009-2347).
+
+This update provides fixes for these vulnerabilities.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:169-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:169-1 (libtiff)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libtiff3", rpm:"libtiff3~3.8.2~8.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libtiff3-devel", rpm:"libtiff3-devel~3.8.2~8.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libtiff3-static-devel", rpm:"libtiff3-static-devel~3.8.2~8.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libtiff-progs", rpm:"libtiff-progs~3.8.2~8.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64tiff3", rpm:"lib64tiff3~3.8.2~8.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64tiff3-devel", rpm:"lib64tiff3-devel~3.8.2~8.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64tiff3-static-devel", rpm:"lib64tiff3-static-devel~3.8.2~8.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_197_3.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_197_3.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_197_3.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,119 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:197-3 (nss)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66362);
+ script_cve_id("CVE-2009-2408", "CVE-2009-2409", "CVE-2009-2404");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:197-3 (nss)");
+
+ desc = "
+The remote host is missing an update to nss
+announced via advisory MDVSA-2009:197-3.
+
+Security issues in nss prior to 3.12.3 could lead to a
+man-in-the-middle attack via a spoofed X.509 certificate
+(CVE-2009-2408) and md2 algorithm flaws (CVE-2009-2409), and also
+cause a denial-of-service and possible code execution via a long
+domain name in X.509 certificate (CVE-2009-2404).
+
+This update provides the latest versions of NSS and NSPR libraries
+which are not vulnerable to those attacks.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:197-3
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:197-3 (nss)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libnspr4", rpm:"libnspr4~4.7.5~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libnspr-devel", rpm:"libnspr-devel~4.7.5~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libnss3", rpm:"libnss3~3.12.3.1~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libnss-devel", rpm:"libnss-devel~3.12.3.1~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libnss-static-devel", rpm:"libnss-static-devel~3.12.3.1~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"nss", rpm:"nss~3.12.3.1~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64nspr4", rpm:"lib64nspr4~4.7.5~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64nspr-devel", rpm:"lib64nspr-devel~4.7.5~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64nss3", rpm:"lib64nss3~3.12.3.1~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64nss-devel", rpm:"lib64nss-devel~3.12.3.1~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64nss-static-devel", rpm:"lib64nss-static-devel~3.12.3.1~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_199_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_199_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_199_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,140 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:199-1 (subversion)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66423);
+ script_cve_id("CVE-2009-2412", "CVE-2009-2411");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:199-1 (subversion)");
+
+ desc = "
+The remote host is missing an update to subversion
+announced via advisory MDVSA-2009:199-1.
+
+A vulnerability has been found and corrected in subversion:
+
+Multiple integer overflows in the libsvn_delta library in Subversion
+before 1.5.7, and 1.6.x before 1.6.4, allow remote authenticated users
+and remote Subversion servers to execute arbitrary code via an svndiff
+stream with large windows that trigger a heap-based buffer overflow,
+a related issue to CVE-2009-2412 (CVE-2009-2411).
+
+This update provides a solution to this vulnerability and in turn
+upgrades subversion where possible to provide additional features
+and upstream bugfixes and adds required dependencies where needed.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:199-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:199-1 (subversion)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"apache-mod_dav_svn", rpm:"apache-mod_dav_svn~1.4.6~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-mod_dontdothat", rpm:"apache-mod_dontdothat~1.4.6~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsvn0", rpm:"libsvn0~1.4.6~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"perl-SVN", rpm:"perl-SVN~1.4.6~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"perl-SVN-devel", rpm:"perl-SVN-devel~1.4.6~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"python-svn", rpm:"python-svn~1.4.6~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"python-svn-devel", rpm:"python-svn-devel~1.4.6~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-svn", rpm:"ruby-svn~1.4.6~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-svn-devel", rpm:"ruby-svn-devel~1.4.6~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"subversion", rpm:"subversion~1.4.6~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"subversion-devel", rpm:"subversion-devel~1.4.6~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"subversion-doc", rpm:"subversion-doc~1.4.6~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"subversion-server", rpm:"subversion-server~1.4.6~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"subversion-tools", rpm:"subversion-tools~1.4.6~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"svn-javahl", rpm:"svn-javahl~1.4.6~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"svn-javahl-javadoc", rpm:"svn-javahl-javadoc~1.4.6~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64svn0", rpm:"lib64svn0~1.4.6~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_200_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_200_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_200_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,124 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:200-1 (libxml)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66392);
+ script_cve_id("CVE-2009-2414", "CVE-2009-2416");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:200-1 (libxml)");
+
+ desc = "
+The remote host is missing an update to libxml
+announced via advisory MDVSA-2009:200-1.
+
+Multiple vulnerabilities has been found and corrected in libxml:
+
+Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26,
+2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent
+attackers to cause a denial of service (application crash) via a
+large depth of element declarations in a DTD, related to a function
+recursion, as demonstrated by the Codenomicon XML fuzzing framework
+(CVE-2009-2414).
+
+Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16,
+2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent
+attackers to cause a denial of service (application crash) via crafted
+(1) Notation or (2) Enumeration attribute types in an XML file, as
+demonstrated by the Codenomicon XML fuzzing framework (CVE-2009-2416).
+
+This update provides a solution to these vulnerabilities.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:200-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:200-1 (libxml)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libxml1", rpm:"libxml1~1.8.17~11.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libxml1-devel", rpm:"libxml1-devel~1.8.17~11.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libxml2_2", rpm:"libxml2_2~2.6.30~1.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libxml2-devel", rpm:"libxml2-devel~2.6.30~1.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libxml2-python", rpm:"libxml2-python~2.6.30~1.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libxml2-utils", rpm:"libxml2-utils~2.6.30~1.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xml1", rpm:"lib64xml1~1.8.17~11.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xml1-devel", rpm:"lib64xml1-devel~1.8.17~11.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xml2_2", rpm:"lib64xml2_2~2.6.30~1.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xml2-devel", rpm:"lib64xml2-devel~2.6.30~1.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_201_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_201_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_201_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,97 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:201-1 (fetchmail)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66396);
+ script_cve_id("CVE-2009-2408", "CVE-2009-2666");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:201-1 (fetchmail)");
+
+ desc = "
+The remote host is missing an update to fetchmail
+announced via advisory MDVSA-2009:201-1.
+
+A vulnerability has been found and corrected in fetchmail:
+
+socket.c in fetchmail before 6.3.11 does not properly handle a '\0'
+(NUL) character in a domain name in the subject's Common Name (CN)
+and subjectAlt(ernative)Name fields of an X.509 certificate, which
+allows man-in-the-middle attackers to spoof arbitrary SSL servers via
+a crafted certificate issued by a legitimate Certification Authority,
+a related issue to CVE-2009-2408 (CVE-2009-2666).
+
+This update provides a solution to this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:201-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:201-1 (fetchmail)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"fetchmail", rpm:"fetchmail~6.3.8~4.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"fetchmailconf", rpm:"fetchmailconf~6.3.8~4.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"fetchmail-daemon", rpm:"fetchmail-daemon~6.3.8~4.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_203_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_203_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_203_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,103 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:203-1 (curl)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66376);
+ script_cve_id("CVE-2009-2408", "CVE-2009-2417");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:203-1 (curl)");
+
+ desc = "
+The remote host is missing an update to curl
+announced via advisory MDVSA-2009:203-1.
+
+A vulnerability has been found and corrected in curl:
+
+lib/ssluse.c in cURL and libcurl 7.4 through 7.19.5, when OpenSSL is
+used, does not properly handle a '\0' character in a domain name in
+the subject's Common Name (CN) field of an X.509 certificate, which
+allows man-in-the-middle attackers to spoof arbitrary SSL servers via
+a crafted certificate issued by a legitimate Certification Authority,
+a related issue to CVE-2009-2408 (CVE-2009-2417).
+
+This update provides a solution to this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:203-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:203-1 (curl)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"curl", rpm:"curl~7.16.4~2.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libcurl4", rpm:"libcurl4~7.16.4~2.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libcurl-devel", rpm:"libcurl-devel~7.16.4~2.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64curl4", rpm:"lib64curl4~7.16.4~2.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64curl-devel", rpm:"lib64curl-devel~7.16.4~2.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_206_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_206_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_206_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,90 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:206-1 (wget)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66388);
+ script_cve_id("CVE-2009-2408", "CVE-2009-3490");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:206-1 (wget)");
+
+ desc = "
+The remote host is missing an update to wget
+announced via advisory MDVSA-2009:206-1.
+
+A vulnerability has been found and corrected in wget:
+
+GNU Wget before 1.12 does not properly handle a '\0' (NUL) character
+in a domain name in the Common Name field of an X.509 certificate,
+which allows man-in-the-middle remote attackers to spoof arbitrary SSL
+servers via a crafted certificate issued by a legitimate Certification
+Authority, a related issue to CVE-2009-2408 (CVE-2009-3490).
+
+This update provides a solution to this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:206-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:206-1 (wget)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"wget", rpm:"wget~1.10.2~6.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_208_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_208_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_208_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,103 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:208-1 (libgadu)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66377);
+ script_cve_id("CVE-2008-4776");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:208-1 (libgadu)");
+
+ desc = "
+The remote host is missing an update to libgadu
+announced via advisory MDVSA-2009:208-1.
+
+A vulnerability has been found and corrected in libgadu:
+
+libgadu before 1.8.2 allows remote servers to cause a denial of service
+(crash) via a contact description with a large length, which triggers
+a buffer over-read (CVE-2008-4776).
+
+This update provides a solution to this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:208-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:208-1 (libgadu)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libgadu3", rpm:"libgadu3~1.7.1~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgadu-devel", rpm:"libgadu-devel~1.7.1~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgadu-static-devel", rpm:"libgadu-static-devel~1.7.1~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64gadu3", rpm:"lib64gadu3~1.7.1~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64gadu-devel", rpm:"lib64gadu-devel~1.7.1~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64gadu-static-devel", rpm:"lib64gadu-static-devel~1.7.1~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_211_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_211_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_211_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,98 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:211-1 (expat)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66385);
+ script_cve_id("CVE-2009-2625", "CVE-2009-3720");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:211-1 (expat)");
+
+ desc = "
+The remote host is missing an update to expat
+announced via advisory MDVSA-2009:211-1.
+
+A vulnerability was found in xmltok_impl.c (expat) that with
+specially crafted XML could be exploited and lead to a denial of
+service attack. Related to CVE-2009-2625 (CVE-2009-3720).
+
+This update fixes this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:211-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:211-1 (expat)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"expat", rpm:"expat~2.0.1~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libexpat1", rpm:"libexpat1~2.0.1~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libexpat1-devel", rpm:"libexpat1-devel~2.0.1~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64expat1", rpm:"lib64expat1~2.0.1~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64expat1-devel", rpm:"lib64expat1-devel~2.0.1~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_212_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_212_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_212_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,110 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:212-1 (python)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66383);
+ script_cve_id("CVE-2009-2625", "CVE-2009-3720");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:212-1 (python)");
+
+ desc = "
+The remote host is missing an update to python
+announced via advisory MDVSA-2009:212-1.
+
+A vulnerability was found in xmltok_impl.c (expat) that with
+specially crafted XML could be exploited and lead to a denial of
+service attack. Related to CVE-2009-2625 (CVE-2009-3720).
+
+This update fixes this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:212-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:212-1 (python)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libpython2.5", rpm:"libpython2.5~2.5.2~2.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libpython2.5-devel", rpm:"libpython2.5-devel~2.5.2~2.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"python", rpm:"python~2.5.2~2.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"python-base", rpm:"python-base~2.5.2~2.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"python-docs", rpm:"python-docs~2.5.2~2.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tkinter", rpm:"tkinter~2.5.2~2.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tkinter-apps", rpm:"tkinter-apps~2.5.2~2.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64python2.5", rpm:"lib64python2.5~2.5.2~2.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64python2.5-devel", rpm:"lib64python2.5-devel~2.5.2~2.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_213_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_213_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_213_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,161 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:213-1 (wxgtk)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66391);
+ script_cve_id("CVE-2009-2625", "CVE-2009-3720");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:213-1 (wxgtk)");
+
+ desc = "
+The remote host is missing an update to wxgtk
+announced via advisory MDVSA-2009:213-1.
+
+A vulnerability was found in xmltok_impl.c (expat) that with
+specially crafted XML could be exploited and lead to a denial of
+service attack. Related to CVE-2009-2625 (CVE-2009-3720).
+
+This update fixes this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:213-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:213-1 (wxgtk)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libwxgtk2.6", rpm:"libwxgtk2.6~2.6.4~13.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libwxgtk2.6-devel", rpm:"libwxgtk2.6-devel~2.6.4~13.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libwxgtk2.8", rpm:"libwxgtk2.8~2.8.4~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libwxgtk2.8-devel", rpm:"libwxgtk2.8-devel~2.8.4~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libwxgtkgl2.6", rpm:"libwxgtkgl2.6~2.6.4~13.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libwxgtkgl2.8", rpm:"libwxgtkgl2.8~2.8.4~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libwxgtkglu2.6", rpm:"libwxgtkglu2.6~2.6.4~13.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libwxgtkglu2.8", rpm:"libwxgtkglu2.8~2.8.4~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libwxgtku2.6", rpm:"libwxgtku2.6~2.6.4~13.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libwxgtku2.6-devel", rpm:"libwxgtku2.6-devel~2.6.4~13.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libwxgtku2.8", rpm:"libwxgtku2.8~2.8.4~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libwxgtku2.8-devel", rpm:"libwxgtku2.8-devel~2.8.4~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"wxGTK2.6", rpm:"wxGTK2.6~2.6.4~13.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"wxgtk2.8", rpm:"wxgtk2.8~2.8.4~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64wxgtk2.6", rpm:"lib64wxgtk2.6~2.6.4~13.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64wxgtk2.6-devel", rpm:"lib64wxgtk2.6-devel~2.6.4~13.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64wxgtk2.8", rpm:"lib64wxgtk2.8~2.8.4~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64wxgtk2.8-devel", rpm:"lib64wxgtk2.8-devel~2.8.4~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64wxgtkgl2.6", rpm:"lib64wxgtkgl2.6~2.6.4~13.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64wxgtkgl2.8", rpm:"lib64wxgtkgl2.8~2.8.4~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64wxgtkglu2.6", rpm:"lib64wxgtkglu2.6~2.6.4~13.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64wxgtkglu2.8", rpm:"lib64wxgtkglu2.8~2.8.4~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64wxgtku2.6", rpm:"lib64wxgtku2.6~2.6.4~13.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64wxgtku2.6-devel", rpm:"lib64wxgtku2.6-devel~2.6.4~13.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64wxgtku2.8", rpm:"lib64wxgtku2.8~2.8.4~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64wxgtku2.8-devel", rpm:"lib64wxgtku2.8-devel~2.8.4~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_215_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_215_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_215_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,86 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:215-1 (audacity)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66408);
+ script_cve_id("CVE-2009-2625", "CVE-2009-3720");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:215-1 (audacity)");
+
+ desc = "
+The remote host is missing an update to audacity
+announced via advisory MDVSA-2009:215-1.
+
+A vulnerability was found in xmltok_impl.c (expat) that with
+specially crafted XML could be exploited and lead to a denial of
+service attack. Related to CVE-2009-2625 (CVE-2009-3720).
+
+This update fixes this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:215-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:215-1 (audacity)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"audacity", rpm:"audacity~1.3.3~1.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_217_3.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_217_3.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_217_3.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,298 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:217-3 (mozilla-thunderbird)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66361);
+ script_cve_id("CVE-2009-2408", "CVE-2009-2625", "CVE-2009-3720");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:217-3 (mozilla-thunderbird)");
+
+ desc = "
+The remote host is missing an update to mozilla-thunderbird
+announced via advisory MDVSA-2009:217-3.
+
+A number of security vulnerabilities have been discovered in Mozilla
+Thunderbird:
+
+Security issues in thunderbird could lead to a man-in-the-middle
+attack via a spoofed X.509 certificate (CVE-2009-2408).
+
+A vulnerability was found in xmltok_impl.c (expat) that with
+specially crafted XML could be exploited and lead to a denial of
+service attack. Related to CVE-2009-2625 (CVE-2009-3720).
+
+This update provides the latest version of Thunderbird which are not
+vulnerable to these issues.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:217-3
+http://www.mozilla.org/security/announce/2009/mfsa2009-42.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:217-3 (mozilla-thunderbird)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"mozilla-thunderbird", rpm:"mozilla-thunderbird~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-af", rpm:"mozilla-thunderbird-af~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-be", rpm:"mozilla-thunderbird-be~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-bg", rpm:"mozilla-thunderbird-bg~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-ca", rpm:"mozilla-thunderbird-ca~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-cs", rpm:"mozilla-thunderbird-cs~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-da", rpm:"mozilla-thunderbird-da~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-de", rpm:"mozilla-thunderbird-de~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-devel", rpm:"mozilla-thunderbird-devel~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-el", rpm:"mozilla-thunderbird-el~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-en_GB", rpm:"mozilla-thunderbird-en_GB~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail", rpm:"mozilla-thunderbird-enigmail~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ar", rpm:"mozilla-thunderbird-enigmail-ar~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ca", rpm:"mozilla-thunderbird-enigmail-ca~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-cs", rpm:"mozilla-thunderbird-enigmail-cs~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-de", rpm:"mozilla-thunderbird-enigmail-de~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-el", rpm:"mozilla-thunderbird-enigmail-el~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-es", rpm:"mozilla-thunderbird-enigmail-es~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-es_AR", rpm:"mozilla-thunderbird-enigmail-es_AR~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-fi", rpm:"mozilla-thunderbird-enigmail-fi~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-fr", rpm:"mozilla-thunderbird-enigmail-fr~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-hu", rpm:"mozilla-thunderbird-enigmail-hu~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-it", rpm:"mozilla-thunderbird-enigmail-it~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ja", rpm:"mozilla-thunderbird-enigmail-ja~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ko", rpm:"mozilla-thunderbird-enigmail-ko~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-nb", rpm:"mozilla-thunderbird-enigmail-nb~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-nl", rpm:"mozilla-thunderbird-enigmail-nl~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-pl", rpm:"mozilla-thunderbird-enigmail-pl~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-pt", rpm:"mozilla-thunderbird-enigmail-pt~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-pt_BR", rpm:"mozilla-thunderbird-enigmail-pt_BR~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ro", rpm:"mozilla-thunderbird-enigmail-ro~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ru", rpm:"mozilla-thunderbird-enigmail-ru~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-sk", rpm:"mozilla-thunderbird-enigmail-sk~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-sl", rpm:"mozilla-thunderbird-enigmail-sl~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-sv", rpm:"mozilla-thunderbird-enigmail-sv~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-tr", rpm:"mozilla-thunderbird-enigmail-tr~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-zh_CN", rpm:"mozilla-thunderbird-enigmail-zh_CN~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-zh_TW", rpm:"mozilla-thunderbird-enigmail-zh_TW~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-es_AR", rpm:"mozilla-thunderbird-es_AR~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-es_ES", rpm:"mozilla-thunderbird-es_ES~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-et_EE", rpm:"mozilla-thunderbird-et_EE~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-eu", rpm:"mozilla-thunderbird-eu~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-fi", rpm:"mozilla-thunderbird-fi~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-fr", rpm:"mozilla-thunderbird-fr~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-gu_IN", rpm:"mozilla-thunderbird-gu_IN~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-he", rpm:"mozilla-thunderbird-he~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-hu", rpm:"mozilla-thunderbird-hu~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-it", rpm:"mozilla-thunderbird-it~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-ja", rpm:"mozilla-thunderbird-ja~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-ko", rpm:"mozilla-thunderbird-ko~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-lt", rpm:"mozilla-thunderbird-lt~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-mk", rpm:"mozilla-thunderbird-mk~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-moztraybiff", rpm:"mozilla-thunderbird-moztraybiff~1.2.3~4.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-nb_NO", rpm:"mozilla-thunderbird-nb_NO~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-nl", rpm:"mozilla-thunderbird-nl~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-nn_NO", rpm:"mozilla-thunderbird-nn_NO~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-pa_IN", rpm:"mozilla-thunderbird-pa_IN~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-pl", rpm:"mozilla-thunderbird-pl~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-pt_BR", rpm:"mozilla-thunderbird-pt_BR~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-pt_PT", rpm:"mozilla-thunderbird-pt_PT~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-ru", rpm:"mozilla-thunderbird-ru~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-sk", rpm:"mozilla-thunderbird-sk~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-sl", rpm:"mozilla-thunderbird-sl~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-sv_SE", rpm:"mozilla-thunderbird-sv_SE~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-tr", rpm:"mozilla-thunderbird-tr~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-uk", rpm:"mozilla-thunderbird-uk~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-zh_CN", rpm:"mozilla-thunderbird-zh_CN~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-zh_TW", rpm:"mozilla-thunderbird-zh_TW~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"nsinstall", rpm:"nsinstall~2.0.0.23~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_218_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_218_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_218_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,92 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:218-1 (w3c-libwww)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66389);
+ script_cve_id("CVE-2009-2625", "CVE-2009-3720");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:218-1 (w3c-libwww)");
+
+ desc = "
+The remote host is missing an update to w3c-libwww
+announced via advisory MDVSA-2009:218-1.
+
+A vulnerability was found in xmltok_impl.c (expat) that with
+specially crafted XML could be exploited and lead to a denial of
+service attack. Related to CVE-2009-2625 (CVE-2009-3720).
+
+This update fixes this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:218-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:218-1 (w3c-libwww)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"w3c-libwww", rpm:"w3c-libwww~5.4.0~8.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"w3c-libwww-apps", rpm:"w3c-libwww-apps~5.4.0~8.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"w3c-libwww-devel", rpm:"w3c-libwww-devel~5.4.0~8.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_219_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_219_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_219_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,94 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:219-1 (kompozer)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66410);
+ script_cve_id("CVE-2009-2625", "CVE-2009-3720");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:219-1 (kompozer)");
+
+ desc = "
+The remote host is missing an update to kompozer
+announced via advisory MDVSA-2009:219-1.
+
+A vulnerability was found in xmltok_impl.c (expat) that with
+specially crafted XML could be exploited and lead to a denial of
+service attack. Related to CVE-2009-2625 (CVE-2009-3720).
+
+Additionally on 2009.0 a patch was added to prevent kompozer from
+crashing (#44830), on 2009.1 a format string patch was added to make
+it build with the -Wformat -Werror=format-security gcc optimization
+switch added in 2009.1
+
+This update fixes these issues.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:219-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:219-1 (kompozer)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"kompozer", rpm:"kompozer~0.7.10~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kompozer-devel", rpm:"kompozer-devel~0.7.10~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_223_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_223_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_223_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,103 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:223-1 (xerces-c)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66387);
+ script_cve_id("CVE-2009-1885");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:223-1 (xerces-c)");
+
+ desc = "
+The remote host is missing an update to xerces-c
+announced via advisory MDVSA-2009:223-1.
+
+A vulnerability has been found and corrected in xerces-c:
+
+Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in
+Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to
+cause a denial of service (application crash) via vectors involving
+nested parentheses and invalid byte values in simply nested DTD
+structures, as demonstrated by the Codenomicon XML fuzzing framework
+(CVE-2009-1885).
+
+This update provides a solution to this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:223-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:223-1 (xerces-c)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libxerces-c0", rpm:"libxerces-c0~2.7.0~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libxerces-c0-devel", rpm:"libxerces-c0-devel~2.7.0~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xerces-c-doc", rpm:"xerces-c-doc~2.7.0~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xerces-c0", rpm:"lib64xerces-c0~2.7.0~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xerces-c0-devel", rpm:"lib64xerces-c0-devel~2.7.0~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_224_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_224_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_224_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,107 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:224-1 (postfix)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66394);
+ script_cve_id("CVE-2008-2937");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:224-1 (postfix)");
+
+ desc = "
+The remote host is missing an update to postfix
+announced via advisory MDVSA-2009:224-1.
+
+A vulnerability has been found and corrected in postfix:
+
+Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a
+mailbox file even when this file is not owned by the recipient, which
+allows local users to read e-mail messages by creating a mailbox file
+corresponding to another user's account name (CVE-2008-2937).
+
+This update provides a solution to this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:224-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:224-1 (postfix)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libpostfix1", rpm:"libpostfix1~2.4.5~2.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"postfix", rpm:"postfix~2.4.5~2.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"postfix-ldap", rpm:"postfix-ldap~2.4.5~2.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"postfix-mysql", rpm:"postfix-mysql~2.4.5~2.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"postfix-pcre", rpm:"postfix-pcre~2.4.5~2.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"postfix-pgsql", rpm:"postfix-pgsql~2.4.5~2.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64postfix1", rpm:"lib64postfix1~2.4.5~2.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_229_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_229_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_229_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,106 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:229-1 (cyrus-imapd)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66416);
+ script_cve_id("CVE-2009-2632");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:229-1 (cyrus-imapd)");
+
+ desc = "
+The remote host is missing an update to cyrus-imapd
+announced via advisory MDVSA-2009:229-1.
+
+A vulnerability has been found and corrected in cyrus-imapd:
+
+Buffer overflow in the SIEVE script component (sieve/script.c) in
+cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14 allows local users
+to execute arbitrary code and read or modify arbitrary messages via
+a crafted SIEVE script, related to the incorrect use of the sizeof
+operator for determining buffer length, combined with an integer
+signedness error (CVE-2009-2632).
+
+This update provides a solution to this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:229-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:229-1 (cyrus-imapd)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"cyrus-imapd", rpm:"cyrus-imapd~2.3.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cyrus-imapd-devel", rpm:"cyrus-imapd-devel~2.3.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cyrus-imapd-murder", rpm:"cyrus-imapd-murder~2.3.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cyrus-imapd-nntp", rpm:"cyrus-imapd-nntp~2.3.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cyrus-imapd-utils", rpm:"cyrus-imapd-utils~2.3.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"perl-Cyrus", rpm:"perl-Cyrus~2.3.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_231_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_231_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_231_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,94 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:231-1 (htmldoc)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66403);
+ script_cve_id("CVE-2009-3050");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:231-1 (htmldoc)");
+
+ desc = "
+The remote host is missing an update to htmldoc
+announced via advisory MDVSA-2009:231-1.
+
+A security vulnerability has been identified and fixed in htmldoc:
+
+Buffer overflow in the set_page_size function in util.cxx in HTMLDOC
+1.8.27 and earlier allows context-dependent attackers to execute
+arbitrary code via a long MEDIA SIZE comment.  NOTE: it was later
+reported that there were additional vectors in htmllib.cxx and
+ps-pdf.cxx using an AFM font file with a long glyph name, but these
+vectors do not cross privilege boundaries (CVE-2009-3050).
+
+This update provides a solution to this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:231-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:231-1 (htmldoc)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"htmldoc", rpm:"htmldoc~1.8.27~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"htmldoc-nogui", rpm:"htmldoc-nogui~1.8.27~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_232_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_232_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_232_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,100 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:232-1 (libsamplerate)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66412);
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:232-1 (libsamplerate)");
+
+ desc = "
+The remote host is missing an update to libsamplerate
+announced via advisory MDVSA-2009:232-1.
+
+A security vulnerability has been identified and fixed in
+libsamplerate:
+
+Lev Givon discovered a buffer overflow in libsamplerate that could
+lead to a segfault with specially crafted python code. This problem has
+been fixed with libsamplerate-0.1.7 but older versions are affected.
+
+This update provides a solution to this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:232-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:232-1 (libsamplerate)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libsamplerate0", rpm:"libsamplerate0~0.1.3~0.pre6.3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsamplerate-devel", rpm:"libsamplerate-devel~0.1.3~0.pre6.3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsamplerate-progs", rpm:"libsamplerate-progs~0.1.3~0.pre6.3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64samplerate0", rpm:"lib64samplerate0~0.1.3~0.pre6.3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64samplerate-devel", rpm:"lib64samplerate-devel~0.1.3~0.pre6.3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_234_2.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_234_2.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_234_2.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,130 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:234-2 (silc-toolkit)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66413);
+ script_cve_id("CVE-2009-3051", "CVE-2008-7159", "CVE-2008-7160", "CVE-2009-3163");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:234-2 (silc-toolkit)");
+
+ desc = "
+The remote host is missing an update to silc-toolkit
+announced via advisory MDVSA-2009:234-2.
+
+Multiple vulnerabilities was discovered and corrected in silc-toolkit:
+
+Multiple format string vulnerabilities in lib/silcclient/client_entry.c
+in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and
+SILC Client before 1.1.8, allow remote attackers to execute arbitrary
+code via format string specifiers in a nickname field, related to the
+(1) silc_client_add_client, (2) silc_client_update_client, and (3)
+silc_client_nickname_format functions (CVE-2009-3051).
+
+The silc_asn1_encoder function in lib/silcasn1/silcasn1_encode.c in
+Secure Internet Live Conferencing (SILC) Toolkit before 1.1.8 allows
+remote attackers to overwrite a stack location and possibly execute
+arbitrary code via a crafted OID value, related to incorrect use of
+a %lu format string (CVE-2008-7159).
+
+The silc_http_server_parse function in lib/silchttp/silchttpserver.c in
+the internal HTTP server in silcd in Secure Internet Live Conferencing
+(SILC) Toolkit before 1.1.9 allows remote attackers to overwrite
+a stack location and possibly execute arbitrary code via a crafted
+Content-Length header, related to incorrect use of a %lu format string
+(CVE-2008-7160).
+
+Multiple format string vulnerabilities in lib/silcclient/command.c
+in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10,
+and SILC Client 1.1.8 and earlier, allow remote attackers to execute
+arbitrary code via format string specifiers in a channel name, related
+to (1) silc_client_command_topic, (2) silc_client_command_kick,
+(3) silc_client_command_leave, and (4) silc_client_command_users
+(CVE-2009-3163).
+
+This update provides a solution to these vulnerabilities.
+
+Update:
+
+Packages for MES5 was not provided previousely, this update addresses
+this problem.
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:234-2
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:234-2 (silc-toolkit)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libsilc-1.1_2", rpm:"libsilc-1.1_2~1.1.2~2.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsilcclient-1.1_2", rpm:"libsilcclient-1.1_2~1.1.2~2.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"silc-toolkit", rpm:"silc-toolkit~1.1.2~2.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"silc-toolkit-devel", rpm:"silc-toolkit-devel~1.1.2~2.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64silc-1.1_2", rpm:"lib64silc-1.1_2~1.1.2~2.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64silcclient-1.1_2", rpm:"lib64silcclient-1.1_2~1.1.2~2.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_243_2.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_243_2.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_243_2.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,102 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:243-2 (freetype2)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66421);
+ script_cve_id("CVE-2009-0946");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:243-2 (freetype2)");
+
+ desc = "
+The remote host is missing an update to freetype2
+announced via advisory MDVSA-2009:243-2.
+
+Multiple integer overflows in FreeType 2.3.9 and earlier allow remote
+attackers to execute arbitrary code via vectors related to large
+values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c,
+and (3) cff/cffload.c.
+
+This update corrects the problem.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:243-2
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:243-2 (freetype2)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libfreetype6", rpm:"libfreetype6~2.3.5~2.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libfreetype6-devel", rpm:"libfreetype6-devel~2.3.5~2.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libfreetype6-static-devel", rpm:"libfreetype6-static-devel~2.3.5~2.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64freetype6", rpm:"lib64freetype6~2.3.5~2.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64freetype6-devel", rpm:"lib64freetype6-devel~2.3.5~2.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64freetype6-static-devel", rpm:"lib64freetype6-static-devel~2.3.5~2.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_249_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_249_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_249_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,104 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:249-1 (newt)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66399);
+ script_cve_id("CVE-2009-2905");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:249-1 (newt)");
+
+ desc = "
+The remote host is missing an update to newt
+announced via advisory MDVSA-2009:249-1.
+
+A vulnerability was discovered and corrected in newt:
+
+A heap-based buffer overflow flaw was found in the way newt processes
+content that is to be displayed in a text dialog box. A local attacker
+could issue a specially-crafted text dialog box display request
+(direct or via a custom application), leading to a denial of service
+(application crash) or, potentially, arbitrary code execution with the
+privileges of the user running the application using the newt library
+(CVE-2009-2905).
+
+This update provides a solution to this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:249-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:249-1 (newt)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libnewt0.52", rpm:"libnewt0.52~0.52.6~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libnewt0.52-devel", rpm:"libnewt0.52-devel~0.52.6~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"newt", rpm:"newt~0.52.6~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64newt0.52", rpm:"lib64newt0.52~0.52.6~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64newt0.52-devel", rpm:"lib64newt0.52-devel~0.52.6~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_252_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_252_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_252_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,89 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:252-1 (perl-IO-Socket-SSL)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66418);
+ script_cve_id("CVE-2009-3024");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:252-1 (perl-IO-Socket-SSL)");
+
+ desc = "
+The remote host is missing an update to perl-IO-Socket-SSL
+announced via advisory MDVSA-2009:252-1.
+
+A vulnerability was discovered and corrected in perl-IO-Socket-SSL:
+
+The verify_hostname_of_cert function in the certificate checking
+feature in IO-Socket-SSL (IO::Socket::SSL) 1.14 through 1.25 only
+matches the prefix of a hostname when no wildcard is used, which
+allows remote attackers to bypass the hostname check for a certificate
+(CVE-2009-3024).
+
+This update provides a fix for this vulnerability.
+
+Update:
+
+Packages were missing for 2009.0, this update addresses the problem.
+
+Affected: 2009.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:252-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:252-1 (perl-IO-Socket-SSL)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"perl-IO-Socket-SSL", rpm:"perl-IO-Socket-SSL~1.15~1.2mdv2009.0", rls:"MNDK_2009.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_254_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_254_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_254_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,147 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:254-1 (graphviz)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66419);
+ script_cve_id("CVE-2008-4555");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:254-1 (graphviz)");
+
+ desc = "
+The remote host is missing an update to graphviz
+announced via advisory MDVSA-2009:254-1.
+
+A vulnerability was discovered and corrected in graphviz:
+
+Stack-based buffer overflow in the push_subg function in parser.y
+(lib/graph/parser.c) in Graphviz 2.20.2, and possibly earlier versions,
+allows user-assisted remote attackers to cause a denial of service
+(memory corruption) or execute arbitrary code via a DOT file with a
+large number of Agraph_t elements (CVE-2008-4555).
+
+This update provides a fix for this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:254-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:254-1 (graphviz)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"graphviz", rpm:"graphviz~2.12~6.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"graphviz-doc", rpm:"graphviz-doc~2.12~6.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgraphviz3", rpm:"libgraphviz3~2.12~6.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgraphviz-devel", rpm:"libgraphviz-devel~2.12~6.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgraphvizlua0", rpm:"libgraphvizlua0~2.12~6.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgraphvizperl0", rpm:"libgraphvizperl0~2.12~6.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgraphvizphp0", rpm:"libgraphvizphp0~2.12~6.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgraphvizpython0", rpm:"libgraphvizpython0~2.12~6.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgraphvizruby0", rpm:"libgraphvizruby0~2.12~6.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgraphviz-static-devel", rpm:"libgraphviz-static-devel~2.12~6.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgraphviztcl0", rpm:"libgraphviztcl0~2.12~6.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64graphviz3", rpm:"lib64graphviz3~2.12~6.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64graphviz-devel", rpm:"lib64graphviz-devel~2.12~6.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64graphvizlua0", rpm:"lib64graphvizlua0~2.12~6.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64graphvizperl0", rpm:"lib64graphvizperl0~2.12~6.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64graphvizphp0", rpm:"lib64graphvizphp0~2.12~6.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64graphvizpython0", rpm:"lib64graphvizpython0~2.12~6.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64graphvizruby0", rpm:"lib64graphvizruby0~2.12~6.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64graphviz-static-devel", rpm:"lib64graphviz-static-devel~2.12~6.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64graphviztcl0", rpm:"lib64graphviztcl0~2.12~6.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_256_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_256_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_256_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,105 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:256-1 (dbus)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66422);
+ script_cve_id("CVE-2008-3834", "CVE-2009-1189");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:256-1 (dbus)");
+
+ desc = "
+The remote host is missing an update to dbus
+announced via advisory MDVSA-2009:256-1.
+
+A vulnerability was discovered and corrected in dbus:
+
+The _dbus_validate_signature_with_reason function
+(dbus-marshal-validate.c) in D-Bus (aka DBus) uses incorrect logic
+to validate a basic type, which allows remote attackers to spoof a
+signature via a crafted key.  NOTE: this is due to an incorrect fix
+for CVE-2008-3834 (CVE-2009-1189).
+
+This update provides a fix for this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:256-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:256-1 (dbus)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"dbus", rpm:"dbus~1.0.2~10.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"dbus-x11", rpm:"dbus-x11~1.0.2~10.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libdbus-1_3", rpm:"libdbus-1_3~1.0.2~10.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libdbus-1_3-devel", rpm:"libdbus-1_3-devel~1.0.2~10.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64dbus-1_3", rpm:"lib64dbus-1_3~1.0.2~10.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64dbus-1_3-devel", rpm:"lib64dbus-1_3-devel~1.0.2~10.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_260_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_260_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_260_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,109 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:260-1 (imagemagick)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66409);
+ script_cve_id("CVE-2009-1882");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:260-1 (imagemagick)");
+
+ desc = "
+The remote host is missing an update to imagemagick
+announced via advisory MDVSA-2009:260-1.
+
+A vulnerability has been found and corrected in ImageMagick,
+which could lead to integer overflow in the XMakeImage function in
+magick/xwindow.c, allowing remote attackers to cause a denial of
+service (crash) and possibly execute arbitrary code via a crafted
+TIFF file, which triggers a buffer overflow (CVE-2009-1882).
+
+This update fixes this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:260-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:260-1 (imagemagick)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"imagemagick", rpm:"imagemagick~6.3.2.9~10.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"imagemagick-desktop", rpm:"imagemagick-desktop~6.3.2.9~10.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"imagemagick-doc", rpm:"imagemagick-doc~6.3.2.9~10.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libmagick10.7.0", rpm:"libmagick10.7.0~6.3.2.9~10.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libmagick10.7.0-devel", rpm:"libmagick10.7.0-devel~6.3.2.9~10.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"perl-Image-Magick", rpm:"perl-Image-Magick~6.3.2.9~10.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64magick10.7.0", rpm:"lib64magick10.7.0~6.3.2.9~10.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64magick10.7.0-devel", rpm:"lib64magick10.7.0-devel~6.3.2.9~10.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_272_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_272_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_272_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,104 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:272-1 (libmikmod)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66407);
+ script_cve_id("CVE-2007-6720", "CVE-2009-0179");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:272-1 (libmikmod)");
+
+ desc = "
+The remote host is missing an update to libmikmod
+announced via advisory MDVSA-2009:272-1.
+
+Multiple vulnerabilities has been found and corrected in libmikmod:
+
+libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and
+possibly other products, relies on the channel count of the last
+loaded song, rather than the currently playing song, for certain
+playback calculations, which allows user-assisted attackers to cause
+a denial of service (application crash) by loading multiple songs
+(aka MOD files) with different numbers of channels (CVE-2007-6720).
+
+libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other
+products, allows user-assisted attackers to cause a denial of service
+(application crash) by loading an XM file (CVE-2009-0179).
+
+This update fixes these vulnerabilities.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:272-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:272-1 (libmikmod)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libmikmod2", rpm:"libmikmod2~3.1.11a~8.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libmikmod-devel", rpm:"libmikmod-devel~3.1.11a~8.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64mikmod2", rpm:"lib64mikmod2~3.1.11a~8.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64mikmod-devel", rpm:"lib64mikmod-devel~3.1.11a~8.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_284_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_284_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_284_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,109 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:284-1 (gd)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66404);
+ script_cve_id("CVE-2009-3293", "CVE-2009-3546");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:284-1 (gd)");
+
+ desc = "
+The remote host is missing an update to gd
+announced via advisory MDVSA-2009:284-1.
+
+A vulnerability has been found and corrected in gd:
+
+The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.0, and the
+GD Graphics Library 2.x, does not properly verify a certain colorsTotal
+structure member, which might allow remote attackers to conduct
+buffer overflow or buffer over-read attacks via a crafted GD file,
+a different vulnerability than CVE-2009-3293.  NOTE: some of these
+details are obtained from third party information (CVE-2009-3546).
+
+This update fixes this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:284-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:284-1 (gd)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"gd-utils", rpm:"gd-utils~2.0.35~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgd2", rpm:"libgd2~2.0.35~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgd2-devel", rpm:"libgd2-devel~2.0.35~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgd2-static-devel", rpm:"libgd2-static-devel~2.0.35~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64gd2", rpm:"lib64gd2~2.0.35~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64gd2-devel", rpm:"lib64gd2-devel~2.0.35~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64gd2-static-devel", rpm:"lib64gd2-static-devel~2.0.35~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_287_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_287_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_287_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,122 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:287-1 (xpdf)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66381);
+ script_cve_id("CVE-2009-1188", "CVE-2009-3603", "CVE-2009-3604", "CVE-2009-3606", "CVE-2009-3608", "CVE-2009-3609");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:287-1 (xpdf)");
+
+ desc = "
+The remote host is missing an update to xpdf
+announced via advisory MDVSA-2009:287-1.
+
+Multiple vulnerabilities has been found and corrected in xpdf:
+
+Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x
+before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers
+to execute arbitrary code via a crafted PDF document that triggers a
+heap-based buffer overflow.  NOTE: some of these details are obtained
+from third party information.  NOTE: this issue reportedly exists
+because of an incomplete fix for CVE-2009-1188 (CVE-2009-3603).
+
+The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x
+before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF,
+does not properly allocate memory, which allows remote attackers to
+cause a denial of service (application crash) or possibly execute
+arbitrary code via a crafted PDF document that triggers a NULL pointer
+dereference or a heap-based buffer overflow (CVE-2009-3604).
+
+Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf
+before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might
+allow remote attackers to execute arbitrary code via a crafted PDF
+document that triggers a heap-based buffer overflow (CVE-2009-3606).
+
+Integer overflow in the ObjectStream::ObjectStream function in XRef.cc
+in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in
+GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote
+attackers to execute arbitrary code via a crafted PDF document that
+triggers a heap-based buffer overflow (CVE-2009-3608).
+
+Integer overflow in the ImageStream::ImageStream function in Stream.cc
+in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf,
+kdegraphics KPDF, and CUPS pdftops, allows remote attackers to
+cause a denial of service (application crash) via a crafted PDF
+document that triggers a NULL pointer dereference or buffer over-read
+(CVE-2009-3609).
+
+This update fixes these vulnerabilities.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:287-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:287-1 (xpdf)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"xpdf", rpm:"xpdf~3.02~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xpdf-common", rpm:"xpdf-common~3.02~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xpdf-tools", rpm:"xpdf-tools~3.02~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_290_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_290_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_290_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,342 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:290-1 (firefox)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66374);
+ script_cve_id("CVE-2009-1563", "CVE-2009-3274", "CVE-2009-3370", "CVE-2009-3372", "CVE-2009-3373", "CVE-2009-3374", "CVE-2009-3375", "CVE-2009-3376", "CVE-2009-3380", "CVE-2009-3382");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:290-1 (firefox)");
+
+ desc = "
+The remote host is missing an update to firefox
+announced via advisory MDVSA-2009:290-1.
+
+For details on the issues addressed with this update, please
+visit the referenced security advisories.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:290-1
+http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.15
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:290-1 (firefox)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"firefox", rpm:"firefox~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-af", rpm:"firefox-af~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ar", rpm:"firefox-ar~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-be", rpm:"firefox-be~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-bg", rpm:"firefox-bg~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-bn", rpm:"firefox-bn~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ca", rpm:"firefox-ca~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-cs", rpm:"firefox-cs~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-cy", rpm:"firefox-cy~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-da", rpm:"firefox-da~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-de", rpm:"firefox-de~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-el", rpm:"firefox-el~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-en_GB", rpm:"firefox-en_GB~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-eo", rpm:"firefox-eo~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-es_AR", rpm:"firefox-es_AR~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-es_ES", rpm:"firefox-es_ES~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-et", rpm:"firefox-et~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-eu", rpm:"firefox-eu~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-fi", rpm:"firefox-fi~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-fr", rpm:"firefox-fr~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-fy", rpm:"firefox-fy~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ga_IE", rpm:"firefox-ga_IE~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-gl", rpm:"firefox-gl~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-gu_IN", rpm:"firefox-gu_IN~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-he", rpm:"firefox-he~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-hi", rpm:"firefox-hi~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-hu", rpm:"firefox-hu~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-id", rpm:"firefox-id~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-is", rpm:"firefox-is~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-it", rpm:"firefox-it~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ja", rpm:"firefox-ja~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ka", rpm:"firefox-ka~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-kn", rpm:"firefox-kn~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ko", rpm:"firefox-ko~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ku", rpm:"firefox-ku~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-lt", rpm:"firefox-lt~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-lv", rpm:"firefox-lv~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-mk", rpm:"firefox-mk~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-mn", rpm:"firefox-mn~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-mr", rpm:"firefox-mr~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-nb_NO", rpm:"firefox-nb_NO~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-nl", rpm:"firefox-nl~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-nn_NO", rpm:"firefox-nn_NO~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-oc", rpm:"firefox-oc~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-pa_IN", rpm:"firefox-pa_IN~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-pl", rpm:"firefox-pl~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-pt_BR", rpm:"firefox-pt_BR~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-pt_PT", rpm:"firefox-pt_PT~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ro", rpm:"firefox-ro~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ru", rpm:"firefox-ru~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-si", rpm:"firefox-si~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-sk", rpm:"firefox-sk~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-sl", rpm:"firefox-sl~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-sq", rpm:"firefox-sq~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-sr", rpm:"firefox-sr~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-sv_SE", rpm:"firefox-sv_SE~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-te", rpm:"firefox-te~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-th", rpm:"firefox-th~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-tr", rpm:"firefox-tr~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-uk", rpm:"firefox-uk~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-zh_CN", rpm:"firefox-zh_CN~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-zh_TW", rpm:"firefox-zh_TW~3.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"librarian0", rpm:"librarian0~0.8.0~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"librarian-devel", rpm:"librarian-devel~0.8.0~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libtotem-plparser7", rpm:"libtotem-plparser7~2.20.1~1.9mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libtotem-plparser-devel", rpm:"libtotem-plparser-devel~2.20.1~1.9mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libxulrunner1.9", rpm:"libxulrunner1.9~1.9.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libxulrunner-devel", rpm:"libxulrunner-devel~1.9.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libxulrunner-unstable-devel", rpm:"libxulrunner-unstable-devel~1.9.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-firefox-ext-blogrovr", rpm:"mozilla-firefox-ext-blogrovr~1.1.798~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-firefox-ext-foxmarks", rpm:"mozilla-firefox-ext-foxmarks~2.7.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-firefox-ext-scribefire", rpm:"mozilla-firefox-ext-scribefire~3.2.3~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"rarian", rpm:"rarian~0.8.0~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"totem", rpm:"totem~2.20.1~1.9mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"totem-common", rpm:"totem-common~2.20.1~1.9mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"totem-gstreamer", rpm:"totem-gstreamer~2.20.1~1.9mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"totem-mozilla", rpm:"totem-mozilla~2.20.1~1.9mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"totem-mozilla-gstreamer", rpm:"totem-mozilla-gstreamer~2.20.1~1.9mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xulrunner", rpm:"xulrunner~1.9.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"yelp", rpm:"yelp~2.22.1~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64rarian0", rpm:"lib64rarian0~0.8.0~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64rarian-devel", rpm:"lib64rarian-devel~0.8.0~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64totem-plparser7", rpm:"lib64totem-plparser7~2.20.1~1.9mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64totem-plparser-devel", rpm:"lib64totem-plparser-devel~2.20.1~1.9mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xulrunner1.9", rpm:"lib64xulrunner1.9~1.9.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xulrunner-devel", rpm:"lib64xulrunner-devel~1.9.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xulrunner-unstable-devel", rpm:"lib64xulrunner-unstable-devel~1.9.0.15~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_292_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_292_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_292_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,114 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:292-1 (wireshark)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66390);
+ script_cve_id("CVE-2009-3550", "CVE-2009-3829");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:292-1 (wireshark)");
+
+ desc = "
+The remote host is missing an update to wireshark
+announced via advisory MDVSA-2009:292-1.
+
+Vulnerabilities have been discovered and corrected in wireshark,
+affecting DCERPC/NT dissector, which allows remote attackers to cause
+a denial of service (NULL pointer dereference and application crash)
+via a file that records a malformed packet trace (CVE-2009-3550); and
+in wiretap/erf.c which allows remote attackers to execute arbitrary
+code or cause a denial of service (application crash) via a crafted
+erf file (CVE-2009-3829).
+
+The wireshark package has been updated to fix these vulnerabilities.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:292-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:292-1 (wireshark)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"dumpcap", rpm:"dumpcap~1.0.10~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libwireshark0", rpm:"libwireshark0~1.0.10~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libwireshark-devel", rpm:"libwireshark-devel~1.0.10~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"rawshark", rpm:"rawshark~1.0.10~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tshark", rpm:"tshark~1.0.10~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"wireshark", rpm:"wireshark~1.0.10~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"wireshark-tools", rpm:"wireshark-tools~1.0.10~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64wireshark0", rpm:"lib64wireshark0~1.0.10~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64wireshark-devel", rpm:"lib64wireshark-devel~1.0.10~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_297_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_297_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_297_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,128 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:297-1 (ffmpeg)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66398);
+ script_cve_id("CVE-2008-3230", "CVE-2008-4869", "CVE-2009-0385");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:297-1 (ffmpeg)");
+
+ desc = "
+The remote host is missing an update to ffmpeg
+announced via advisory MDVSA-2009:297-1.
+
+Vulnerabilities have been discovered and corrected in ffmpeg:
+
+- The ffmpeg lavf demuxer allows user-assisted attackers to cause
+a denial of service (application crash) via a crafted GIF file
+(CVE-2008-3230)
+
+- FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers
+to cause a denial of service (memory consumption) via unknown vectors,
+aka a Tcp/udp memory leak. (CVE-2008-4869)
+
+- Integer signedness error in the fourxm_read_header function in
+libavformat/4xm.c in FFmpeg before revision 16846 allows remote
+attackers to execute arbitrary code via a malformed 4X movie file with
+a large current_track value, which triggers a NULL pointer dereference
+(CVE-2009-0385)
+
+The updated packages fix this issue.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:297-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:297-1 (ffmpeg)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"ffmpeg", rpm:"ffmpeg~0.4.9~3.pre1.8994.2.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libavformats51", rpm:"libavformats51~0.4.9~3.pre1.8994.2.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libavutil49", rpm:"libavutil49~0.4.9~3.pre1.8994.2.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libffmpeg51", rpm:"libffmpeg51~0.4.9~3.pre1.8994.2.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libffmpeg51-devel", rpm:"libffmpeg51-devel~0.4.9~3.pre1.8994.2.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libffmpeg51-static-devel", rpm:"libffmpeg51-static-devel~0.4.9~3.pre1.8994.2.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64avformats51", rpm:"lib64avformats51~0.4.9~3.pre1.8994.2.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64avutil49", rpm:"lib64avutil49~0.4.9~3.pre1.8994.2.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64ffmpeg51", rpm:"lib64ffmpeg51~0.4.9~3.pre1.8994.2.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64ffmpeg51-devel", rpm:"lib64ffmpeg51-devel~0.4.9~3.pre1.8994.2.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64ffmpeg51-static-devel", rpm:"lib64ffmpeg51-static-devel~0.4.9~3.pre1.8994.2.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_305.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_305.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_305.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,135 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:305 (php)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66359);
+ script_cve_id("CVE-2009-4017");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:305 (php)");
+
+ desc = "
+The remote host is missing an update to php
+announced via advisory MDVSA-2009:305.
+
+Some vulnerabilities were discovered and corrected in php:
+
+PHP 5.2.11, and 5.3.x before 5.3.1, does not restrict the number
+of temporary files created when handling a multipart/form-data POST
+request, which allows remote attackers to cause a denial of service
+(resource exhaustion), and makes it easier for remote attackers to
+exploit local file inclusion vulnerabilities, via multiple requests,
+related to lack of support for the max_file_uploads directive
+(CVE-2009-4017).
+
+The updated packages have been patched to correct these issues.
+
+Affected: Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:305
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:305 (php)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libphp_common432", rpm:"libphp_common432~4.3.4~4.32.C30mdk", rls:"MNDK_3.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php432-devel", rpm:"php432-devel~4.3.4~4.32.C30mdk", rls:"MNDK_3.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-cgi", rpm:"php-cgi~4.3.4~4.32.C30mdk", rls:"MNDK_3.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-cli", rpm:"php-cli~4.3.4~4.32.C30mdk", rls:"MNDK_3.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ini", rpm:"php-ini~4.3.4~1.2.C30mdk", rls:"MNDK_3.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64php_common432", rpm:"lib64php_common432~4.3.4~4.32.C30mdk", rls:"MNDK_3.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libphp4_common4", rpm:"libphp4_common4~4.4.4~1.13.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php4-cgi", rpm:"php4-cgi~4.4.4~1.13.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php4-cli", rpm:"php4-cli~4.4.4~1.13.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php4-devel", rpm:"php4-devel~4.4.4~1.13.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php4-ini", rpm:"php4-ini~4.4.4~1.1.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64php4_common4", rpm:"lib64php4_common4~4.4.4~1.13.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libphp_common432", rpm:"libphp_common432~4.3.4~4.32.C30mdk", rls:"MNDK_2.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php432-devel", rpm:"php432-devel~4.3.4~4.32.C30mdk", rls:"MNDK_2.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-cgi", rpm:"php-cgi~4.3.4~4.32.C30mdk", rls:"MNDK_2.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-cli", rpm:"php-cli~4.3.4~4.32.C30mdk", rls:"MNDK_2.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ini", rpm:"php-ini~4.3.4~1.2.C30mdk", rls:"MNDK_2.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_307_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_307_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_307_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,429 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:307-1 (libtool)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66402);
+ script_cve_id("CVE-2009-3736");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:307-1 (libtool)");
+
+ desc = "
+The remote host is missing an update to libtool
+announced via advisory MDVSA-2009:307-1.
+
+A vulnerability was discovered and corrected in libtool:
+
+All versions of libtool prior to 2.2.6b suffers from a local
+privilege escalation vulnerability that could be exploited under
+certain conditions to load arbitrary code (CVE-2009-3736).
+
+This advisory fixes this issue. Additionally, all applications
+embedding the libtool code were patched in order to avoid possible
+future exploitations of this issue.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:307-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:307-1 (libtool)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"arts", rpm:"arts~1.5.7~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"gcc", rpm:"gcc~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"gcc-c++", rpm:"gcc-c++~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"gcc-cpp", rpm:"gcc-cpp~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"gcc-doc", rpm:"gcc-doc~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"gcc-doc-pdf", rpm:"gcc-doc-pdf~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"gcc-gfortran", rpm:"gcc-gfortran~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"gcc-gnat", rpm:"gcc-gnat~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"gcc-java", rpm:"gcc-java~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"gcc-objc", rpm:"gcc-objc~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"gcc-objc++", rpm:"gcc-objc++~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"gcj-tools", rpm:"gcj-tools~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"heartbeat", rpm:"heartbeat~2.0.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"heartbeat-ldirectord", rpm:"heartbeat-ldirectord~2.0.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"heartbeat-pils", rpm:"heartbeat-pils~2.0.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"heartbeat-stonith", rpm:"heartbeat-stonith~2.0.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"imagemagick", rpm:"imagemagick~6.3.2.9~10.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"imagemagick-desktop", rpm:"imagemagick-desktop~6.3.2.9~10.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"imagemagick-doc", rpm:"imagemagick-doc~6.3.2.9~10.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libarts1", rpm:"libarts1~1.5.7~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libarts1-devel", rpm:"libarts1-devel~1.5.7~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libffi4", rpm:"libffi4~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libffi-devel", rpm:"libffi-devel~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgcc1", rpm:"libgcc1~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgcj8", rpm:"libgcj8~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgcj8-base", rpm:"libgcj8-base~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgcj8-src", rpm:"libgcj8-src~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgcj-devel", rpm:"libgcj-devel~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgcj-static-devel", rpm:"libgcj-static-devel~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgfortran2", rpm:"libgfortran2~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgnat1", rpm:"libgnat1~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgomp1", rpm:"libgomp1~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgomp-devel", rpm:"libgomp-devel~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libheartbeat1", rpm:"libheartbeat1~2.0.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libheartbeat1-devel", rpm:"libheartbeat1-devel~2.0.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libheartbeat-apphb0", rpm:"libheartbeat-apphb0~2.0.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libheartbeat-pils1", rpm:"libheartbeat-pils1~2.0.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libheartbeat-pils1-devel", rpm:"libheartbeat-pils1-devel~2.0.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libheartbeat-stonith1", rpm:"libheartbeat-stonith1~2.0.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libheartbeat-stonith1-devel", rpm:"libheartbeat-stonith1-devel~2.0.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libltdl3", rpm:"libltdl3~1.5.22~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libltdl3-devel", rpm:"libltdl3-devel~1.5.22~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libmagick10.7.0", rpm:"libmagick10.7.0~6.3.2.9~10.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libmagick10.7.0-devel", rpm:"libmagick10.7.0-devel~6.3.2.9~10.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libmudflap0", rpm:"libmudflap0~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libmudflap-devel", rpm:"libmudflap-devel~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libobjc2", rpm:"libobjc2~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libprelude2", rpm:"libprelude2~0.9.15.2~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libprelude-devel", rpm:"libprelude-devel~0.9.15.2~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libprelude-static-devel", rpm:"libprelude-static-devel~0.9.15.2~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libstdc++6", rpm:"libstdc++6~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libstdc++-devel", rpm:"libstdc++-devel~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libstdc++-static-devel", rpm:"libstdc++-static-devel~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libtool", rpm:"libtool~1.5.22~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libtool-base", rpm:"libtool-base~1.5.22~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libtunepimp5", rpm:"libtunepimp5~0.5.3~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libtunepimp-devel", rpm:"libtunepimp-devel~0.5.3~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"perl-Image-Magick", rpm:"perl-Image-Magick~6.3.2.9~10.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"perl-prelude", rpm:"perl-prelude~0.9.15.2~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"prelude-tools", rpm:"prelude-tools~0.9.15.2~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd", rpm:"proftpd~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-devel", rpm:"proftpd-devel~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_autohost", rpm:"proftpd-mod_autohost~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_ban", rpm:"proftpd-mod_ban~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_case", rpm:"proftpd-mod_case~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_ctrls_admin", rpm:"proftpd-mod_ctrls_admin~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_gss", rpm:"proftpd-mod_gss~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_ifsession", rpm:"proftpd-mod_ifsession~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_ldap", rpm:"proftpd-mod_ldap~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_load", rpm:"proftpd-mod_load~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_quotatab", rpm:"proftpd-mod_quotatab~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_quotatab_file", rpm:"proftpd-mod_quotatab_file~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_quotatab_ldap", rpm:"proftpd-mod_quotatab_ldap~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_quotatab_radius", rpm:"proftpd-mod_quotatab_radius~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_quotatab_sql", rpm:"proftpd-mod_quotatab_sql~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_radius", rpm:"proftpd-mod_radius~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_ratio", rpm:"proftpd-mod_ratio~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_rewrite", rpm:"proftpd-mod_rewrite~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_shaper", rpm:"proftpd-mod_shaper~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_site_misc", rpm:"proftpd-mod_site_misc~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_sql", rpm:"proftpd-mod_sql~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_sql_mysql", rpm:"proftpd-mod_sql_mysql~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_sql_postgres", rpm:"proftpd-mod_sql_postgres~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_time", rpm:"proftpd-mod_time~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_tls", rpm:"proftpd-mod_tls~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_wrap", rpm:"proftpd-mod_wrap~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_wrap_file", rpm:"proftpd-mod_wrap_file~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"proftpd-mod_wrap_sql", rpm:"proftpd-mod_wrap_sql~1.3.2~0.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"python-prelude", rpm:"python-prelude~0.9.15.2~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"python-tunepimp", rpm:"python-tunepimp~0.5.3~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"smalltalk", rpm:"smalltalk~2.3.3~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tunepimp-plugins", rpm:"tunepimp-plugins~0.5.3~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"tunepimp-utils", rpm:"tunepimp-utils~0.5.3~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64arts1", rpm:"lib64arts1~1.5.7~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64arts1-devel", rpm:"lib64arts1-devel~1.5.7~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64gcj8", rpm:"lib64gcj8~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64gcj-devel", rpm:"lib64gcj-devel~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64gcj-static-devel", rpm:"lib64gcj-static-devel~4.2.2~3.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64heartbeat1", rpm:"lib64heartbeat1~2.0.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64heartbeat1-devel", rpm:"lib64heartbeat1-devel~2.0.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64heartbeat-apphb0", rpm:"lib64heartbeat-apphb0~2.0.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64heartbeat-pils1", rpm:"lib64heartbeat-pils1~2.0.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64heartbeat-pils1-devel", rpm:"lib64heartbeat-pils1-devel~2.0.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64heartbeat-stonith1", rpm:"lib64heartbeat-stonith1~2.0.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64heartbeat-stonith1-devel", rpm:"lib64heartbeat-stonith1-devel~2.0.8~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64ltdl3", rpm:"lib64ltdl3~1.5.22~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64ltdl3-devel", rpm:"lib64ltdl3-devel~1.5.22~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64magick10.7.0", rpm:"lib64magick10.7.0~6.3.2.9~10.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64magick10.7.0-devel", rpm:"lib64magick10.7.0-devel~6.3.2.9~10.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64prelude2", rpm:"lib64prelude2~0.9.15.2~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64prelude-devel", rpm:"lib64prelude-devel~0.9.15.2~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64prelude-static-devel", rpm:"lib64prelude-static-devel~0.9.15.2~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64tunepimp5", rpm:"lib64tunepimp5~0.5.3~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64tunepimp-devel", rpm:"lib64tunepimp-devel~0.5.3~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_308.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_308.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_308.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,107 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:308 (gnutls)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66371);
+ script_cve_id("CVE-2009-1417", "CVE-2009-2730");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:308 (gnutls)");
+
+ desc = "
+The remote host is missing an update to gnutls
+announced via advisory MDVSA-2009:308.
+
+Multiple vulnerabilities has been found and corrected in gnutls:
+
+gnutls-cli in GnuTLS before 2.6.6 does not verify the activation
+and expiration times of X.509 certificates, which allows remote
+attackers to successfully present a certificate that is (1) not yet
+valid or (2) no longer valid, related to lack of time checks in the
+_gnutls_x509_verify_certificate function in lib/x509/verify.c in
+libgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup
+(CVE-2009-1417).
+
+A vulnerability have been discovered and corrected in GnuTLS
+before 2.8.2, which could allow man-in-the-middle attackers to spoof
+arbitrary SSL servers via a crafted certificate issued by a legitimate
+Certification Authority (CVE-2009-2730).
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+This update fixes this vulnerability.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:308
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:308 (gnutls)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"gnutls", rpm:"gnutls~2.0.0~2.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgnutls13", rpm:"libgnutls13~2.0.0~2.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgnutls-devel", rpm:"libgnutls-devel~2.0.0~2.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64gnutls13", rpm:"lib64gnutls13~2.0.0~2.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64gnutls-devel", rpm:"lib64gnutls-devel~2.0.0~2.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_309.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_309.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_309.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,98 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:309 (ntp)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66368);
+ script_cve_id("CVE-2009-0159", "CVE-2009-1252");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:309 (ntp)");
+
+ desc = "
+The remote host is missing an update to ntp
+announced via advisory MDVSA-2009:309.
+
+Multiple vulnerabilities has been found and corrected in ntp:
+
+Requesting peer information from a malicious remote time server
+may lead to an unexpected application termination or arbitrary code
+execution (CVE-2009-0159).
+
+A buffer overflow flaw was discovered in the ntpd daemon's NTPv4
+authentication code. If ntpd was configured to use public key
+cryptography for NTP packet authentication, a remote attacker could
+use this flaw to send a specially-crafted request packet that could
+crash ntpd (CVE-2009-1252).
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+The updated packages have been patched to prevent this.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:309
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:309 (ntp)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"ntp", rpm:"ntp~4.2.4~10.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ntp-client", rpm:"ntp-client~4.2.4~10.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ntp-doc", rpm:"ntp-doc~4.2.4~10.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_310.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_310.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_310.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,102 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:310 (openssl)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66370);
+ script_cve_id("CVE-2009-1377", "CVE-2009-1378", "CVE-2009-1379", "CVE-2009-1386", "CVE-2009-1387", "CVE-2009-2409");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:310 (openssl)");
+
+ desc = "
+The remote host is missing an update to openssl
+announced via advisory MDVSA-2009:310.
+
+For details on the issues addressed with this update, please
+visit the referenced security advisories.
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+The updated packages have been patched to prevent this.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:310
+http://marc.info/?l=openssl-cvs&m=124508133203041&w=2
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:310 (openssl)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libopenssl0.9.8", rpm:"libopenssl0.9.8~0.9.8e~8.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libopenssl0.9.8-devel", rpm:"libopenssl0.9.8-devel~0.9.8e~8.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libopenssl0.9.8-static-devel", rpm:"libopenssl0.9.8-static-devel~0.9.8e~8.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"openssl", rpm:"openssl~0.9.8e~8.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64openssl0.9.8", rpm:"lib64openssl0.9.8~0.9.8e~8.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64openssl0.9.8-devel", rpm:"lib64openssl0.9.8-devel~0.9.8e~8.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64openssl0.9.8-static-devel", rpm:"lib64openssl0.9.8-static-devel~0.9.8e~8.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_311.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_311.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_311.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,122 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:311 (ghostscript)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66380);
+ script_cve_id("CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0583", "CVE-2009-0584", "CVE-2009-0792", "CVE-2009-0196", "CVE-2008-3520", "CVE-2008-3522");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:311 (ghostscript)");
+
+ desc = "
+The remote host is missing an update to ghostscript
+announced via advisory MDVSA-2009:311.
+
+For details on the issues addressed with this update, please
+visit the referenced security advisories.
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+This update provides fixes for that vulnerabilities.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:311
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:311 (ghostscript)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"ghostscript", rpm:"ghostscript~8.60~55.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ghostscript-common", rpm:"ghostscript-common~8.60~55.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ghostscript-doc", rpm:"ghostscript-doc~8.60~55.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ghostscript-dvipdf", rpm:"ghostscript-dvipdf~8.60~55.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ghostscript-module-X", rpm:"ghostscript-module-X~8.60~55.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ghostscript-X", rpm:"ghostscript-X~8.60~55.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgs8", rpm:"libgs8~8.60~55.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgs8-devel", rpm:"libgs8-devel~8.60~55.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libijs1", rpm:"libijs1~0.35~55.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libijs1-devel", rpm:"libijs1-devel~0.35~55.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64gs8", rpm:"lib64gs8~8.60~55.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64gs8-devel", rpm:"lib64gs8-devel~8.60~55.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64ijs1", rpm:"lib64ijs1~0.35~55.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64ijs1-devel", rpm:"lib64ijs1-devel~0.35~55.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_312.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_312.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_312.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,120 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:312 (dhcp)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66386);
+ script_cve_id("CVE-2007-0062", "CVE-2009-0692", "CVE-2009-1892");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:312 (dhcp)");
+
+ desc = "
+The remote host is missing an update to dhcp
+announced via advisory MDVSA-2009:312.
+
+A vulnerability has been found and corrected in ISC DHCP:
+
+Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before
+3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build
+56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455
+and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and
+ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528;
+allows remote attackers to cause a denial of service (daemon crash)
+or execute arbitrary code via a malformed DHCP packet with a large
+dhcp-max-message-size that triggers a stack-based buffer overflow,
+related to servers configured to send many DHCP options to clients
+(CVE-2007-0062).
+
+Stack-based buffer overflow in the script_write_params method in
+client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0
+before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP
+servers to execute arbitrary code via a crafted subnet-mask option
+(CVE-2009-0692).
+
+ISC DHCP Server is vulnerable to a denial of service, caused by the
+improper handling of DHCP requests. If the host definitions are mixed
+using dhcp-client-identifier and hardware ethernet, a remote attacker
+could send specially-crafted DHCP requests to cause the server to
+stop responding (CVE-2009-1892).
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+This update provides fixes for this vulnerability.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:312
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:312 (dhcp)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"dhcp-client", rpm:"dhcp-client~3.0.7~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"dhcp-common", rpm:"dhcp-common~3.0.7~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"dhcp-devel", rpm:"dhcp-devel~3.0.7~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"dhcp-doc", rpm:"dhcp-doc~3.0.7~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"dhcp-relay", rpm:"dhcp-relay~3.0.7~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"dhcp-server", rpm:"dhcp-server~3.0.7~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_313_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_313_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_313_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,100 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:313-1 (bind)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66373);
+ script_cve_id("CVE-2009-4022");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:313-1 (bind)");
+
+ desc = "
+The remote host is missing an update to bind
+announced via advisory MDVSA-2009:313-1.
+
+Some vulnerabilities were discovered and corrected in bind:
+
+Unspecified vulnerability in ISC BIND 9.4 before 9.4.3-P4, 9.5
+before 9.5.2-P1, 9.6 before 9.6.1-P2, 9.7 beta before 9.7.0b3,
+and 9.0.x through 9.3.x with DNSSEC validation enabled and checking
+disabled (CD), allows remote attackers to conduct DNS cache poisoning
+attacks via additional sections in a response sent for resolution
+of a recursive client query, which is not properly handled when the
+response is processed at the same time as requesting DNSSEC records
+(DO). (CVE-2009-4022).
+
+Additionally BIND has been upgraded to the latest point release or
+closest supported version by ISC.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:313-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:313-1 (bind)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"bind", rpm:"bind~9.4.3~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-devel", rpm:"bind-devel~9.4.3~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-utils", rpm:"bind-utils~9.4.3~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_314.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_314.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_314.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,145 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:314 (apr)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66395);
+ script_cve_id("CVE-2009-2412", "CVE-2009-0023", "CVE-2003-1564", "CVE-2009-1955", "CVE-2009-1956");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:314 (apr)");
+
+ desc = "
+The remote host is missing an update to apr
+announced via advisory MDVSA-2009:314.
+
+Multiple security vulnerabilities has been identified and fixed in
+apr and apr-util:
+
+Multiple integer overflows in the Apache Portable Runtime (APR)
+library and the Apache Portable Utility library (aka APR-util)
+0.9.x and 1.3.x allow remote attackers to cause a denial of service
+(application crash) or possibly execute arbitrary code via vectors that
+trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc
+function in memory/unix/apr_pools.c in APR; or crafted calls to
+the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc
+function in misc/apr_rmm.c in APR-util; leading to buffer overflows.
+NOTE: some of these details are obtained from third party information
+(CVE-2009-2412).
+
+The apr_strmatch_precompile function in strmatch/apr_strmatch.c in
+Apache APR-util before 1.3.5 allows remote attackers to cause a denial
+of service (daemon crash) via crafted input involving (1) a .htaccess
+file used with the Apache HTTP Server, (2) the SVNMasterURI directive
+in the mod_dav_svn module in the Apache HTTP Server, (3) the mod_apreq2
+module for the Apache HTTP Server, or (4) an application that uses
+the libapreq2 library, related to an underflow flaw. (CVE-2009-0023).
+
+The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in
+Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn
+modules in the Apache HTTP Server, allows remote attackers to
+cause a denial of service (memory consumption) via a crafted XML
+document containing a large number of nested entity references, as
+demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564
+(CVE-2009-1955).
+
+Off-by-one error in the apr_brigade_vprintf function in Apache APR-util
+before 1.3.5 on big-endian platforms allows remote attackers to obtain
+sensitive information or cause a denial of service (application crash)
+via crafted input (CVE-2009-1956).
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+The updated packages have been patched to prevent this.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:314
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:314 (apr)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"apr-util-dbd-mysql", rpm:"apr-util-dbd-mysql~1.2.10~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apr-util-dbd-pgsql", rpm:"apr-util-dbd-pgsql~1.2.10~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apr-util-dbd-sqlite3", rpm:"apr-util-dbd-sqlite3~1.2.10~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libapr1", rpm:"libapr1~1.2.11~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libapr-devel", rpm:"libapr-devel~1.2.11~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libapr-util1", rpm:"libapr-util1~1.2.10~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libapr-util-devel", rpm:"libapr-util-devel~1.2.10~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64apr1", rpm:"lib64apr1~1.2.11~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64apr-devel", rpm:"lib64apr-devel~1.2.11~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64apr-util1", rpm:"lib64apr-util1~1.2.10~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64apr-util-devel", rpm:"lib64apr-util-devel~1.2.10~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_315.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_315.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_315.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,122 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:315 (libneon)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66384);
+ script_cve_id("CVE-2009-2408", "CVE-2009-2474");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:315 (libneon)");
+
+ desc = "
+The remote host is missing an update to libneon
+announced via advisory MDVSA-2009:315.
+
+A vulnerability has been found and corrected in libneo:
+
+neon before 0.28.6, when OpenSSL is used, does not properly handle a
+NUL character in a domain name in the subject's Common Name
+(CN) field of an X.509 certificate, which allows man-in-the-middle
+attackers to spoof arbitrary SSL servers via a crafted certificate
+issued by a legitimate Certification Authority, a related issue to
+CVE-2009-2408 (CVE-2009-2474).
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+This update provides a solution to these vulnerabilities.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:315
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:315 (libneon)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libneon0.24", rpm:"libneon0.24~0.24.7~19.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libneon0.24-devel", rpm:"libneon0.24-devel~0.24.7~19.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libneon0.24-static-devel", rpm:"libneon0.24-static-devel~0.24.7~19.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libneon0.26", rpm:"libneon0.26~0.26.4~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libneon0.26-devel", rpm:"libneon0.26-devel~0.26.4~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libneon0.26-static-devel", rpm:"libneon0.26-static-devel~0.26.4~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64neon0.24", rpm:"lib64neon0.24~0.24.7~19.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64neon0.24-devel", rpm:"lib64neon0.24-devel~0.24.7~19.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64neon0.24-static-devel", rpm:"lib64neon0.24-static-devel~0.24.7~19.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64neon0.26", rpm:"lib64neon0.26~0.26.4~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64neon0.26-devel", rpm:"lib64neon0.26-devel~0.26.4~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64neon0.26-static-devel", rpm:"lib64neon0.26-static-devel~0.26.4~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_317.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_317.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_317.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,117 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:317 (netpbm)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66411);
+ script_cve_id("CVE-2008-3520", "CVE-2008-3522", "CVE-2008-4799");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:317 (netpbm)");
+
+ desc = "
+The remote host is missing an update to netpbm
+announced via advisory MDVSA-2009:317.
+
+Multiple security vulnerabilities has been identified and fixed
+in netpbm:
+
+Multiple integer overflows in JasPer 1.900.1 might allow
+context-dependent attackers to have an unknown impact via a crafted
+image file, related to integer multiplication for memory allocation
+(CVE-2008-3520).
+
+Buffer overflow in the jas_stream_printf function in
+libjasper/base/jas_stream.c in JasPer 1.900.1 might allow
+context-dependent attackers to have an unknown impact via
+vectors related to the mif_hdr_put function and use of vsprintf
+(CVE-2008-3522).
+
+pamperspective in Netpbm before 10.35.48 does not properly calculate
+a window height, which allows context-dependent attackers to cause a
+denial of service (crash) via a crafted image file that triggers an
+out-of-bounds read (CVE-2008-4799).
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+This update fixes this vulnerability.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:317
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:317 (netpbm)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libnetpbm10", rpm:"libnetpbm10~10.34~8.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libnetpbm-devel", rpm:"libnetpbm-devel~10.34~8.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libnetpbm-static-devel", rpm:"libnetpbm-static-devel~10.34~8.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"netpbm", rpm:"netpbm~10.34~8.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64netpbm10", rpm:"lib64netpbm10~10.34~8.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64netpbm-devel", rpm:"lib64netpbm-devel~10.34~8.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64netpbm-static-devel", rpm:"lib64netpbm-static-devel~10.34~8.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_318.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_318.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_318.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,143 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:318 (xmlsec1)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66400);
+ script_cve_id("CVE-2009-0217", "CVE-2009-3736");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:318 (xmlsec1)");
+
+ desc = "
+The remote host is missing an update to xmlsec1
+announced via advisory MDVSA-2009:318.
+
+Multiple security vulnerabilities has been identified and fixed
+in xmlsec1:
+
+A missing check for the recommended minimum length of the truncated
+form of HMAC-based XML signatures was found in xmlsec1 prior to
+1.2.12. An attacker could use this flaw to create a specially-crafted
+XML file that forges an XML signature, allowing the attacker to
+bypass authentication that is based on the XML Signature specification
+(CVE-2009-0217).
+
+All versions of libtool prior to 2.2.6b suffers from a local
+privilege escalation vulnerability that could be exploited under
+certain conditions to load arbitrary code (CVE-2009-3736).
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+This update fixes this vulnerability.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:318
+http://www.kb.cert.org/vuls/id/466161
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:318 (xmlsec1)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libxmlsec1-1", rpm:"libxmlsec1-1~1.2.10~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libxmlsec1-devel", rpm:"libxmlsec1-devel~1.2.10~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libxmlsec1-gnutls1", rpm:"libxmlsec1-gnutls1~1.2.10~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libxmlsec1-gnutls-devel", rpm:"libxmlsec1-gnutls-devel~1.2.10~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libxmlsec1-nss1", rpm:"libxmlsec1-nss1~1.2.10~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libxmlsec1-nss-devel", rpm:"libxmlsec1-nss-devel~1.2.10~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libxmlsec1-openssl1", rpm:"libxmlsec1-openssl1~1.2.10~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libxmlsec1-openssl-devel", rpm:"libxmlsec1-openssl-devel~1.2.10~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xmlsec1", rpm:"xmlsec1~1.2.10~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xmlsec1-1", rpm:"lib64xmlsec1-1~1.2.10~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xmlsec1-devel", rpm:"lib64xmlsec1-devel~1.2.10~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xmlsec1-gnutls1", rpm:"lib64xmlsec1-gnutls1~1.2.10~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xmlsec1-gnutls-devel", rpm:"lib64xmlsec1-gnutls-devel~1.2.10~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xmlsec1-nss1", rpm:"lib64xmlsec1-nss1~1.2.10~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xmlsec1-nss-devel", rpm:"lib64xmlsec1-nss-devel~1.2.10~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xmlsec1-openssl1", rpm:"lib64xmlsec1-openssl1~1.2.10~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xmlsec1-openssl-devel", rpm:"lib64xmlsec1-openssl-devel~1.2.10~5.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_319.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_319.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_319.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,183 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:319 (xine-lib)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66401);
+ script_cve_id("CVE-2008-3231", "CVE-2008-5233", "CVE-2008-5234", "CVE-2008-5236", "CVE-2008-5237", "CVE-2008-5239", "CVE-2008-5240", "CVE-2008-5241", "CVE-2008-5243", "CVE-2008-5245", "CVE-2008-5246", "CVE-2009-1274", "CVE-2009-0385", "CVE-2009-0698");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:319 (xine-lib)");
+
+ desc = "
+The remote host is missing an update to xine-lib
+announced via advisory MDVSA-2009:319.
+
+Vulnerabilities have been discovered and corrected in xine-lib:
+
+Failure on Ogg files manipulation can lead remote attackers to cause
+a denial of service by using crafted files (CVE-2008-3231).
+
+Failure on manipulation of either MNG or Real or MOD files can lead
+remote attackers to cause a denial of service by using crafted files
+(CVE: CVE-2008-5233).
+
+Heap-based overflow allows remote attackers to execute arbitrary
+code by using Quicktime media files holding crafted metadata
+(CVE-2008-5234).
+
+Heap-based overflow allows remote attackers to execute arbitrary code
+by using either crafted Matroska or Real media files (CVE-2008-5236).
+
+Failure on manipulation of either MNG or Quicktime files can lead
+remote attackers to cause a denial of service by using crafted files
+(CVE-2008-5237).
+
+Multiple heap-based overflow on input plugins (http, net, smb, dvd,
+dvb, rtsp, rtp, pvr, pnm, file, gnome_vfs, mms) allow attackers to
+execute arbitrary code by handling that input channels. Further
+this problem can even lead attackers to cause denial of service
+(CVE-2008-5239).
+
+Heap-based overflow allows attackers to execute arbitrary code by using
+crafted Matroska media files (MATROSKA_ID_TR_CODECPRIVATE track entry
+element). Further a failure on handling of Real media files (CONT_TAG
+header) can lead to a denial of service attack (CVE-2008-5240).
+
+Integer underflow allows remote attackers to cause denial of service
+by using Quicktime media files (CVE-2008-5241).
+
+Failure on manipulation of Real media files can lead remote attackers
+to cause a denial of service by indexing an allocated buffer with a
+certain input value in a crafted file (CVE-2008-5243).
+
+Vulnerabilities of unknown impact - possibly buffer overflow - caused
+by a condition of video frame preallocation before ascertaining the
+required length in V4L video input plugin (CVE-2008-5245).
+
+Heap-based overflow allows remote attackers to execute arbitrary
+code by using crafted media files. This vulnerability is in the
+manipulation of ID3 audio file data tagging mainly used in MP3 file
+formats (CVE-2008-5246).
+
+Integer overflow in the qt_error parse_trak_atom function in
+demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote
+attackers to execute arbitrary code via a Quicktime movie file with a
+large count value in an STTS atom, which triggers a heap-based buffer
+overflow (CVE-2009-1274)
+
+Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c) in xine-lib
+1.1.16.1 allows remote attackers to cause a denial of service (crash)
+and possibly execute arbitrary code via a 4X movie file with a large
+current_track value, a similar issue to CVE-2009-0385 (CVE-2009-0698)
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+This update fixes these issues.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:319
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:319 (xine-lib)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libxine1", rpm:"libxine1~1.1.8~4.8mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libxine-devel", rpm:"libxine-devel~1.1.8~4.8mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xine-aa", rpm:"xine-aa~1.1.8~4.8mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xine-caca", rpm:"xine-caca~1.1.8~4.8mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xine-dxr3", rpm:"xine-dxr3~1.1.8~4.8mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xine-esd", rpm:"xine-esd~1.1.8~4.8mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xine-flac", rpm:"xine-flac~1.1.8~4.8mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xine-gnomevfs", rpm:"xine-gnomevfs~1.1.8~4.8mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xine-image", rpm:"xine-image~1.1.8~4.8mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xine-jack", rpm:"xine-jack~1.1.8~4.8mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xine-plugins", rpm:"xine-plugins~1.1.8~4.8mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xine-pulse", rpm:"xine-pulse~1.1.8~4.8mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xine-sdl", rpm:"xine-sdl~1.1.8~4.8mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xine-smb", rpm:"xine-smb~1.1.8~4.8mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xine1", rpm:"lib64xine1~1.1.8~4.8mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xine-devel", rpm:"lib64xine-devel~1.1.8~4.8mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_320.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_320.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_320.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,151 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:320 (samba)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66405);
+ script_cve_id("CVE-2009-1888", "CVE-2009-2813", "CVE-2009-2906", "CVE-2009-2948");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:320 (samba)");
+
+ desc = "
+The remote host is missing an update to samba
+announced via advisory MDVSA-2009:320.
+
+Multiple vulnerabilities has been found and corrected in samba:
+
+The acl_group_override function in smbd/posix_acls.c in smbd in Samba
+3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before
+3.3.6, when dos filemode is enabled, allows remote attackers to modify
+access control lists for files via vectors related to read access to
+uninitialized memory (CVE-2009-1888).
+
+The SMB (aka Samba) subsystem in Apple Mac OS X 10.5.8, when Windows
+File Sharing is enabled, does not properly handle errors in resolving
+pathnames, which allows remote authenticated users to bypass intended
+sharing restrictions, and read, create, or modify files, in certain
+circumstances involving user accounts that lack home directories
+(CVE-2009-2813).
+
+smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8,
+and 3.4 before 3.4.2 allows remote authenticated users to cause a
+denial of service (infinite loop) via an unanticipated oplock break
+notification reply packet (CVE-2009-2906).
+
+mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before
+3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root,
+does not properly enforce permissions, which allows local users to
+read part of the credentials file and obtain the password by specifying
+the path to the credentials file and using the --verbose or -v option
+(CVE-2009-2948).
+
+The version of samba shipping with Mandriva Linux 2008.0 has been
+updated to the latest version (3.0.37) that includes the fixes for
+these issues.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:320
+http://www.samba.org/samba/security/CVE-2009-2813.html
+http://www.samba.org/samba/security/CVE-2009-2906.html
+http://www.samba.org/samba/security/CVE-2009-2948.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:320 (samba)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libsmbclient0", rpm:"libsmbclient0~3.0.37~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsmbclient0-devel", rpm:"libsmbclient0-devel~3.0.37~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libsmbclient0-static-devel", rpm:"libsmbclient0-static-devel~3.0.37~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mount-cifs", rpm:"mount-cifs~3.0.37~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"nss_wins", rpm:"nss_wins~3.0.37~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"samba-client", rpm:"samba-client~3.0.37~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"samba-common", rpm:"samba-common~3.0.37~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"samba-doc", rpm:"samba-doc~3.0.37~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"samba-server", rpm:"samba-server~3.0.37~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"samba-swat", rpm:"samba-swat~3.0.37~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"samba-vscan-icap", rpm:"samba-vscan-icap~3.0.37~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"samba-winbind", rpm:"samba-winbind~3.0.37~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64smbclient0", rpm:"lib64smbclient0~3.0.37~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64smbclient0-devel", rpm:"lib64smbclient0-devel~3.0.37~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64smbclient0-static-devel", rpm:"lib64smbclient0-static-devel~3.0.37~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_321.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_321.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_321.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,130 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:321 (pidgin)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66406);
+ script_cve_id("CVE-2008-3532", "CVE-2008-2955", "CVE-2008-2957", "CVE-2009-1373", "CVE-2009-1374", "CVE-2009-1375", "CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1889", "CVE-2009-2694", "CVE-2009-3025", "CVE-2009-3026", "CVE-2009-2703", "CVE-2009-3083", "CVE-2009-3084", "CVE-2009-3085");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:321 (pidgin)");
+
+ desc = "
+The remote host is missing an update to pidgin
+announced via advisory MDVSA-2009:321.
+
+For details on the issues addressed with this update, please
+visit the referenced security advisories.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:321
+http://pidgin.im/news/security/
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:321 (pidgin)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"finch", rpm:"finch~2.6.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libfinch0", rpm:"libfinch0~2.6.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libpurple0", rpm:"libpurple0~2.6.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libpurple-devel", rpm:"libpurple-devel~2.6.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"pidgin", rpm:"pidgin~2.6.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"pidgin-bonjour", rpm:"pidgin-bonjour~2.6.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"pidgin-client", rpm:"pidgin-client~2.6.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"pidgin-gevolution", rpm:"pidgin-gevolution~2.6.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"pidgin-i18n", rpm:"pidgin-i18n~2.6.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"pidgin-meanwhile", rpm:"pidgin-meanwhile~2.6.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"pidgin-mono", rpm:"pidgin-mono~2.6.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"pidgin-perl", rpm:"pidgin-perl~2.6.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"pidgin-plugins", rpm:"pidgin-plugins~2.6.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"pidgin-silc", rpm:"pidgin-silc~2.6.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"pidgin-tcl", rpm:"pidgin-tcl~2.6.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64finch0", rpm:"lib64finch0~2.6.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64purple0", rpm:"lib64purple0~2.6.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64purple-devel", rpm:"lib64purple-devel~2.6.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_322.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_322.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_322.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,164 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:322 (mono)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66415);
+ script_cve_id("CVE-2007-5197", "CVE-2008-3422", "CVE-2008-3906", "CVE-2009-0217");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:322 (mono)");
+
+ desc = "
+The remote host is missing an update to mono
+announced via advisory MDVSA-2009:322.
+
+Multiple vulnerabilities has been found and corrected in mono:
+
+IOActive Inc. found a buffer overflow in Mono.Math.BigInteger class
+in Mono 1.2.5.1 and previous versions, which allows arbitrary code
+execution by context-dependent attackers (CVE-2007-5197).
+
+Multiple cross-site scripting (XSS) vulnerabilities in the ASP.net
+class libraries in Mono 2.0 and earlier allow remote attackers to
+inject arbitrary web script or HTML via crafted attributes related to
+(1) HtmlControl.cs (PreProcessRelativeReference), (2) HtmlForm.cs
+(RenderAttributes), (3) HtmlInputButton (RenderAttributes),
+(4) HtmlInputRadioButton (RenderAttributes), and (5) HtmlSelect
+(RenderChildren) (CVE-2008-3422).
+
+CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows
+remote attackers to inject arbitrary HTTP headers and conduct HTTP
+response splitting attacks via CRLF sequences in the query string
+(CVE-2008-3906).
+
+The XML HMAC signature system did not correctly check certain
+lengths. If an attacker sent a truncated HMAC, it could bypass
+authentication, leading to potential privilege escalation
+(CVE-2009-0217).
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+The updated packages have been patched to fix these issues.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:322
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:322 (mono)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"jay", rpm:"jay~1.2.5~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libmono0", rpm:"libmono0~1.2.5~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libmono-devel", rpm:"libmono-devel~1.2.5~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mono", rpm:"mono~1.2.5~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mono-bytefx-data-mysql", rpm:"mono-bytefx-data-mysql~1.2.5~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mono-data", rpm:"mono-data~1.2.5~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mono-data-firebird", rpm:"mono-data-firebird~1.2.5~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mono-data-oracle", rpm:"mono-data-oracle~1.2.5~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mono-data-postgresql", rpm:"mono-data-postgresql~1.2.5~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mono-data-sqlite", rpm:"mono-data-sqlite~1.2.5~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mono-data-sybase", rpm:"mono-data-sybase~1.2.5~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mono-doc", rpm:"mono-doc~1.2.5~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mono-extras", rpm:"mono-extras~1.2.5~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mono-ibm-data-db2", rpm:"mono-ibm-data-db2~1.2.5~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mono-jscript", rpm:"mono-jscript~1.2.5~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mono-locale-extras", rpm:"mono-locale-extras~1.2.5~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mono-nunit", rpm:"mono-nunit~1.2.5~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mono-web", rpm:"mono-web~1.2.5~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mono-winforms", rpm:"mono-winforms~1.2.5~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64mono0", rpm:"lib64mono0~1.2.5~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64mono-devel", rpm:"lib64mono-devel~1.2.5~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_323.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_323.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_323.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,147 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:323 (apache)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66414);
+ script_cve_id("CVE-2008-1678", "CVE-2009-1191", "CVE-2008-2939", "CVE-2009-1195", "CVE-2009-1890", "CVE-2009-1891", "CVE-2009-3094", "CVE-2009-3095", "CVE-2009-3555");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:323 (apache)");
+
+ desc = "
+The remote host is missing an update to apache
+announced via advisory MDVSA-2009:323.
+
+For details on the issues addressed with this update, please
+visit the referenced security advisories.
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+This update provides a solution to these vulnerabilities.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:323
+http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:323 (apache)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"apache-base", rpm:"apache-base~2.2.6~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-devel", rpm:"apache-devel~2.2.6~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-htcacheclean", rpm:"apache-htcacheclean~2.2.6~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-mod_authn_dbd", rpm:"apache-mod_authn_dbd~2.2.6~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-mod_cache", rpm:"apache-mod_cache~2.2.6~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-mod_dav", rpm:"apache-mod_dav~2.2.6~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-mod_dbd", rpm:"apache-mod_dbd~2.2.6~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-mod_deflate", rpm:"apache-mod_deflate~2.2.6~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-mod_disk_cache", rpm:"apache-mod_disk_cache~2.2.6~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-mod_file_cache", rpm:"apache-mod_file_cache~2.2.6~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-mod_ldap", rpm:"apache-mod_ldap~2.2.6~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-mod_mem_cache", rpm:"apache-mod_mem_cache~2.2.6~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-mod_proxy", rpm:"apache-mod_proxy~2.2.6~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-mod_proxy_ajp", rpm:"apache-mod_proxy_ajp~2.2.6~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-mod_ssl", rpm:"apache-mod_ssl~2.2.6~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-modules", rpm:"apache-modules~2.2.6~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-mod_userdir", rpm:"apache-mod_userdir~2.2.6~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-mpm-event", rpm:"apache-mpm-event~2.2.6~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-mpm-itk", rpm:"apache-mpm-itk~2.2.6~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-mpm-prefork", rpm:"apache-mpm-prefork~2.2.6~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-mpm-worker", rpm:"apache-mpm-worker~2.2.6~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-source", rpm:"apache-source~2.2.6~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_324.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_324.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_324.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,287 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:324 (php)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66420);
+ script_cve_id("CVE-2008-7068", "CVE-2009-1271", "CVE-2009-2687", "CVE-2009-3291", "CVE-2009-3292", "CVE-2009-3293", "CVE-2009-3546", "CVE-2009-3557", "CVE-2009-3558", "CVE-2009-4017", "CVE-2009-4018");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:324 (php)");
+
+ desc = "
+The remote host is missing an update to php
+announced via advisory MDVSA-2009:324.
+
+For details on the issues addressed with this update, please
+visit the referenced security advisories.
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+This update provides a solution to these vulnerabilities.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:324
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:324 (php)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libphp5_common5", rpm:"libphp5_common5~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-bcmath", rpm:"php-bcmath~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-bz2", rpm:"php-bz2~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-calendar", rpm:"php-calendar~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-cgi", rpm:"php-cgi~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-cli", rpm:"php-cli~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ctype", rpm:"php-ctype~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-curl", rpm:"php-curl~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-dba", rpm:"php-dba~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-dbase", rpm:"php-dbase~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-devel", rpm:"php-devel~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-dom", rpm:"php-dom~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-exif", rpm:"php-exif~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-fcgi", rpm:"php-fcgi~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-filter", rpm:"php-filter~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ftp", rpm:"php-ftp~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-gd", rpm:"php-gd~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-gettext", rpm:"php-gettext~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-gmp", rpm:"php-gmp~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-hash", rpm:"php-hash~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-iconv", rpm:"php-iconv~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-imap", rpm:"php-imap~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ini", rpm:"php-ini~5.2.4~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-json", rpm:"php-json~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ldap", rpm:"php-ldap~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mbstring", rpm:"php-mbstring~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mcrypt", rpm:"php-mcrypt~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mhash", rpm:"php-mhash~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mime_magic", rpm:"php-mime_magic~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ming", rpm:"php-ming~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mssql", rpm:"php-mssql~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mysql", rpm:"php-mysql~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mysqli", rpm:"php-mysqli~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ncurses", rpm:"php-ncurses~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-odbc", rpm:"php-odbc~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-openssl", rpm:"php-openssl~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pcntl", rpm:"php-pcntl~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo", rpm:"php-pdo~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_dblib", rpm:"php-pdo_dblib~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_mysql", rpm:"php-pdo_mysql~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_odbc", rpm:"php-pdo_odbc~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_pgsql", rpm:"php-pdo_pgsql~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_sqlite", rpm:"php-pdo_sqlite~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pgsql", rpm:"php-pgsql~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-posix", rpm:"php-posix~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pspell", rpm:"php-pspell~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-readline", rpm:"php-readline~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-recode", rpm:"php-recode~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-session", rpm:"php-session~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-shmop", rpm:"php-shmop~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-simplexml", rpm:"php-simplexml~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-snmp", rpm:"php-snmp~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-soap", rpm:"php-soap~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sockets", rpm:"php-sockets~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sqlite", rpm:"php-sqlite~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-suhosin", rpm:"php-suhosin~0.9.22~1.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sysvmsg", rpm:"php-sysvmsg~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sysvsem", rpm:"php-sysvsem~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sysvshm", rpm:"php-sysvshm~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-tidy", rpm:"php-tidy~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-tokenizer", rpm:"php-tokenizer~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-wddx", rpm:"php-wddx~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xml", rpm:"php-xml~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xmlreader", rpm:"php-xmlreader~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xmlrpc", rpm:"php-xmlrpc~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xmlwriter", rpm:"php-xmlwriter~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xsl", rpm:"php-xsl~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-zlib", rpm:"php-zlib~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64php5_common5", rpm:"lib64php5_common5~5.2.4~3.6mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_325.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_325.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_325.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,102 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:325 (ruby)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66424);
+ script_cve_id("CVE-2009-0642", "CVE-2009-1904");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:325 (ruby)");
+
+ desc = "
+The remote host is missing an update to ruby
+announced via advisory MDVSA-2009:325.
+
+Multiple vulnerabilities was discovered and corrected in ruby:
+
+ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check
+the return value from the OCSP_basic_verify function, which might allow
+remote attackers to successfully present an invalid X.509 certificate,
+possibly involving a revoked certificate (CVE-2009-0642).
+
+The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before
+p173 allows context-dependent attackers to cause a denial of service
+(application crash) via a string argument that represents a large
+number, as demonstrated by an attempted conversion to the Float data
+type (CVE-2009-1904).
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+This update provides a solution to these vulnerabilities.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:325
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:325 (ruby)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"ruby", rpm:"ruby~1.8.6~5.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-devel", rpm:"ruby-devel~1.8.6~5.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-doc", rpm:"ruby-doc~1.8.6~5.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-tk", rpm:"ruby-tk~1.8.6~5.4mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_326.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_326.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/mdksa_2009_326.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,153 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:326 (mysql)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66425);
+ script_cve_id("CVE-2008-3963", "CVE-2008-4097", "CVE-2008-4098", "CVE-2008-4456", "CVE-2009-2446");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:326 (mysql)");
+
+ desc = "
+The remote host is missing an update to mysql
+announced via advisory MDVSA-2009:326.
+
+Multiple vulnerabilities has been found and corrected in mysql:
+
+MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6
+does not properly handle a b'' (b single-quote single-quote) token,
+aka an empty bit-string literal, which allows remote attackers to
+cause a denial of service (daemon crash) by using this token in a
+SQL statement (CVE-2008-3963).
+
+MySQL before 5.0.67 allows local users to bypass certain privilege
+checks by calling CREATE TABLE on a MyISAM table with modified (1)
+DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally
+associated with pathnames without symlinks, and that can point to
+tables created at a future time at which a pathname is modified
+to contain a symlink to a subdirectory of the MySQL home data
+directory. NOTE: this vulnerability exists because of an incomplete
+fix for CVE-2008-4097 (CVE-2008-4098).
+
+Cross-site scripting (XSS) vulnerability in the command-line client
+in MySQL 5.0.26 through 5.0.45, when the --html option is enabled,
+allows attackers to inject arbitrary web script or HTML by placing
+it in a database cell, which might be accessed by this client when
+composing an HTML document (CVE-2008-4456).
+
+Multiple format string vulnerabilities in the dispatch_command function
+in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow
+remote authenticated users to cause a denial of service (daemon crash)
+and possibly have unspecified other impact via format string specifiers
+in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request.
+NOTE: some of these details are obtained from third party information
+(CVE-2009-2446).
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+This update provides fixes for this vulnerability.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:326
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:326 (mysql)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libmysql15", rpm:"libmysql15~5.0.45~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libmysql-devel", rpm:"libmysql-devel~5.0.45~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libmysql-static-devel", rpm:"libmysql-static-devel~5.0.45~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mysql", rpm:"mysql~5.0.45~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mysql-bench", rpm:"mysql-bench~5.0.45~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mysql-client", rpm:"mysql-client~5.0.45~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mysql-common", rpm:"mysql-common~5.0.45~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mysql-max", rpm:"mysql-max~5.0.45~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mysql-ndb-extra", rpm:"mysql-ndb-extra~5.0.45~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mysql-ndb-management", rpm:"mysql-ndb-management~5.0.45~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mysql-ndb-storage", rpm:"mysql-ndb-storage~5.0.45~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mysql-ndb-tools", rpm:"mysql-ndb-tools~5.0.45~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64mysql15", rpm:"lib64mysql15~5.0.45~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64mysql-devel", rpm:"lib64mysql-devel~5.0.45~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64mysql-static-devel", rpm:"lib64mysql-static-devel~5.0.45~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/ovcesa2009_1625.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ovcesa2009_1625.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/ovcesa2009_1625.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,84 @@
+#CESA-2009:1625 66468 4
+# $Id$
+# Description: Auto-generated from advisory CESA-2009:1625 (expat)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66468);
+ script_cve_id("CVE-2009-3560", "CVE-2009-3720");
+ script_version ("$Revision$");
+ script_name("CentOS Security Advisory CESA-2009:1625 (expat)");
+
+ desc = "
+The remote host is missing updates to expat announced in
+advisory CESA-2009:1625.
+
+For details on the issues addressed in this update,
+please visit the referenced security advisories.
+
+Solution:
+Update the appropriate packages on your system.
+
+http://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1625
+http://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1625
+https://rhn.redhat.com/errata/RHSA-2009-1625.html
+
+Risk factor : Medium";
+
+ script_description(desc);
+
+ script_summary("CentOS Security Advisory CESA-2009:1625 (expat)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("CentOS Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"expat", rpm:"expat~1.95.5~6.2", rls:"CentOS3")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"expat-devel", rpm:"expat-devel~1.95.5~6.2", rls:"CentOS3")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"expat", rpm:"expat~1.95.7~4.el4_8.2", rls:"CentOS4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"expat-devel", rpm:"expat-devel~1.95.7~4.el4_8.2", rls:"CentOS4")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/suse_sa_2009_059.nasl
===================================================================
--- trunk/openvas-plugins/scripts/suse_sa_2009_059.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/suse_sa_2009_059.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,181 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory SUSE-SA:2009:059 (bind)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66459);
+ script_cve_id("CVE-2009-4022");
+ script_version ("$Revision$");
+ script_name("SuSE Security Advisory SUSE-SA:2009:059 (bind)");
+
+ desc = "
+The remote host is missing updates announced in
+advisory SUSE-SA:2009:059.
+
+The bind DNS server was updated to close a possible cache poisoning
+vulnerability which allowed to bypass DNSSEC.
+
+This problem can only happen after the other spoofing/poisoning
+mechanisms have been bypassed already (the port and transaction id
+randomization). Also this can only happen if the server is setup for
+DNSSEC. Due to this limitation we consider this a minor issue.
+
+The DNSSEC implementation was redone in 2004 and implemented in
+bind 9.6.
+
+Earlier bind version do not support the DNSSEC version and so are not
+affected.
+
+This means that the Bind versions of SUSE Linux Enterprise Server 9
+(bind 9.3.4) and SUSE Linux Enterprise Server 10 (bind 9.3.4) are
+not affected by this problem.
+
+Solution:
+Update your system with the packages as indicated in
+the referenced security advisory.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:059
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("SuSE Security Advisory SUSE-SA:2009:059 (bind)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("SuSE Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"bind-debuginfo", rpm:"bind-debuginfo~9.6.1P2~1.1.1", rls:"openSUSE11.2")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-debugsource", rpm:"bind-debugsource~9.6.1P2~1.1.1", rls:"openSUSE11.2")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind", rpm:"bind~9.6.1P2~1.1.1", rls:"openSUSE11.2")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-chrootenv", rpm:"bind-chrootenv~9.6.1P2~1.1.1", rls:"openSUSE11.2")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-devel", rpm:"bind-devel~9.6.1P2~1.1.1", rls:"openSUSE11.2")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-doc", rpm:"bind-doc~9.6.1P2~1.1.1", rls:"openSUSE11.2")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-libs", rpm:"bind-libs~9.6.1P2~1.1.1", rls:"openSUSE11.2")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-utils", rpm:"bind-utils~9.6.1P2~1.1.1", rls:"openSUSE11.2")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-debuginfo", rpm:"bind-debuginfo~9.5.0P2~18.8.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-debugsource", rpm:"bind-debugsource~9.5.0P2~18.8.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind", rpm:"bind~9.5.0P2~18.8.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-chrootenv", rpm:"bind-chrootenv~9.5.0P2~18.8.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-devel", rpm:"bind-devel~9.5.0P2~18.8.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-doc", rpm:"bind-doc~9.5.0P2~18.8.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-libs", rpm:"bind-libs~9.5.0P2~18.8.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-utils", rpm:"bind-utils~9.5.0P2~18.8.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-debuginfo", rpm:"bind-debuginfo~9.4.2~39.8", rls:"openSUSE11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-debugsource", rpm:"bind-debugsource~9.4.2~39.8", rls:"openSUSE11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind", rpm:"bind~9.4.2~39.8", rls:"openSUSE11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-chrootenv", rpm:"bind-chrootenv~9.4.2~39.8", rls:"openSUSE11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-devel", rpm:"bind-devel~9.4.2~39.8", rls:"openSUSE11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-doc", rpm:"bind-doc~9.4.2~39.8", rls:"openSUSE11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-libs", rpm:"bind-libs~9.4.2~39.8", rls:"openSUSE11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-utils", rpm:"bind-utils~9.4.2~39.8", rls:"openSUSE11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-libs-64bit", rpm:"bind-libs-64bit~9.5.0P2~18.8.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-devel-64bit", rpm:"bind-devel-64bit~9.4.2~39.8", rls:"openSUSE11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-libs-64bit", rpm:"bind-libs-64bit~9.4.2~39.8", rls:"openSUSE11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-libs-debuginfo-32bit", rpm:"bind-libs-debuginfo-32bit~9.6.1P2~1.1.1", rls:"openSUSE11.2")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-libs-32bit", rpm:"bind-libs-32bit~9.6.1P2~1.1.1", rls:"openSUSE11.2")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-libs-32bit", rpm:"bind-libs-32bit~9.5.0P2~18.8.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"bind-libs-32bit", rpm:"bind-libs-32bit~9.4.2~39.8", rls:"openSUSE11.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/suse_sa_2009_060.nasl
===================================================================
--- trunk/openvas-plugins/scripts/suse_sa_2009_060.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/suse_sa_2009_060.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,206 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory SUSE-SA:2009:060 (kernel)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66460);
+ script_cve_id("CVE-2005-4881", "CVE-2009-2903", "CVE-2009-2910", "CVE-2009-3286", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3726");
+ script_version ("$Revision$");
+ script_name("SuSE Security Advisory SUSE-SA:2009:060 (kernel)");
+
+ desc = "
+The remote host is missing updates announced in
+advisory SUSE-SA:2009:060.
+
+The SUSE Linux Enterprise 11 and openSUSE 11.1 Kernel was updated to
+2.6.27.39 fixing various bugs and security issues.
+
+For details, please visit the referenced security advisories.
+
+A complete list of changes can be found in the RPM changelog.
+
+Solution:
+Update your system with the packages as indicated in
+the referenced security advisory.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:060
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("SuSE Security Advisory SUSE-SA:2009:060 (kernel)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("SuSE Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debug-debugsource", rpm:"kernel-debug-debugsource~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-default-debuginfo", rpm:"kernel-default-debuginfo~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-default-debugsource", rpm:"kernel-default-debugsource~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-pae-debuginfo", rpm:"kernel-pae-debuginfo~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-pae-debugsource", rpm:"kernel-pae-debugsource~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-source-debuginfo", rpm:"kernel-source-debuginfo~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-trace-debuginfo", rpm:"kernel-trace-debuginfo~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-trace-debugsource", rpm:"kernel-trace-debugsource~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-vanilla-debuginfo", rpm:"kernel-vanilla-debuginfo~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-vanilla-debugsource", rpm:"kernel-vanilla-debugsource~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-xen-debuginfo", rpm:"kernel-xen-debuginfo~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-xen-debugsource", rpm:"kernel-xen-debugsource~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debug-base", rpm:"kernel-debug-base~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debug-extra", rpm:"kernel-debug-extra~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-default", rpm:"kernel-default~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-default-base", rpm:"kernel-default-base~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-default-extra", rpm:"kernel-default-extra~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-pae", rpm:"kernel-pae~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-pae-base", rpm:"kernel-pae-base~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-pae-extra", rpm:"kernel-pae-extra~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-source", rpm:"kernel-source~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-syms", rpm:"kernel-syms~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-trace", rpm:"kernel-trace~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-trace-base", rpm:"kernel-trace-base~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-trace-extra", rpm:"kernel-trace-extra~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-vanilla", rpm:"kernel-vanilla~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-xen-base", rpm:"kernel-xen-base~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-xen-extra", rpm:"kernel-xen-extra~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-docs", rpm:"kernel-docs~2.6.3~3.13.66", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-kdump-debuginfo", rpm:"kernel-kdump-debuginfo~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-kdump-debugsource", rpm:"kernel-kdump-debugsource~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-ppc64-debuginfo", rpm:"kernel-ppc64-debuginfo~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-ppc64-debugsource", rpm:"kernel-ppc64-debugsource~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-ps3-debuginfo", rpm:"kernel-ps3-debuginfo~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-ps3-debugsource", rpm:"kernel-ps3-debugsource~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-kdump", rpm:"kernel-kdump~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-ppc64", rpm:"kernel-ppc64~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-ppc64-base", rpm:"kernel-ppc64-base~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-ppc64-extra", rpm:"kernel-ppc64-extra~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-ps3", rpm:"kernel-ps3~2.6.27.39~0.2.1", rls:"openSUSE11.1")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/ubuntu_863_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ubuntu_863_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/ubuntu_863_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,97 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory USN-863-1 (qemu-kvm)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66462);
+ script_version ("$Revision$");
+ script_name("Ubuntu USN-863-1 (qemu-kvm)");
+
+ desc = "
+The remote host is missing an update to qemu-kvm
+announced via advisory USN-863-1.
+
+Details follow:
+
+It was discovered that QEMU did not properly setup the virtio networking
+features available to its guests. A remote attacker could exploit this to
+crash QEMU guests which use virtio networking on Linux kernels earlier
+than 2.6.26.
+
+Solution:
+The problem can be corrected by upgrading your system to the
+following package versions:
+
+Ubuntu 9.10:
+  qemu-kvm                        0.11.0-0ubuntu6.3
+
+After a standard system upgrade you need to restart any QEMU guests to
+effect the necessary changes.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=USN-863-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Ubuntu USN-863-1 (qemu-kvm)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"kvm", ver:"84+dfsg-0ubuntu16+0.11.0+0ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"qemu-kvm", ver:"0.11.0-0ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"qemu-arm-static", ver:"0.11.0-0ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"qemu-kvm-extras", ver:"0.11.0-0ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"qemu", ver:"0.11.0-0ubuntu6.3", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/ubuntu_865_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ubuntu_865_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/ubuntu_865_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,299 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory USN-865-1 (bind9)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66463);
+ script_cve_id("CVE-2009-4022");
+ script_version ("$Revision$");
+ script_name("Ubuntu USN-865-1 (bind9)");
+
+ desc = "
+The remote host is missing an update to bind9
+announced via advisory USN-865-1.
+
+Details follow:
+
+Michael Sinatra discovered that Bind did not correctly validate certain
+records added to its cache. When DNSSEC validation is in use, a remote
+attacker could exploit this to spoof DNS entries and poison DNS caches.
+Among other things, this could lead to misdirected email and web traffic.
+
+Solution:
+The problem can be corrected by upgrading your system to the
+following package versions:
+
+Ubuntu 6.06 LTS:
+  libdns23                        1:9.3.2-2ubuntu1.9
+
+Ubuntu 8.04 LTS:
+  libdns36                        1:9.4.2.dfsg.P2-2ubuntu0.4
+
+Ubuntu 8.10:
+  libdns44                        1:9.5.0.dfsg.P2-1ubuntu3.4
+
+Ubuntu 9.04:
+  libdns46                        1:9.5.1.dfsg.P2-1ubuntu0.3
+
+Ubuntu 9.10:
+  libdns53                        1:9.6.1.dfsg.P1-3ubuntu0.2
+
+In general, a standard system upgrade is sufficient to effect the
+necessary changes.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=USN-865-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Ubuntu USN-865-1 (bind9)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"bind9-doc", ver:"9.3.2-2ubuntu1.9", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"bind9-host", ver:"9.3.2-2ubuntu1.9", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"bind9", ver:"9.3.2-2ubuntu1.9", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"dnsutils", ver:"9.3.2-2ubuntu1.9", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libbind-dev", ver:"9.3.2-2ubuntu1.9", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libbind9-0", ver:"9.3.2-2ubuntu1.9", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libdns21", ver:"9.3.2-2ubuntu1.9", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libdns23", ver:"9.3.2-2ubuntu1.9", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libisc11", ver:"9.3.2-2ubuntu1.9", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libisccc0", ver:"9.3.2-2ubuntu1.9", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libisccfg1", ver:"9.3.2-2ubuntu1.9", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"liblwres9", ver:"9.3.2-2ubuntu1.9", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"lwresd", ver:"9.3.2-2ubuntu1.9", rls:"UBUNTU6.06 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"bind9-doc", ver:"9.4.2.dfsg.P2-2ubuntu0.4", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"bind9-host", ver:"9.4.2.dfsg.P2-2ubuntu0.4", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"bind9", ver:"9.4.2.dfsg.P2-2ubuntu0.4", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"dnsutils", ver:"9.4.2.dfsg.P2-2ubuntu0.4", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libbind-dev", ver:"9.4.2.dfsg.P2-2ubuntu0.4", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libbind9-30", ver:"9.4.2.dfsg.P2-2ubuntu0.4", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libdns35", ver:"9.4.2.dfsg.P2-2ubuntu0.4", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libdns36", ver:"9.4.2.dfsg.P2-2ubuntu0.4", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libisc35", ver:"9.4.2.dfsg.P2-2ubuntu0.4", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libisccc30", ver:"9.4.2.dfsg.P2-2ubuntu0.4", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libisccfg30", ver:"9.4.2.dfsg.P2-2ubuntu0.4", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"liblwres30", ver:"9.4.2.dfsg.P2-2ubuntu0.4", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"lwresd", ver:"9.4.2.dfsg.P2-2ubuntu0.4", rls:"UBUNTU8.04 LTS")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"bind9-doc", ver:"9.5.0.dfsg.P2-1ubuntu3.4", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"bind9-host", ver:"9.5.0.dfsg.P2-1ubuntu3.4", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"bind9", ver:"9.5.0.dfsg.P2-1ubuntu3.4", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"bind9utils", ver:"9.5.0.dfsg.P2-1ubuntu3.4", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"dnsutils", ver:"9.5.0.dfsg.P2-1ubuntu3.4", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libbind-dev", ver:"9.5.0.dfsg.P2-1ubuntu3.4", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libbind9-40", ver:"9.5.0.dfsg.P2-1ubuntu3.4", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libdns43", ver:"9.5.0.dfsg.P2-1ubuntu3.4", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libdns44", ver:"9.5.0.dfsg.P2-1ubuntu3.4", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libisc44", ver:"9.5.0.dfsg.P2-1ubuntu3.4", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libisccc40", ver:"9.5.0.dfsg.P2-1ubuntu3.4", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libisccfg40", ver:"9.5.0.dfsg.P2-1ubuntu3.4", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"liblwres40", ver:"9.5.0.dfsg.P2-1ubuntu3.4", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"lwresd", ver:"9.5.0.dfsg.P2-1ubuntu3.4", rls:"UBUNTU8.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"bind9-doc", ver:"9.5.1.dfsg.P2-1ubuntu0.3", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"bind9-host", ver:"9.5.1.dfsg.P2-1ubuntu0.3", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"bind9", ver:"9.5.1.dfsg.P2-1ubuntu0.3", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"bind9utils", ver:"9.5.1.dfsg.P2-1ubuntu0.3", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"dnsutils", ver:"9.5.1.dfsg.P2-1ubuntu0.3", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libbind-dev", ver:"9.5.1.dfsg.P2-1ubuntu0.3", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libbind9-40", ver:"9.5.1.dfsg.P2-1ubuntu0.3", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libdns45", ver:"9.5.1.dfsg.P2-1ubuntu0.3", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libdns46", ver:"9.5.1.dfsg.P2-1ubuntu0.3", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libisc45", ver:"9.5.1.dfsg.P2-1ubuntu0.3", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libisccc40", ver:"9.5.1.dfsg.P2-1ubuntu0.3", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libisccfg40", ver:"9.5.1.dfsg.P2-1ubuntu0.3", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"liblwres40", ver:"9.5.1.dfsg.P2-1ubuntu0.3", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"lwresd", ver:"9.5.1.dfsg.P2-1ubuntu0.3", rls:"UBUNTU9.04")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"bind9-doc", ver:"9.6.1.dfsg.P1-3ubuntu0.2", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"bind9-host", ver:"9.6.1.dfsg.P1-3ubuntu0.2", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"bind9", ver:"9.6.1.dfsg.P1-3ubuntu0.2", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"bind9utils", ver:"9.6.1.dfsg.P1-3ubuntu0.2", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"dnsutils", ver:"9.6.1.dfsg.P1-3ubuntu0.2", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libbind-dev", ver:"9.6.1.dfsg.P1-3ubuntu0.2", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libbind9-50", ver:"9.6.1.dfsg.P1-3ubuntu0.2", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libdns50", ver:"9.6.1.dfsg.P1-3ubuntu0.2", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libdns53", ver:"9.6.1.dfsg.P1-3ubuntu0.2", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libisc50", ver:"9.6.1.dfsg.P1-3ubuntu0.2", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libisccc50", ver:"9.6.1.dfsg.P1-3ubuntu0.2", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libisccfg50", ver:"9.6.1.dfsg.P1-3ubuntu0.2", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"liblwres50", ver:"9.6.1.dfsg.P1-3ubuntu0.2", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"lwresd", ver:"9.6.1.dfsg.P1-3ubuntu0.2", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/ubuntu_866_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ubuntu_866_1.nasl	2009-12-09 16:28:02 UTC (rev 6119)
+++ trunk/openvas-plugins/scripts/ubuntu_866_1.nasl	2009-12-09 23:23:54 UTC (rev 6120)
@@ -0,0 +1,86 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory USN-866-1 (gnome-screensaver)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66464);
+ script_version ("$Revision$");
+ script_name("Ubuntu USN-866-1 (gnome-screensaver)");
+
+ desc = "
+The remote host is missing an update to gnome-screensaver
+announced via advisory USN-866-1.
+
+Details follow:
+
+It was discovered that gnome-screensaver did not always re-enable itself
+after applications requested it to ignore idle timers. This may result in the
+screen not being automatically locked after the inactivity timeout is
+reached, permitting an attacker with physical access to gain access to an
+unlocked session.
+
+Solution:
+The problem can be corrected by upgrading your system to the
+following package versions:
+
+Ubuntu 9.10:
+  gnome-screensaver               2.28.0-0ubuntu3.1
+
+After a standard system upgrade you need to restart your session to effect
+the necessary changes.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=USN-866-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Ubuntu USN-866-1 (gnome-screensaver)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"gnome-screensaver", ver:"2.28.0-0ubuntu3.1", rls:"UBUNTU9.10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}



More information about the Openvas-commits mailing list