[Openvas-commits] r6135 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Mon Dec 14 23:06:47 CET 2009


Author: reinke
Date: 2009-12-14 23:06:43 +0100 (Mon, 14 Dec 2009)
New Revision: 6135

Added:
   trunk/openvas-plugins/scripts/RHSA_2009_1643.nasl
   trunk/openvas-plugins/scripts/RHSA_2009_1646.nasl
   trunk/openvas-plugins/scripts/RHSA_2009_1647.nasl
   trunk/openvas-plugins/scripts/RHSA_2009_1648.nasl
   trunk/openvas-plugins/scripts/RHSA_2009_1651.nasl
   trunk/openvas-plugins/scripts/RHSA_2009_1657.nasl
   trunk/openvas-plugins/scripts/RHSA_2009_1658.nasl
   trunk/openvas-plugins/scripts/RHSA_2009_1659.nasl
   trunk/openvas-plugins/scripts/deb_1947_1.nasl
   trunk/openvas-plugins/scripts/deb_1948_1.nasl
   trunk/openvas-plugins/scripts/deb_1949_1.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12180.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12461.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12552.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12604.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12783.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12817.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12827.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12966.nasl
   trunk/openvas-plugins/scripts/fcore_2009_12968.nasl
   trunk/openvas-plugins/scripts/fcore_2009_13039.nasl
   trunk/openvas-plugins/scripts/fcore_2009_13040.nasl
   trunk/openvas-plugins/scripts/fcore_2009_13046.nasl
   trunk/openvas-plugins/scripts/fcore_2009_13065.nasl
   trunk/openvas-plugins/scripts/fcore_2009_13066.nasl
   trunk/openvas-plugins/scripts/fcore_2009_13080.nasl
   trunk/openvas-plugins/scripts/fcore_2009_13090.nasl
   trunk/openvas-plugins/scripts/fcore_2009_13098.nasl
   trunk/openvas-plugins/scripts/fcore_2009_13121.nasl
   trunk/openvas-plugins/scripts/freebsd_dovecot2.nasl
   trunk/openvas-plugins/scripts/freebsd_linux-flashplugin5.nasl
   trunk/openvas-plugins/scripts/freebsd_piwik.nasl
   trunk/openvas-plugins/scripts/freebsd_pligg.nasl
   trunk/openvas-plugins/scripts/freebsd_rt.nasl
   trunk/openvas-plugins/scripts/freebsd_ruby11.nasl
   trunk/openvas-plugins/scripts/glsa_200912_01.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_030_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_038_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_046_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_059_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_091_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_093_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_098_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_099_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_126_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_133_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_191_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_251_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_259_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_276_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_282_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_296_1.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_327.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_330.nasl
   trunk/openvas-plugins/scripts/mdksa_2009_331.nasl
   trunk/openvas-plugins/scripts/ovcesa2009_1646.nasl
   trunk/openvas-plugins/scripts/ovcesa2009_1648.nasl
   trunk/openvas-plugins/scripts/ovcesa2009_1651.nasl
   trunk/openvas-plugins/scripts/sles11_expat0.nasl
   trunk/openvas-plugins/scripts/sles11_kdelibs3.nasl
   trunk/openvas-plugins/scripts/sles11_perl-HTML-Parse.nasl
   trunk/openvas-plugins/scripts/sles11_wireshark1.nasl
   trunk/openvas-plugins/scripts/sles9p5064331.nasl
Modified:
   trunk/openvas-plugins/ChangeLog
Log:
New scripts added

Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/ChangeLog	2009-12-14 22:06:43 UTC (rev 6135)
@@ -1,3 +1,70 @@
+2009-12-14  Thomas Reinke <reinke at securityspace.com>
+
+	* scripts/deb_1947_1.nasl,
+	scripts/deb_1948_1.nasl,
+	scripts/deb_1949_1.nasl,
+	scripts/freebsd_dovecot2.nasl,
+	scripts/freebsd_linux-flashplugin5.nasl,
+	scripts/freebsd_piwik.nasl,
+	scripts/freebsd_pligg.nasl,
+	scripts/freebsd_rt.nasl,
+	scripts/freebsd_ruby11.nasl,
+	scripts/glsa_200912_01.nasl,
+	scripts/mdksa_2009_030_1.nasl,
+	scripts/mdksa_2009_038_1.nasl,
+	scripts/mdksa_2009_046_1.nasl,
+	scripts/mdksa_2009_059_1.nasl,
+	scripts/mdksa_2009_091_1.nasl,
+	scripts/mdksa_2009_093_1.nasl,
+	scripts/mdksa_2009_098_1.nasl,
+	scripts/mdksa_2009_099_1.nasl,
+	scripts/mdksa_2009_126_1.nasl,
+	scripts/mdksa_2009_133_1.nasl,
+	scripts/mdksa_2009_191_1.nasl,
+	scripts/mdksa_2009_251_1.nasl,
+	scripts/mdksa_2009_259_1.nasl,
+	scripts/mdksa_2009_276_1.nasl,
+	scripts/mdksa_2009_282_1.nasl,
+	scripts/mdksa_2009_296_1.nasl,
+	scripts/mdksa_2009_327.nasl,
+	scripts/mdksa_2009_330.nasl,
+	scripts/mdksa_2009_331.nasl,
+	scripts/RHSA_2009_1643.nasl,
+	scripts/RHSA_2009_1646.nasl,
+	scripts/RHSA_2009_1647.nasl,
+	scripts/RHSA_2009_1648.nasl,
+	scripts/RHSA_2009_1651.nasl,
+	scripts/RHSA_2009_1657.nasl,
+	scripts/RHSA_2009_1658.nasl,
+	scripts/RHSA_2009_1659.nasl,
+	scripts/fcore_2009_12180.nasl,
+	scripts/fcore_2009_12461.nasl,
+	scripts/fcore_2009_12552.nasl,
+	scripts/fcore_2009_12604.nasl,
+	scripts/fcore_2009_12783.nasl,
+	scripts/fcore_2009_12817.nasl,
+	scripts/fcore_2009_12827.nasl,
+	scripts/fcore_2009_12966.nasl,
+	scripts/fcore_2009_12968.nasl,
+	scripts/fcore_2009_13039.nasl,
+	scripts/fcore_2009_13040.nasl,
+	scripts/fcore_2009_13046.nasl,
+	scripts/fcore_2009_13065.nasl,
+	scripts/fcore_2009_13066.nasl,
+	scripts/fcore_2009_13080.nasl,
+	scripts/fcore_2009_13090.nasl,
+	scripts/fcore_2009_13098.nasl,
+	scripts/fcore_2009_13121.nasl,
+	scripts/ovcesa2009_1646.nasl,
+	scripts/ovcesa2009_1648.nasl,
+	scripts/ovcesa2009_1651.nasl,
+	scripts/sles9p5064331.nasl,
+	scripts/sles11_expat0.nasl,
+	scripts/sles11_kdelibs3.nasl,
+	scripts/sles11_perl-HTML-Parse.nasl,
+	scripts/sles11_wireshark1.nasl:
+	New scripts
+
 2009-12-14  Chandrashekhar B <bchandra at secpod.com>
 
 	* scripts/gb_testlink_xss_n_sql_inj_vuln.nasl,

Added: trunk/openvas-plugins/scripts/RHSA_2009_1643.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RHSA_2009_1643.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/RHSA_2009_1643.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,146 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory RHSA-2009:1643 ()
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66469);
+ script_cve_id("CVE-2009-3867", "CVE-2009-3868", "CVE-2009-3869", "CVE-2009-3871", "CVE-2009-3872", "CVE-2009-3873", "CVE-2009-3874", "CVE-2009-3875", "CVE-2009-3876", "CVE-2009-3877");
+ script_version ("$Revision$");
+ script_name("RedHat Security Advisory RHSA-2009:1643");
+
+ desc = "The remote host is missing updates announced in
+advisory RHSA-2009:1643.
+
+The IBM 1.4.2 SR13-FP3 Java release includes the IBM Java 2 Runtime
+Environment and the IBM Java 2 Software Development Kit.
+
+This update fixes several vulnerabilities in the IBM Java 2 Runtime
+Environment and the IBM Java 2 Software Development Kit. These
+vulnerabilities are summarized on the IBM Security alerts page listed in
+the References section. (CVE-2009-3867, CVE-2009-3868, CVE-2009-3869,
+CVE-2009-3871, CVE-2009-3872, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875,
+CVE-2009-3876, CVE-2009-3877)
+
+All users of java-1.4.2-ibm are advised to upgrade to these updated
+packages, which contain the IBM 1.4.2 SR13-FP3 Java release. All running
+instances of IBM Java must be restarted for this update to take effect.
+
+Solution:
+Please note that this update is available via
+Red Hat Network.  To use Red Hat Network, launch the Red
+Hat Update Agent with the following command: up2date
+
+http://rhn.redhat.com/errata/RHSA-2009-1643.html
+http://www.redhat.com/security/updates/classification/#critical
+http://www.ibm.com/developerworks/java/jdk/alerts/
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Redhat Security Advisory RHSA-2009:1643");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"java-1.4.2-ibm", rpm:"java-1.4.2-ibm~1.4.2.13.3~1jpp.1.el3", rls:"RHENT_3")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.4.2-ibm-demo", rpm:"java-1.4.2-ibm-demo~1.4.2.13.3~1jpp.1.el3", rls:"RHENT_3")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.4.2-ibm-devel", rpm:"java-1.4.2-ibm-devel~1.4.2.13.3~1jpp.1.el3", rls:"RHENT_3")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.4.2-ibm-jdbc", rpm:"java-1.4.2-ibm-jdbc~1.4.2.13.3~1jpp.1.el3", rls:"RHENT_3")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.4.2-ibm-plugin", rpm:"java-1.4.2-ibm-plugin~1.4.2.13.3~1jpp.1.el3", rls:"RHENT_3")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.4.2-ibm-src", rpm:"java-1.4.2-ibm-src~1.4.2.13.3~1jpp.1.el3", rls:"RHENT_3")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.4.2-ibm", rpm:"java-1.4.2-ibm~1.4.2.13.3~1jpp.1.el4", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.4.2-ibm-demo", rpm:"java-1.4.2-ibm-demo~1.4.2.13.3~1jpp.1.el4", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.4.2-ibm-devel", rpm:"java-1.4.2-ibm-devel~1.4.2.13.3~1jpp.1.el4", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.4.2-ibm-javacomm", rpm:"java-1.4.2-ibm-javacomm~1.4.2.13.3~1jpp.1.el4", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.4.2-ibm-jdbc", rpm:"java-1.4.2-ibm-jdbc~1.4.2.13.3~1jpp.1.el4", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.4.2-ibm-plugin", rpm:"java-1.4.2-ibm-plugin~1.4.2.13.3~1jpp.1.el4", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.4.2-ibm-src", rpm:"java-1.4.2-ibm-src~1.4.2.13.3~1jpp.1.el4", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.4.2-ibm", rpm:"java-1.4.2-ibm~1.4.2.13.3~1jpp.1.el5", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.4.2-ibm-demo", rpm:"java-1.4.2-ibm-demo~1.4.2.13.3~1jpp.1.el5", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.4.2-ibm-devel", rpm:"java-1.4.2-ibm-devel~1.4.2.13.3~1jpp.1.el5", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.4.2-ibm-javacomm", rpm:"java-1.4.2-ibm-javacomm~1.4.2.13.3~1jpp.1.el5", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.4.2-ibm-jdbc", rpm:"java-1.4.2-ibm-jdbc~1.4.2.13.3~1jpp.1.el5", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.4.2-ibm-plugin", rpm:"java-1.4.2-ibm-plugin~1.4.2.13.3~1jpp.1.el5", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.4.2-ibm-src", rpm:"java-1.4.2-ibm-src~1.4.2.13.3~1jpp.1.el5", rls:"RHENT_5")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/RHSA_2009_1646.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RHSA_2009_1646.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/RHSA_2009_1646.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,117 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory RHSA-2009:1646 ()
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66470);
+ script_cve_id("CVE-2009-3736");
+ script_version ("$Revision$");
+ script_name("RedHat Security Advisory RHSA-2009:1646");
+
+ desc = "The remote host is missing updates announced in
+advisory RHSA-2009:1646.
+
+GNU Libtool is a set of shell scripts which automatically configure UNIX,
+Linux, and similar operating systems to generically build shared libraries.
+
+A flaw was found in the way GNU Libtool's libltdl library looked for
+modules to load. It was possible for libltdl to load and run modules from
+an arbitrary library in the current working directory. If a local attacker
+could trick a local user into running an application (which uses libltdl)
+from an attacker-controlled directory containing a malicious Libtool
+control file (.la), the attacker could possibly execute arbitrary code with
+the privileges of the user running the application. (CVE-2009-3736)
+
+All libtool users should upgrade to these updated packages, which contain
+a backported patch to correct this issue. After installing the updated
+packages, applications using the libltdl library must be restarted for the
+update to take effect.
+
+Solution:
+Please note that this update is available via
+Red Hat Network.  To use Red Hat Network, launch the Red
+Hat Update Agent with the following command: up2date
+
+http://rhn.redhat.com/errata/RHSA-2009-1646.html
+http://www.redhat.com/security/updates/classification/#moderate
+
+Risk factor : Medium";
+
+ script_description(desc);
+
+ script_summary("Redhat Security Advisory RHSA-2009:1646");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libtool", rpm:"libtool~1.4.3~7", rls:"RHENT_3")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libtool-debuginfo", rpm:"libtool-debuginfo~1.4.3~7", rls:"RHENT_3")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libtool-libs", rpm:"libtool-libs~1.4.3~7", rls:"RHENT_3")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libtool", rpm:"libtool~1.5.6~5.el4_8", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libtool-debuginfo", rpm:"libtool-debuginfo~1.5.6~5.el4_8", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libtool-libs", rpm:"libtool-libs~1.5.6~5.el4_8", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libtool-debuginfo", rpm:"libtool-debuginfo~1.5.22~7.el5_4", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libtool-ltdl", rpm:"libtool-ltdl~1.5.22~7.el5_4", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libtool", rpm:"libtool~1.5.22~7.el5_4", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libtool-ltdl-devel", rpm:"libtool-ltdl-devel~1.5.22~7.el5_4", rls:"RHENT_5")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/RHSA_2009_1647.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RHSA_2009_1647.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/RHSA_2009_1647.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,131 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory RHSA-2009:1647 ()
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66471);
+ script_cve_id("CVE-2009-3867", "CVE-2009-3868", "CVE-2009-3869", "CVE-2009-3871", "CVE-2009-3872", "CVE-2009-3873", "CVE-2009-3874", "CVE-2009-3875", "CVE-2009-3876", "CVE-2009-3877");
+ script_version ("$Revision$");
+ script_name("RedHat Security Advisory RHSA-2009:1647");
+
+ desc = "The remote host is missing updates announced in
+advisory RHSA-2009:1647.
+
+The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and
+the IBM Java 2 Software Development Kit.
+
+This update fixes several vulnerabilities in the IBM Java 2 Runtime
+Environment and the IBM Java 2 Software Development Kit. These
+vulnerabilities are summarized on the IBM Security alerts page listed in
+the References section. (CVE-2009-3867, CVE-2009-3868, CVE-2009-3869,
+CVE-2009-3871, CVE-2009-3872, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875,
+CVE-2009-3876, CVE-2009-3877)
+
+All users of java-1.5.0-ibm are advised to upgrade to these updated
+packages, containing the IBM 1.5.0 SR11 Java release. All running instances
+of IBM Java must be restarted for this update to take effect.
+
+Solution:
+Please note that this update is available via
+Red Hat Network.  To use Red Hat Network, launch the Red
+Hat Update Agent with the following command: up2date
+
+http://rhn.redhat.com/errata/RHSA-2009-1647.html
+http://www.redhat.com/security/updates/classification/#critical
+http://www.ibm.com/developerworks/java/jdk/alerts/
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Redhat Security Advisory RHSA-2009:1647");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"java-1.5.0-ibm", rpm:"java-1.5.0-ibm~1.5.0.11~1jpp.1.el4", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.5.0-ibm-demo", rpm:"java-1.5.0-ibm-demo~1.5.0.11~1jpp.1.el4", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.5.0-ibm-devel", rpm:"java-1.5.0-ibm-devel~1.5.0.11~1jpp.1.el4", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.5.0-ibm-javacomm", rpm:"java-1.5.0-ibm-javacomm~1.5.0.11~1jpp.1.el4", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.5.0-ibm-jdbc", rpm:"java-1.5.0-ibm-jdbc~1.5.0.11~1jpp.1.el4", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.5.0-ibm-plugin", rpm:"java-1.5.0-ibm-plugin~1.5.0.11~1jpp.1.el4", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.5.0-ibm-src", rpm:"java-1.5.0-ibm-src~1.5.0.11~1jpp.1.el4", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.5.0-ibm", rpm:"java-1.5.0-ibm~1.5.0.11~1jpp.1.el5", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.5.0-ibm-accessibility", rpm:"java-1.5.0-ibm-accessibility~1.5.0.11~1jpp.1.el5", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.5.0-ibm-demo", rpm:"java-1.5.0-ibm-demo~1.5.0.11~1jpp.1.el5", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.5.0-ibm-devel", rpm:"java-1.5.0-ibm-devel~1.5.0.11~1jpp.1.el5", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.5.0-ibm-javacomm", rpm:"java-1.5.0-ibm-javacomm~1.5.0.11~1jpp.1.el5", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.5.0-ibm-jdbc", rpm:"java-1.5.0-ibm-jdbc~1.5.0.11~1jpp.1.el5", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.5.0-ibm-plugin", rpm:"java-1.5.0-ibm-plugin~1.5.0.11~1jpp.1.el5", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"java-1.5.0-ibm-src", rpm:"java-1.5.0-ibm-src~1.5.0.11~1jpp.1.el5", rls:"RHENT_5")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/RHSA_2009_1648.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RHSA_2009_1648.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/RHSA_2009_1648.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,99 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory RHSA-2009:1648 ()
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66472);
+ script_cve_id("CVE-2009-3563");
+ script_version ("$Revision$");
+ script_name("RedHat Security Advisory RHSA-2009:1648");
+
+ desc = "The remote host is missing updates announced in
+advisory RHSA-2009:1648.
+
+The Network Time Protocol (NTP) is used to synchronize a computer's time
+with a referenced time source.
+
+Robin Park and Dmitri Vinokurov discovered a flaw in the way ntpd handled
+certain malformed NTP packets. ntpd logged information about all such
+packets and replied with an NTP packet that was treated as malformed when
+received by another ntpd. A remote attacker could use this flaw to create
+an NTP packet reply loop between two ntpd servers via a malformed packet
+with a spoofed source IP address and port, causing ntpd on those servers to
+use excessive amounts of CPU time and fill disk space with log messages.
+(CVE-2009-3563)
+
+All ntp users are advised to upgrade to this updated package, which
+contains a backported patch to resolve this issue. After installing the
+update, the ntpd daemon will restart automatically.
+
+Solution:
+Please note that this update is available via
+Red Hat Network.  To use Red Hat Network, launch the Red
+Hat Update Agent with the following command: up2date
+
+http://rhn.redhat.com/errata/RHSA-2009-1648.html
+http://www.redhat.com/security/updates/classification/#moderate
+
+Risk factor : Medium";
+
+ script_description(desc);
+
+ script_summary("Redhat Security Advisory RHSA-2009:1648");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"ntp", rpm:"ntp~4.2.0.a.20040617~8.el4_8.1", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ntp-debuginfo", rpm:"ntp-debuginfo~4.2.0.a.20040617~8.el4_8.1", rls:"RHENT_4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ntp", rpm:"ntp~4.2.2p1~9.el5_4.1", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ntp-debuginfo", rpm:"ntp-debuginfo~4.2.2p1~9.el5_4.1", rls:"RHENT_5")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/RHSA_2009_1651.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RHSA_2009_1651.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/RHSA_2009_1651.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,98 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory RHSA-2009:1651 ()
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66473);
+ script_cve_id("CVE-2009-0159", "CVE-2009-3563");
+ script_version ("$Revision$");
+ script_name("RedHat Security Advisory RHSA-2009:1651");
+
+ desc = "The remote host is missing updates announced in
+advisory RHSA-2009:1651.
+
+The Network Time Protocol (NTP) is used to synchronize a computer's time
+with a referenced time source.
+
+Robin Park and Dmitri Vinokurov discovered a flaw in the way ntpd handled
+certain malformed NTP packets. ntpd logged information about all such
+packets and replied with an NTP packet that was treated as malformed when
+received by another ntpd. A remote attacker could use this flaw to create
+an NTP packet reply loop between two ntpd servers via a malformed packet
+with a spoofed source IP address and port, causing ntpd on those servers to
+use excessive amounts of CPU time and fill disk space with log messages.
+(CVE-2009-3563)
+
+A buffer overflow flaw was found in the ntpq diagnostic command. A
+malicious, remote server could send a specially-crafted reply to an ntpq
+request that could crash ntpq or, potentially, execute arbitrary code with
+the privileges of the user running the ntpq command. (CVE-2009-0159)
+
+All ntp users are advised to upgrade to this updated package, which
+contains backported patches to resolve these issues. After installing the
+update, the ntpd daemon will restart automatically.
+
+Solution:
+Please note that this update is available via
+Red Hat Network.  To use Red Hat Network, launch the Red
+Hat Update Agent with the following command: up2date
+
+http://rhn.redhat.com/errata/RHSA-2009-1651.html
+http://www.redhat.com/security/updates/classification/#moderate
+
+Risk factor : Medium";
+
+ script_description(desc);
+
+ script_summary("Redhat Security Advisory RHSA-2009:1651");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"ntp", rpm:"ntp~4.1.2~6.el3", rls:"RHENT_3")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ntp-debuginfo", rpm:"ntp-debuginfo~4.1.2~6.el3", rls:"RHENT_3")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/RHSA_2009_1657.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RHSA_2009_1657.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/RHSA_2009_1657.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,88 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory RHSA-2009:1657 ()
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66474);
+ script_cve_id("CVE-2009-3794", "CVE-2009-3796", "CVE-2009-3797", "CVE-2009-3798", "CVE-2009-3799", "CVE-2009-3800");
+ script_version ("$Revision$");
+ script_name("RedHat Security Advisory RHSA-2009:1657");
+
+ desc = "The remote host is missing updates announced in
+advisory RHSA-2009:1657.
+
+The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
+Player web browser plug-in.
+
+Multiple security flaws were found in the way Flash Player displayed
+certain SWF content. An attacker could use these flaws to create a
+specially-crafted SWF file that would cause flash-plugin to crash or,
+possibly, execute arbitrary code when the victim loaded a page containing
+the specially-crafted SWF content. (CVE-2009-3794, CVE-2009-3796,
+CVE-2009-3797, CVE-2009-3798, CVE-2009-3799, CVE-2009-3800)
+
+All users of Adobe Flash Player should install this updated package, which
+upgrades Flash Player to version 10.0.42.34.
+
+Solution:
+Please note that this update is available via
+Red Hat Network.  To use Red Hat Network, launch the Red
+Hat Update Agent with the following command: up2date
+
+http://rhn.redhat.com/errata/RHSA-2009-1657.html
+http://www.redhat.com/security/updates/classification/#critical
+http://www.adobe.com/support/security/bulletins/apsb09-19.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Redhat Security Advisory RHSA-2009:1657");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"flash-plugin", rpm:"flash-plugin~10.0.42.34~1.el5", rls:"RHENT_5")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/RHSA_2009_1658.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RHSA_2009_1658.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/RHSA_2009_1658.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,91 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory RHSA-2009:1658 ()
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66475);
+ script_cve_id("CVE-2009-3794", "CVE-2009-3796", "CVE-2009-3798", "CVE-2009-3799", "CVE-2009-3800", "CVE-2009-3797");
+ script_version ("$Revision$");
+ script_name("RedHat Security Advisory RHSA-2009:1658");
+
+ desc = "The remote host is missing updates announced in
+advisory RHSA-2009:1658.
+
+The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
+Player web browser plug-in.
+
+Multiple security flaws were found in the way Flash Player displayed
+certain SWF content. An attacker could use these flaws to create a
+specially-crafted SWF file that would cause flash-plugin to crash or,
+possibly, execute arbitrary code when the victim loaded a page containing
+the specially-crafted SWF content. (CVE-2009-3794, CVE-2009-3796,
+CVE-2009-3798, CVE-2009-3799, CVE-2009-3800)
+
+All users of Adobe Flash Player should install this updated package, which
+upgrades Flash Player to version 9.0.260.0.
+
+Solution:
+Please note that this update is available via
+Red Hat Network.  To use Red Hat Network, launch the Red
+Hat Update Agent with the following command: up2date
+
+http://rhn.redhat.com/errata/RHSA-2009-1658.html
+http://www.redhat.com/security/updates/classification/#critical
+http://www.adobe.com/support/security/bulletins/apsb09-19.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Redhat Security Advisory RHSA-2009:1658");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"flash-plugin", rpm:"flash-plugin~9.0.260.0~1.el3.with.oss", rls:"RHENT_3")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"flash-plugin", rpm:"flash-plugin~9.0.260.0~1.el4", rls:"RHENT_4")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/RHSA_2009_1659.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RHSA_2009_1659.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/RHSA_2009_1659.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,101 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory RHSA-2009:1659 ()
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66476);
+ script_cve_id("CVE-2009-4031");
+ script_version ("$Revision$");
+ script_name("RedHat Security Advisory RHSA-2009:1659");
+
+ desc = "The remote host is missing updates announced in
+advisory RHSA-2009:1659.
+
+KVM (Kernel-based Virtual Machine) is a full virtualization solution for
+Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for
+the standard Red Hat Enterprise Linux kernel.
+
+On x86 platforms, the do_insn_fetch() function did not limit the amount of
+instruction bytes fetched per instruction. Users in guest operating systems
+could leverage this flaw to cause large latencies on SMP hosts that could
+lead to a local denial of service on the host operating system. This
+update fixes this issue by imposing the architecturally-defined 15 byte
+length limit for instructions. (CVE-2009-4031)
+
+All KVM users should upgrade to these updated packages, which contain
+backported patches to resolve these issues. Note: The procedure in the
+Solution section must be performed before this update will take effect.
+
+Solution:
+Please note that this update is available via
+Red Hat Network.  To use Red Hat Network, launch the Red
+Hat Update Agent with the following command: up2date
+
+http://rhn.redhat.com/errata/RHSA-2009-1659.html
+http://www.redhat.com/security/updates/classification/#moderate
+
+Risk factor : Medium";
+
+ script_description(desc);
+
+ script_summary("Redhat Security Advisory RHSA-2009:1659");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"kmod-kvm", rpm:"kmod-kvm~83~105.el5_4.13", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kvm", rpm:"kvm~83~105.el5_4.13", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kvm-debuginfo", rpm:"kvm-debuginfo~83~105.el5_4.13", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kvm-qemu-img", rpm:"kvm-qemu-img~83~105.el5_4.13", rls:"RHENT_5")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kvm-tools", rpm:"kvm-tools~83~105.el5_4.13", rls:"RHENT_5")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_1947_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1947_1.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/deb_1947_1.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,138 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1947-1 (shibboleth-sp, shibboleth-sp2, opensaml2)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66514);
+ script_cve_id("CVE-2009-3300");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1947-1 (shibboleth-sp, shibboleth-sp2, opensaml2)");
+
+ desc = "The remote host is missing an update to shibboleth-sp, shibboleth-sp2, opensaml2
+announced via advisory DSA 1947-1.
+
+Matt Elder discovered that Shibboleth, a federated web single sign-on
+system is vulnerable to script injection through redirection URLs. More
+details can be found in the Shibboleth advisory at
+http://shibboleth.internet2.edu/secadv/secadv_20091104.txt
+
+For the old stable distribution (etch), this problem has been fixed in
+version 1.3f.dfsg1-2+etch2 of shibboleth-sp.
+
+For the stable distribution (lenny), this problem has been fixed in
+version 1.3.1.dfsg1-3+lenny2 of shibboleth-sp, version 2.0.dfsg1-4+lenny2
+of shibboleth-sp2 and version 2.0-2+lenny2 of opensaml2.
+
+For the unstable distribution (sid), this problem has been fixed in
+version 2.3+dfsg-1 of shibboleth-sp2, version 2.3-1 of opensaml2 and
+version 1.3.1-1 of xmltooling.
+
+We recommend that you upgrade your Shibboleth packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201947-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1947-1 (shibboleth-sp, shibboleth-sp2, opensaml2)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"libshib-dev", ver:"1.3f.dfsg1-2+etch2", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libshib-target5", ver:"1.3f.dfsg1-2+etch2", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libshib6", ver:"1.3f.dfsg1-2+etch2", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libapache2-mod-shib", ver:"1.3f.dfsg1-2+etch2", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libsaml2-doc", ver:"2.0-2+lenny2", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"opensaml2-schemas", ver:"2.0-2+lenny2", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libshibsp-doc", ver:"2.0.dfsg1-4+lenny2", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"shibboleth-sp2-schemas", ver:"2.0.dfsg1-4+lenny2", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libshib-dev", ver:"1.3.1.dfsg1-3+lenny2", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libshib6", ver:"1.3.1.dfsg1-3+lenny2", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libshib-target5", ver:"1.3.1.dfsg1-3+lenny2", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libapache2-mod-shib", ver:"1.3.1.dfsg1-3+lenny2", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libapache2-mod-shib2", ver:"2.0.dfsg1-4+lenny2", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libshibsp1", ver:"2.0.dfsg1-4+lenny2", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libshibsp-dev", ver:"2.0.dfsg1-4+lenny2", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libsaml2-dev", ver:"2.0-2+lenny2", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"opensaml2-tools", ver:"2.0-2+lenny2", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libsaml2", ver:"2.0-2+lenny2", rls:"DEB5.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_1948_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1948_1.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/deb_1948_1.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,113 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1948-1 (ntp)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66515);
+ script_cve_id("CVE-2009-3563");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1948-1 (ntp)");
+
+ desc = "The remote host is missing an update to ntp
+announced via advisory DSA 1948-1.
+
+Robin Park and Dmitri Vinokurov discovered that the daemon component of
+the ntp package, a reference implementation of the NTP protocol, is
+not properly reacting to certain incoming packets.
+
+An unexpected NTP mode 7 packets (MODE_PRIVATE) with spoofed IP data can lead
+ntpd to reply with a mode 7 response to the spoofed address.  This may result
+in the service playing packet ping-pong with other ntp servers or even itself
+which causes CPU usage and excessive disk use due to logging.  An attacker
+can use this to conduct denial of service attacks.
+
+
+For the oldstable distribution (etch), this problem has been fixed in
+version 1:4.2.2.p4+dfsg-2etch4.
+
+For the stable distribution (lenny), this problem has been fixed in
+version 1:4.2.4p4+dfsg-8lenny3.
+
+For the testing (squeeze) and unstable (sid) distribution, this problem
+will be fixed soon.
+
+
+We recommend that you upgrade your ntp packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201948-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1948-1 (ntp)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"ntp-refclock", ver:"4.2.2.p4+dfsg-2etch4", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"ntp-simple", ver:"4.2.2.p4+dfsg-2etch4", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"ntp-doc", ver:"4.2.2.p4+dfsg-2etch4", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"ntp", ver:"4.2.2.p4+dfsg-2etch4", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"ntpdate", ver:"4.2.2.p4+dfsg-2etch4", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"ntp-doc", ver:"4.2.4p4+dfsg-8lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"ntpdate", ver:"4.2.4p4+dfsg-8lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"ntp", ver:"4.2.4p4+dfsg-8lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_1949_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1949_1.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/deb_1949_1.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,94 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1949-1 (php-net-ping)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66516);
+ script_cve_id("CVE-2009-4024");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1949-1 (php-net-ping)");
+
+ desc = "The remote host is missing an update to php-net-ping
+announced via advisory DSA 1949-1.
+
+It was discovered that php-net-ping, a PHP PEAR module to execute ping
+independently of the Operating System, performs insufficient input
+sanitising, which might be used to inject arguments (no CVE yet) or
+execute arbitrary commands (CVE-2009-4024) on a system that uses
+php-net-ping.
+
+
+For the stable distribution (lenny), this problem has been fixed in
+version 2.4.2-1+lenny1.
+
+For the oldstable distribution (etch), this problem has been fixed in
+version 2.4.2-1+etch1.
+
+For the testing distribution (squeeze), this problem will be fixed
+soon.
+
+For the unstable distribution (sid), this problem has been fixed in
+version 2.4.2-1.1.
+
+
+We recommend that you upgrade your php-net-ping packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201949-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1949-1 (php-net-ping)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"php-net-ping", ver:"2.4.2-1+etch1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php-net-ping", ver:"2.4.2-1+lenny1", rls:"DEB5.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12180.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12180.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/fcore_2009_12180.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,122 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12180 (mysql)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66508);
+ script_cve_id("CVE-2009-4019", "CVE-2009-2446");
+ script_version ("$Revision$");
+ script_name("Fedora Core 10 FEDORA-2009-12180 (mysql)");
+
+ desc = "The remote host is missing an update to mysql
+announced via advisory FEDORA-2009-12180.
+
+Update Information:
+
+See http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html
+
+ChangeLog:
+
+* Tue Nov 24 2009 Tom Lane  5.0.88-1
+- Update to MySQL 5.0.88, for various fixes described at
+  http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html
+  including fixes for CVE-2009-4019
+  Related: #540906
+- Ensure that /var/lib/mysql is created with the right SELinux context
+  Related: #502966
+- Increase startup timeout per bug #472222
+
+References:
+
+[ 1 ] Bug #540906 - CVE-2009-4019 mysql: DoS (crash) when comparing GIS items from subquery and when handling subqueires in WHERE  and assigning a SELECT result to a @variable
+https://bugzilla.redhat.com/show_bug.cgi?id=540906
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update mysql' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12180
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 10 FEDORA-2009-12180 (mysql)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"mysql", rpm:"mysql~5.0.88~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mysql-bench", rpm:"mysql-bench~5.0.88~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mysql-cluster", rpm:"mysql-cluster~5.0.88~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mysql-devel", rpm:"mysql-devel~5.0.88~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mysql-embedded", rpm:"mysql-embedded~5.0.88~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mysql-embedded-devel", rpm:"mysql-embedded-devel~5.0.88~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mysql-libs", rpm:"mysql-libs~5.0.88~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mysql-server", rpm:"mysql-server~5.0.88~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mysql-test", rpm:"mysql-test~5.0.88~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mysql-debuginfo", rpm:"mysql-debuginfo~5.0.88~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12461.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12461.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/fcore_2009_12461.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,178 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12461 (asterisk)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66505);
+ script_cve_id("CVE-2009-4055", "CVE-2008-7220", "CVE-2009-0041");
+ script_version ("$Revision$");
+ script_name("Fedora Core 10 FEDORA-2009-12461 (asterisk)");
+
+ desc = "The remote host is missing an update to asterisk
+announced via advisory FEDORA-2009-12461.
+
+Update Information:
+
+Update to 1.6.0.19 to fix AST-2009-010/CVE-2009-4055
+http://downloads.asterisk.org/pub/security/AST-2009-010.html
+
+ChangeLog:
+
+* Mon Nov 30 2009 Jeffrey C. Ollie  - 1.6.0.19-1
+- Update to 1.6.0.19 to fix AST-2009-010/CVE-2009-4055
+* Thu Nov 19 2009 Jeffrey C. Ollie  - 1.6.0.18-1
+- Update to 1.6.0.18
+- Drop unneeded patch to get Lua building
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update asterisk' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12461
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 10 FEDORA-2009-12461 (asterisk)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"asterisk", rpm:"asterisk~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-alsa", rpm:"asterisk-alsa~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-curl", rpm:"asterisk-curl~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-dahdi", rpm:"asterisk-dahdi~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-devel", rpm:"asterisk-devel~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-fax", rpm:"asterisk-fax~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-festival", rpm:"asterisk-festival~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-ices", rpm:"asterisk-ices~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-jabber", rpm:"asterisk-jabber~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-jack", rpm:"asterisk-jack~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-ldap", rpm:"asterisk-ldap~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-ldap-fds", rpm:"asterisk-ldap-fds~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-lua", rpm:"asterisk-lua~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-minivm", rpm:"asterisk-minivm~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-misdn", rpm:"asterisk-misdn~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-odbc", rpm:"asterisk-odbc~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-oss", rpm:"asterisk-oss~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-portaudio", rpm:"asterisk-portaudio~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-postgresql", rpm:"asterisk-postgresql~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-radius", rpm:"asterisk-radius~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-skinny", rpm:"asterisk-skinny~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-snmp", rpm:"asterisk-snmp~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-sqlite", rpm:"asterisk-sqlite~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-tds", rpm:"asterisk-tds~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-unistim", rpm:"asterisk-unistim~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-usbradio", rpm:"asterisk-usbradio~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-voicemail", rpm:"asterisk-voicemail~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-voicemail-imap", rpm:"asterisk-voicemail-imap~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-voicemail-odbc", rpm:"asterisk-voicemail-odbc~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-voicemail-plain", rpm:"asterisk-voicemail-plain~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"asterisk-debuginfo", rpm:"asterisk-debuginfo~1.6.0.19~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12552.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12552.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/fcore_2009_12552.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,97 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12552 (memcached)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66513);
+ script_cve_id("CVE-2009-2415", "CVE-2009-1255");
+ script_version ("$Revision$");
+ script_name("Fedora Core 11 FEDORA-2009-12552 (memcached)");
+
+ desc = "The remote host is missing an update to memcached
+announced via advisory FEDORA-2009-12552.
+
+Update Information:
+
+Addresses CVE-2009-2415
+
+ChangeLog:
+
+* Tue Dec  1 2009 Paul Lindner  - 1.2.8-2
+- Apply patch memcached-1.2.8_proper_vlen_fix.patch
+- Addresses CVE-2009-2415
+- Resolves 542058
+
+References:
+
+[ 1 ] Bug #516489 - CVE-2009-2415 memcached: heap-based buffer overflow
+https://bugzilla.redhat.com/show_bug.cgi?id=516489
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update memcached' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12552
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 11 FEDORA-2009-12552 (memcached)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"memcached", rpm:"memcached~1.2.8~2.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"memcached-selinux", rpm:"memcached-selinux~1.2.8~2.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"memcached-debuginfo", rpm:"memcached-debuginfo~1.2.8~2.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12604.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12604.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/fcore_2009_12604.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,136 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12604 (httpd)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66498);
+ script_cve_id("CVE-2009-3555", "CVE-2009-3094", "CVE-2009-3095");
+ script_version ("$Revision$");
+ script_name("Fedora Core 10 FEDORA-2009-12604 (httpd)");
+
+ desc = "The remote host is missing an update to httpd
+announced via advisory FEDORA-2009-12604.
+
+The Apache HTTP Server is a powerful, efficient, and extensible
+web server.
+
+Update Information:
+
+This update contains the latest stable release of Apache httpd. Three security
+fixes are included, along with several minor bug fixes.    A flaw was found in
+the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols
+handle session renegotiation. A man-in-the-middle attacker could use this flaw
+to prefix arbitrary plain text to a client's session (for example, an HTTPS
+connection to a website). This could force the server to process an attacker's
+request as if authenticated using the victim's credentials. This update
+partially mitigates this flaw for SSL sessions to HTTP servers using mod_ssl by
+rejecting client-requested renegotiation. (CVE-2009-3555)    Note: This update
+does not fully resolve the issue for HTTPS servers. An attack is still possible
+in configurations that require a server-initiated renegotiation
+
+A NULL pointer dereference flaw was found in the Apache mod_proxy_ftp module. A
+malicious FTP server to which requests are being proxied could use this flaw to
+crash an httpd child process via a malformed reply to the EPSV or PASV commands,
+resulting in a limited denial of service. (CVE-2009-3094)
+
+A second flaw was found in the Apache mod_proxy_ftp module. In a reverse
+proxy configuration, a remote attacker could use this flaw to bypass
+intended access restrictions by creating a carefully-crafted HTTP
+Authorization header, allowing the attacker to send arbitrary commands
+to the FTP server. (CVE-2009-3095)
+
+See the upstream changes file for further information:
+http://www.apache.org/dist/httpd/CHANGES_2.2.14
+
+ChangeLog:
+
+* Thu Dec  3 2009 Joe Orton  - 2.2.14-1
+- update to 2.2.14
+- Requires(pre): httpd in mod_ssl subpackage (#543275)
+- add partial security fix for CVE-2009-3555 (#533125)
+- add condrestart in posttrans (#491567)
+
+References:
+
+[ 1 ] Bug #521619 - CVE-2009-3094 httpd: NULL pointer defer in mod_proxy_ftp caused by crafted EPSV and PASV reply
+https://bugzilla.redhat.com/show_bug.cgi?id=521619
+[ 2 ] Bug #522209 - CVE-2009-3095 httpd: mod_proxy_ftp FTP command injection via Authorization HTTP header
+https://bugzilla.redhat.com/show_bug.cgi?id=522209
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update httpd' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12604
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 10 FEDORA-2009-12604 (httpd)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"httpd", rpm:"httpd~2.2.14~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"httpd-devel", rpm:"httpd-devel~2.2.14~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"httpd-manual", rpm:"httpd-manual~2.2.14~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"httpd-tools", rpm:"httpd-tools~2.2.14~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"mod_ssl", rpm:"mod_ssl~2.2.14~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"httpd-debuginfo", rpm:"httpd-debuginfo~2.2.14~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12783.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12783.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/fcore_2009_12783.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,97 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12783 (rt3)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66506);
+ script_cve_id("CVE-2009-3585", "CVE-2009-4151");
+ script_version ("$Revision$");
+ script_name("Fedora Core 12 FEDORA-2009-12783 (rt3)");
+
+ desc = "The remote host is missing an update to rt3
+announced via advisory FEDORA-2009-12783.
+
+RT is an enterprise-grade ticketing system which enables a group of people
+to intelligently and efficiently manage tasks, issues, and requests submitted
+by a community of users.
+
+ChangeLog:
+
+* Fri Dec  4 2009 Ralf Corsépius  - 3.8.4-7
+- Add rt-3.8.4-rh-bz543962.diff (BZ #543962).
+
+References:
+
+[ 1 ] Bug #543962 - CVE-2009-3585 rt3: session hijack
+https://bugzilla.redhat.com/show_bug.cgi?id=543962
+[ 2 ] Bug #543984 - CVE-2009-4151 rt3: web sessions hijack
+https://bugzilla.redhat.com/show_bug.cgi?id=543984
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update rt3' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12783
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 12 FEDORA-2009-12783 (rt3)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"perl-RT-Test", rpm:"perl-RT-Test~3.8.4~7.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"rt3", rpm:"rt3~3.8.4~7.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"rt3-mailgate", rpm:"rt3-mailgate~3.8.4~7.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12817.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12817.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/fcore_2009_12817.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,93 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12817 (rt3)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66510);
+ script_cve_id("CVE-2009-3585", "CVE-2009-4151");
+ script_version ("$Revision$");
+ script_name("Fedora Core 10 FEDORA-2009-12817 (rt3)");
+
+ desc = "The remote host is missing an update to rt3
+announced via advisory FEDORA-2009-12817.
+
+ChangeLog:
+
+* Fri Dec  4 2009 Ralf Corsépius  - 3.8.2-12
+- Add rt-3.8.2-rh-bz543962.diff (BZ #543962).
+
+References:
+
+[ 1 ] Bug #543962 - CVE-2009-3585 rt3: session hijack
+https://bugzilla.redhat.com/show_bug.cgi?id=543962
+[ 2 ] Bug #543984 - CVE-2009-4151 rt3: web sessions hijack
+https://bugzilla.redhat.com/show_bug.cgi?id=543984
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update rt3' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12817
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 10 FEDORA-2009-12817 (rt3)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"perl-RT-Test", rpm:"perl-RT-Test~3.8.2~12.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"rt3", rpm:"rt3~3.8.2~12.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"rt3-mailgate", rpm:"rt3-mailgate~3.8.2~12.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12827.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12827.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/fcore_2009_12827.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,93 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12827 (rt3)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66512);
+ script_cve_id("CVE-2009-3585", "CVE-2009-4151");
+ script_version ("$Revision$");
+ script_name("Fedora Core 11 FEDORA-2009-12827 (rt3)");
+
+ desc = "The remote host is missing an update to rt3
+announced via advisory FEDORA-2009-12827.
+
+ChangeLog:
+
+* Fri Dec  4 2009 Ralf Corsépius  - 3.8.2-12
+- Add rt-3.8.2-rh-bz543962.diff (BZ #543962).
+
+References:
+
+[ 1 ] Bug #543962 - CVE-2009-3585 rt3: session hijack
+https://bugzilla.redhat.com/show_bug.cgi?id=543962
+[ 2 ] Bug #543984 - CVE-2009-4151 rt3: web sessions hijack
+https://bugzilla.redhat.com/show_bug.cgi?id=543984
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update rt3' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12827
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 11 FEDORA-2009-12827 (rt3)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"perl-RT-Test", rpm:"perl-RT-Test~3.8.2~12.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"rt3", rpm:"rt3~3.8.2~12.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"rt3-mailgate", rpm:"rt3-mailgate~3.8.2~12.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12966.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12966.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/fcore_2009_12966.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,95 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12966 (rubygem-actionpack)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66496);
+ script_cve_id("CVE-2009-4214", "CVE-2009-3009", "CVE-2008-5189");
+ script_version ("$Revision$");
+ script_name("Fedora Core 10 FEDORA-2009-12966 (rubygem-actionpack)");
+
+ desc = "The remote host is missing an update to rubygem-actionpack
+announced via advisory FEDORA-2009-12966.
+
+Update Information:
+
+Two security issues are found on activepack shipped on Fedora 10.  One bug is
+that there is a weakness in the strip_tags function in ruby on rails (bug
+542786, CVE-2009-4214). Another one is a possibility to circumvent protection
+against cross-site request forgery (CSRF) attacks (bug 544329).
+
+ChangeLog:
+
+* Mon Dec  7 2009 Mamoru Tasaka  - 2.1.1-5
+- Fix for potential CSRF protection circumvention (bug 544329)
+- Fix for XSS weakness in strip_tags (bug 542786)
+
+References:
+
+[ 1 ] Bug #542786 - rubygem-actionpack: XSS weakness in strip_tags
+https://bugzilla.redhat.com/show_bug.cgi?id=542786
+[ 2 ] Bug #544329 - rubygem-actionpack: Potential CSRF protection circumvention
+https://bugzilla.redhat.com/show_bug.cgi?id=544329
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update rubygem-actionpack' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12966
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 10 FEDORA-2009-12966 (rubygem-actionpack)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"rubygem-actionpack", rpm:"rubygem-actionpack~2.1.1~5.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_12968.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_12968.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/fcore_2009_12968.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,96 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-12968 (nss-util)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66497);
+ script_cve_id("CVE-2009-3555");
+ script_version ("$Revision$");
+ script_name("Fedora Core 12 FEDORA-2009-12968 (nss-util)");
+
+ desc = "The remote host is missing an update to nss-util
+announced via advisory FEDORA-2009-12968.
+
+Update Information:
+
+Update to 3.12.5    This update fixes the following security flaw:
+CVE-2009-3555 TLS: MITM attacks via session renegotiation
+
+ChangeLog:
+
+* Thu Dec  3 2009 Elio Maldonado - 3.12.5-1.1
+- Update to 3.12.5
+
+References:
+
+[ 1 ] Bug #533125 - CVE-2009-3555 TLS: MITM attacks via session renegotiation
+https://bugzilla.redhat.com/show_bug.cgi?id=533125
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update nss-util' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12968
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 12 FEDORA-2009-12968 (nss-util)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"nss-util", rpm:"nss-util~3.12.5~1.fc12.1", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"nss-util-devel", rpm:"nss-util-devel~3.12.5~1.fc12.1", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"nss-util-debuginfo", rpm:"nss-util-debuginfo~3.12.5~1.fc12.1", rls:"FC12")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_13039.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_13039.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/fcore_2009_13039.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,161 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-13039 (kernel)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66499);
+ script_cve_id("CVE-2009-4131");
+ script_version ("$Revision$");
+ script_name("Fedora Core 12 FEDORA-2009-13039 (kernel)");
+
+ desc = "The remote host is missing an update to the kernel
+announced via advisory FEDORA-2009-13039.
+
+Update Information:
+
+CVE-2009-4131:  EXT4 - fix insufficient permission checking which could result
+in arbitrary data corruption by a local unprivileged user.
+
+ChangeLog:
+
+* Wed Dec  9 2009 Kyle McMartin  2.6.31.6-166
+- ext4-fix-insufficient-checks-in-EXT4_IOC_MOVE_EXT.patch: CVE-2009-4131
+fix insufficient permission checking which could result in arbitrary
+data corruption by a local unprivileged user.
+
+References:
+
+[ 1 ] Bug #544471 - CVE-2009-4131 EMBARGOED kernel: ext4: Fix insufficient checks in EXT4_IOC_MOVE_EXT
+https://bugzilla.redhat.com/show_bug.cgi?id=544471
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update kernel' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-13039
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 12 FEDORA-2009-13039 (kernel)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.31.6~166.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAE", rpm:"kernel-PAE~2.6.31.6~166.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAE-devel", rpm:"kernel-PAE-devel~2.6.31.6~166.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAEdebug", rpm:"kernel-PAEdebug~2.6.31.6~166.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAEdebug-devel", rpm:"kernel-PAEdebug-devel~2.6.31.6~166.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.31.6~166.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.31.6~166.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~i686~2.6.31.6", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.31.6~166.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.31.6~166.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAE-debuginfo", rpm:"kernel-PAE-debuginfo~2.6.31.6~166.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAEdebug-debuginfo", rpm:"kernel-PAEdebug-debuginfo~2.6.31.6~166.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.31.6~166.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.6.31.6~166.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.31.6~166.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-firmware", rpm:"kernel-firmware~2.6.31.6~166.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"perf", rpm:"perf~2.6.31.6~166.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-bootwrapper", rpm:"kernel-bootwrapper~2.6.31.6~166.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~ppc~2.6.31.6", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.6.31.6~166.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-smp-devel", rpm:"kernel-smp-devel~2.6.31.6~166.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-smp-debuginfo", rpm:"kernel-smp-debuginfo~2.6.31.6~166.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~ppc64~2.6.31.6", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~x86_64~2.6.31.6", rls:"FC12")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_13040.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_13040.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/fcore_2009_13040.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,328 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-13040 (moodle)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66500);
+ script_cve_id("CVE-2009-1171", "CVE-2009-0499", "CVE-2008-5153", "CVE-2008-4796");
+ script_version ("$Revision$");
+ script_name("Fedora Core 10 FEDORA-2009-13040 (moodle)");
+
+ desc = "The remote host is missing an update to moodle
+announced via advisory FEDORA-2009-13040.
+
+Update Information:
+
+Moodle upstream has released latest stable versions (1.9.7 and 1.8.11),  fixing
+multiple security issues.    For details, please visit the referenced
+security advisories.
+
+ChangeLog:
+
+* Tue Dec  8 2009 Jon Ciesla  - 1.9.7-1
+- Update to 1.9.7, BZ 544766.
+
+References:
+
+[ 1 ] Bug #544766 - Moodle: Multiple security fixes in 1.9.7 and 1.8.11 upstream releases
+https://bugzilla.redhat.com/show_bug.cgi?id=544766
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update moodle' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-13040
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 10 FEDORA-2009-13040 (moodle)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"moodle", rpm:"moodle~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-af", rpm:"moodle-af~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ar", rpm:"moodle-ar~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-be", rpm:"moodle-be~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-bg", rpm:"moodle-bg~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-bn", rpm:"moodle-bn~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-bs", rpm:"moodle-bs~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ca", rpm:"moodle-ca~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-cs", rpm:"moodle-cs~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-cy", rpm:"moodle-cy~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-da", rpm:"moodle-da~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-de", rpm:"moodle-de~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-de_du", rpm:"moodle-de_du~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-dv", rpm:"moodle-dv~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-el", rpm:"moodle-el~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-es", rpm:"moodle-es~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-et", rpm:"moodle-et~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-eu", rpm:"moodle-eu~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-fa", rpm:"moodle-fa~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-fi", rpm:"moodle-fi~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-fil", rpm:"moodle-fil~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-fr", rpm:"moodle-fr~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-fr_ca", rpm:"moodle-fr_ca~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ga", rpm:"moodle-ga~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-gl", rpm:"moodle-gl~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-gu", rpm:"moodle-gu~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-he", rpm:"moodle-he~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-hi", rpm:"moodle-hi~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-hr", rpm:"moodle-hr~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-hu", rpm:"moodle-hu~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-hy", rpm:"moodle-hy~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-id", rpm:"moodle-id~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-is", rpm:"moodle-is~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-it", rpm:"moodle-it~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ja", rpm:"moodle-ja~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ka", rpm:"moodle-ka~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-kk", rpm:"moodle-kk~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-km", rpm:"moodle-km~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-kn", rpm:"moodle-kn~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ko", rpm:"moodle-ko~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-lo", rpm:"moodle-lo~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-lt", rpm:"moodle-lt~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-lv", rpm:"moodle-lv~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-mi_tn", rpm:"moodle-mi_tn~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-mi_wwow", rpm:"moodle-mi_wwow~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-mk", rpm:"moodle-mk~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ml", rpm:"moodle-ml~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-mn", rpm:"moodle-mn~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ms", rpm:"moodle-ms~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-nl", rpm:"moodle-nl~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-nn", rpm:"moodle-nn~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-no", rpm:"moodle-no~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-no_gr", rpm:"moodle-no_gr~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-pl", rpm:"moodle-pl~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-pt", rpm:"moodle-pt~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-pt_br", rpm:"moodle-pt_br~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ro", rpm:"moodle-ro~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ru", rpm:"moodle-ru~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-si", rpm:"moodle-si~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sk", rpm:"moodle-sk~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sl", rpm:"moodle-sl~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sm", rpm:"moodle-sm~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-so", rpm:"moodle-so~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sq", rpm:"moodle-sq~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sr_cr", rpm:"moodle-sr_cr~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sr_cr_bo", rpm:"moodle-sr_cr_bo~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sr_lt", rpm:"moodle-sr_lt~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sv", rpm:"moodle-sv~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ta", rpm:"moodle-ta~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ta_lk", rpm:"moodle-ta_lk~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-th", rpm:"moodle-th~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-tl", rpm:"moodle-tl~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-to", rpm:"moodle-to~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-tr", rpm:"moodle-tr~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-uk", rpm:"moodle-uk~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ur", rpm:"moodle-ur~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-uz", rpm:"moodle-uz~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-vi", rpm:"moodle-vi~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-zh_cn", rpm:"moodle-zh_cn~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-zh_tw", rpm:"moodle-zh_tw~1.9.7~1.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_13046.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_13046.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/fcore_2009_13046.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,101 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-13046 (ntp)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66501);
+ script_cve_id("CVE-2009-3563");
+ script_version ("$Revision$");
+ script_name("Fedora Core 12 FEDORA-2009-13046 (ntp)");
+
+ desc = "The remote host is missing an update to ntp
+announced via advisory FEDORA-2009-13046.
+
+Update Information:
+
+This update fixes possible DoS with mode 7 packets. (CVE-2009-3563)
+
+ChangeLog:
+
+* Wed Dec  9 2009 Miroslav Lichvar  4.2.4p8-1
+- update to 4.2.4p8 (#545557, CVE-2009-3563)
+
+References:
+
+[ 1 ] Bug #531213 - CVE-2009-3563 ntpd: DoS with mode 7 packets (VU#568372)
+https://bugzilla.redhat.com/show_bug.cgi?id=531213
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update ntp' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-13046
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 12 FEDORA-2009-13046 (ntp)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"ntp", rpm:"ntp~4.2.4p8~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ntp-perl", rpm:"ntp-perl~4.2.4p8~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ntpdate", rpm:"ntpdate~4.2.4p8~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ntp-debuginfo", rpm:"ntp-debuginfo~4.2.4p8~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ntp-doc", rpm:"ntp-doc~4.2.4p8~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_13065.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_13065.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/fcore_2009_13065.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,332 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-13065 (moodle)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66502);
+ script_version ("$Revision$");
+ script_name("Fedora Core 12 FEDORA-2009-13065 (moodle)");
+
+ desc = "The remote host is missing an update to moodle
+announced via advisory FEDORA-2009-13065.
+
+Update Information:
+
+Moodle upstream has released latest stable versions (1.9.7 and 1.8.11),  fixing
+multiple security issues.    For details, please visit the referenced
+security advisroies.
+
+ChangeLog:
+
+* Tue Dec  8 2009 Jon Ciesla  - 1.9.7-1
+- Update to 1.9.7, BZ 544766.
+* Thu Nov  5 2009 Jon Ciesla  - 1.9.6-2
+- Reverted erroneous cron fix.
+* Thu Nov  5 2009 Jon Ciesla  - 1.9.6-1
+- Update to 1.9.6.
+- Make moodle-cron honor lock, BZ 533171.
+
+References:
+
+[ 1 ] Bug #544766 - Moodle: Multiple security fixes in 1.9.7 and 1.8.11 upstream releases
+https://bugzilla.redhat.com/show_bug.cgi?id=544766
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update moodle' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-13065
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 12 FEDORA-2009-13065 (moodle)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"moodle", rpm:"moodle~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-af", rpm:"moodle-af~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ar", rpm:"moodle-ar~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-be", rpm:"moodle-be~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-bg", rpm:"moodle-bg~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-bn", rpm:"moodle-bn~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-bs", rpm:"moodle-bs~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ca", rpm:"moodle-ca~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-cs", rpm:"moodle-cs~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-cy", rpm:"moodle-cy~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-da", rpm:"moodle-da~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-de", rpm:"moodle-de~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-de_du", rpm:"moodle-de_du~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-dv", rpm:"moodle-dv~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-el", rpm:"moodle-el~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-es", rpm:"moodle-es~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-et", rpm:"moodle-et~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-eu", rpm:"moodle-eu~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-fa", rpm:"moodle-fa~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-fi", rpm:"moodle-fi~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-fil", rpm:"moodle-fil~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-fr", rpm:"moodle-fr~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-fr_ca", rpm:"moodle-fr_ca~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ga", rpm:"moodle-ga~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-gl", rpm:"moodle-gl~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-gu", rpm:"moodle-gu~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-he", rpm:"moodle-he~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-hi", rpm:"moodle-hi~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-hr", rpm:"moodle-hr~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-hu", rpm:"moodle-hu~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-hy", rpm:"moodle-hy~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-id", rpm:"moodle-id~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-is", rpm:"moodle-is~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-it", rpm:"moodle-it~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ja", rpm:"moodle-ja~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ka", rpm:"moodle-ka~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-kk", rpm:"moodle-kk~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-km", rpm:"moodle-km~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-kn", rpm:"moodle-kn~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ko", rpm:"moodle-ko~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-lo", rpm:"moodle-lo~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-lt", rpm:"moodle-lt~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-lv", rpm:"moodle-lv~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-mi_tn", rpm:"moodle-mi_tn~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-mi_wwow", rpm:"moodle-mi_wwow~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-mk", rpm:"moodle-mk~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ml", rpm:"moodle-ml~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-mn", rpm:"moodle-mn~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ms", rpm:"moodle-ms~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-nl", rpm:"moodle-nl~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-nn", rpm:"moodle-nn~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-no", rpm:"moodle-no~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-no_gr", rpm:"moodle-no_gr~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-pl", rpm:"moodle-pl~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-pt", rpm:"moodle-pt~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-pt_br", rpm:"moodle-pt_br~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ro", rpm:"moodle-ro~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ru", rpm:"moodle-ru~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-si", rpm:"moodle-si~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sk", rpm:"moodle-sk~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sl", rpm:"moodle-sl~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sm", rpm:"moodle-sm~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-so", rpm:"moodle-so~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sq", rpm:"moodle-sq~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sr_cr", rpm:"moodle-sr_cr~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sr_cr_bo", rpm:"moodle-sr_cr_bo~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sr_lt", rpm:"moodle-sr_lt~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sv", rpm:"moodle-sv~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ta", rpm:"moodle-ta~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ta_lk", rpm:"moodle-ta_lk~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-th", rpm:"moodle-th~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-tl", rpm:"moodle-tl~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-to", rpm:"moodle-to~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-tr", rpm:"moodle-tr~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-uk", rpm:"moodle-uk~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ur", rpm:"moodle-ur~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-uz", rpm:"moodle-uz~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-vi", rpm:"moodle-vi~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-zh_cn", rpm:"moodle-zh_cn~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-zh_tw", rpm:"moodle-zh_tw~1.9.7~1.fc12", rls:"FC12")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_13066.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_13066.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/fcore_2009_13066.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,113 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-13066 (ruby)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66503);
+ script_cve_id("CVE-2009-1904", "CVE-2008-3790");
+ script_version ("$Revision$");
+ script_name("Fedora Core 10 FEDORA-2009-13066 (ruby)");
+
+ desc = "The remote host is missing an update to ruby
+announced via advisory FEDORA-2009-13066.
+
+Update Information:
+
+Update to 1.8.6 p368    This package also fixes the build failure on arm
+-gnueabi systems (bug 506233), and DOS vulnerability issue on BigDecimal method
+(bug 504958, CVE-2009-1904)
+
+ChangeLog:
+
+* Mon Dec  7 2009 Mamoru Tasaka  - 1.8.6.386-2
+- Patch for bigdecimal DOS issue (CVE-2009-1904, bug 504958)
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update ruby' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-13066
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 10 FEDORA-2009-13066 (ruby)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"ruby", rpm:"ruby~1.8.6.368~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-devel", rpm:"ruby-devel~1.8.6.368~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-docs", rpm:"ruby-docs~1.8.6.368~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-irb", rpm:"ruby-irb~1.8.6.368~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-libs", rpm:"ruby-libs~1.8.6.368~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-mode", rpm:"ruby-mode~1.8.6.368~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-rdoc", rpm:"ruby-rdoc~1.8.6.368~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-ri", rpm:"ruby-ri~1.8.6.368~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-tcltk", rpm:"ruby-tcltk~1.8.6.368~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-debuginfo", rpm:"ruby-debuginfo~1.8.6.368~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_13080.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_13080.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/fcore_2009_13080.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,332 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-13080 (moodle)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66504);
+ script_version ("$Revision$");
+ script_name("Fedora Core 11 FEDORA-2009-13080 (moodle)");
+
+ desc = "The remote host is missing an update to moodle
+announced via advisory FEDORA-2009-13080.
+
+Update Information:
+
+Moodle upstream has released latest stable versions (1.9.7 and 1.8.11),  fixing
+multiple security issues. For details, please visit the referenced
+security advisoires.
+
+ChangeLog:
+
+* Tue Dec  8 2009 Jon Ciesla  - 1.9.7-1
+- Update to 1.9.7, BZ 544766.
+* Thu Nov  5 2009 Jon Ciesla  - 1.9.6-2
+- Reverted erroneous cron fix.
+* Thu Nov  5 2009 Jon Ciesla  - 1.9.6-1
+- Update to 1.9.6.
+- Make moodle-cron honor lock, BZ 533171.
+
+References:
+
+[ 1 ] Bug #544766 - Moodle: Multiple security fixes in 1.9.7 and 1.8.11 upstream releases
+https://bugzilla.redhat.com/show_bug.cgi?id=544766
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update moodle' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-13080
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 11 FEDORA-2009-13080 (moodle)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"moodle", rpm:"moodle~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-af", rpm:"moodle-af~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ar", rpm:"moodle-ar~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-be", rpm:"moodle-be~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-bg", rpm:"moodle-bg~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-bn", rpm:"moodle-bn~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-bs", rpm:"moodle-bs~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ca", rpm:"moodle-ca~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-cs", rpm:"moodle-cs~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-cy", rpm:"moodle-cy~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-da", rpm:"moodle-da~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-de", rpm:"moodle-de~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-de_du", rpm:"moodle-de_du~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-dv", rpm:"moodle-dv~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-el", rpm:"moodle-el~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-es", rpm:"moodle-es~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-et", rpm:"moodle-et~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-eu", rpm:"moodle-eu~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-fa", rpm:"moodle-fa~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-fi", rpm:"moodle-fi~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-fil", rpm:"moodle-fil~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-fr", rpm:"moodle-fr~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-fr_ca", rpm:"moodle-fr_ca~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ga", rpm:"moodle-ga~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-gl", rpm:"moodle-gl~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-gu", rpm:"moodle-gu~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-he", rpm:"moodle-he~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-hi", rpm:"moodle-hi~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-hr", rpm:"moodle-hr~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-hu", rpm:"moodle-hu~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-hy", rpm:"moodle-hy~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-id", rpm:"moodle-id~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-is", rpm:"moodle-is~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-it", rpm:"moodle-it~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ja", rpm:"moodle-ja~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ka", rpm:"moodle-ka~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-kk", rpm:"moodle-kk~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-km", rpm:"moodle-km~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-kn", rpm:"moodle-kn~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ko", rpm:"moodle-ko~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-lo", rpm:"moodle-lo~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-lt", rpm:"moodle-lt~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-lv", rpm:"moodle-lv~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-mi_tn", rpm:"moodle-mi_tn~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-mi_wwow", rpm:"moodle-mi_wwow~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-mk", rpm:"moodle-mk~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ml", rpm:"moodle-ml~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-mn", rpm:"moodle-mn~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ms", rpm:"moodle-ms~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-nl", rpm:"moodle-nl~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-nn", rpm:"moodle-nn~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-no", rpm:"moodle-no~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-no_gr", rpm:"moodle-no_gr~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-pl", rpm:"moodle-pl~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-pt", rpm:"moodle-pt~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-pt_br", rpm:"moodle-pt_br~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ro", rpm:"moodle-ro~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ru", rpm:"moodle-ru~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-si", rpm:"moodle-si~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sk", rpm:"moodle-sk~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sl", rpm:"moodle-sl~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sm", rpm:"moodle-sm~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-so", rpm:"moodle-so~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sq", rpm:"moodle-sq~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sr_cr", rpm:"moodle-sr_cr~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sr_cr_bo", rpm:"moodle-sr_cr_bo~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sr_lt", rpm:"moodle-sr_lt~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-sv", rpm:"moodle-sv~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ta", rpm:"moodle-ta~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ta_lk", rpm:"moodle-ta_lk~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-th", rpm:"moodle-th~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-tl", rpm:"moodle-tl~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-to", rpm:"moodle-to~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-tr", rpm:"moodle-tr~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-uk", rpm:"moodle-uk~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-ur", rpm:"moodle-ur~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-uz", rpm:"moodle-uz~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-vi", rpm:"moodle-vi~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-zh_cn", rpm:"moodle-zh_cn~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"moodle-zh_tw", rpm:"moodle-zh_tw~1.9.7~1.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_13090.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_13090.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/fcore_2009_13090.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,101 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-13090 (ntp)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66507);
+ script_cve_id("CVE-2009-3563", "CVE-2009-1252");
+ script_version ("$Revision$");
+ script_name("Fedora Core 11 FEDORA-2009-13090 (ntp)");
+
+ desc = "The remote host is missing an update to ntp
+announced via advisory FEDORA-2009-13090.
+
+Update Information:
+
+This update fixes possible DoS with mode 7 packets. (CVE-2009-3563)
+
+ChangeLog:
+
+* Wed Dec  9 2009 Miroslav Lichvar  4.2.4p7-3
+- fix DoS with mode 7 packets (#545557, CVE-2009-3563)
+
+References:
+
+[ 1 ] Bug #531213 - CVE-2009-3563 ntpd: DoS with mode 7 packets (VU#568372)
+https://bugzilla.redhat.com/show_bug.cgi?id=531213
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update ntp' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-13090
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 11 FEDORA-2009-13090 (ntp)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"ntp", rpm:"ntp~4.2.4p7~3.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ntp-perl", rpm:"ntp-perl~4.2.4p7~3.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ntpdate", rpm:"ntpdate~4.2.4p7~3.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ntp-debuginfo", rpm:"ntp-debuginfo~4.2.4p7~3.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ntp-doc", rpm:"ntp-doc~4.2.4p7~3.fc11", rls:"FC11")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_13098.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_13098.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/fcore_2009_13098.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,148 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-13098 (kernel)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66509);
+ script_cve_id("CVE-2009-4031", "CVE-2009-3547", "CVE-2009-3638", "CVE-2009-3621", "CVE-2009-3620", "CVE-2009-3612", "CVE-2009-2908", "CVE-2009-2903", "CVE-2009-3290", "CVE-2009-2847", "CVE-2009-2692", "CVE-2009-2406", "CVE-2009-2407", "CVE-2009-1895", "CVE-2009-1897", "CVE-2009-0065", "CVE-2008-5079", "CVE-2009-3080", "CVE-2009-4005");
+ script_version ("$Revision$");
+ script_name("Fedora Core 10 FEDORA-2009-13098 (kernel)");
+
+ desc = "The remote host is missing an update to the kernel
+announced via advisory FEDORA-2009-13098.
+
+Update Information:
+
+Update to kernel 2.6.27.41:
+http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.39
+http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.40
+http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.41
+
+References:
+
+[ 1 ] Bug #539414 - CVE-2009-3080 kernel: gdth: Prevent negative offsets in ioctl
+https://bugzilla.redhat.com/show_bug.cgi?id=539414
+[ 2 ] Bug #539435 - CVE-2009-4005 kernel: isdn: hfc_usb: fix read buffer overflow
+https://bugzilla.redhat.com/show_bug.cgi?id=539435
+[ 3 ] Bug #541160 - CVE-2009-4031 kernel: KVM: x86 emulator: limit instructions to 15 bytes
+https://bugzilla.redhat.com/show_bug.cgi?id=541160
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update kernel' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-13098
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 10 FEDORA-2009-13098 (kernel)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.27.41~170.2.117.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.27.41~170.2.117.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.27.41~170.2.117.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.6.27.41~170.2.117.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~2.6.27.41~170.2.117.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAE", rpm:"kernel-PAE~2.6.27.41~170.2.117.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAE-devel", rpm:"kernel-PAE-devel~2.6.27.41~170.2.117.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAEdebug", rpm:"kernel-PAEdebug~2.6.27.41~170.2.117.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAEdebug-devel", rpm:"kernel-PAEdebug-devel~2.6.27.41~170.2.117.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.27.41~170.2.117.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.27.41~170.2.117.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAE-debuginfo", rpm:"kernel-PAE-debuginfo~2.6.27.41~170.2.117.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-PAEdebug-debuginfo", rpm:"kernel-PAEdebug-debuginfo~2.6.27.41~170.2.117.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.27.41~170.2.117.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.27.41~170.2.117.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-firmware", rpm:"kernel-firmware~2.6.27.41~170.2.117.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-bootwrapper", rpm:"kernel-bootwrapper~2.6.27.41~170.2.117.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.6.27.41~170.2.117.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-smp-devel", rpm:"kernel-smp-devel~2.6.27.41~170.2.117.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kernel-smp-debuginfo", rpm:"kernel-smp-debuginfo~2.6.27.41~170.2.117.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/fcore_2009_13121.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_13121.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/fcore_2009_13121.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,98 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-13121 (ntp)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66511);
+ script_cve_id("CVE-2009-3563", "CVE-2009-1252", "CVE-2009-0159", "CVE-2009-0021");
+ script_version ("$Revision$");
+ script_name("Fedora Core 10 FEDORA-2009-13121 (ntp)");
+
+ desc = "The remote host is missing an update to ntp
+announced via advisory FEDORA-2009-13121.
+
+Update Information:
+
+This update fixes possible DoS with mode 7 packets. (CVE-2009-3563)
+
+ChangeLog:
+
+* Wed Dec  9 2009 Miroslav Lichvar  4.2.4p7-2
+- fix DoS with mode 7 packets (#545557, CVE-2009-3563)
+
+References:
+
+[ 1 ] Bug #531213 - CVE-2009-3563 ntpd: DoS with mode 7 packets (VU#568372)
+https://bugzilla.redhat.com/show_bug.cgi?id=531213
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program.  Use 
+su -c 'yum update ntp' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-13121
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Fedora Core 10 FEDORA-2009-13121 (ntp)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"ntp", rpm:"ntp~4.2.4p7~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ntp-perl", rpm:"ntp-perl~4.2.4p7~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ntpdate", rpm:"ntpdate~4.2.4p7~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ntp-debuginfo", rpm:"ntp-debuginfo~4.2.4p7~2.fc10", rls:"FC10")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_dovecot2.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_dovecot2.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/freebsd_dovecot2.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,86 @@
+#
+#VID 30211c45-e52a-11de-b5cd-00e0815b8da8
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID 30211c45-e52a-11de-b5cd-00e0815b8da8
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66522);
+ script_cve_id("CVE-2009-3897");
+ script_bugtraq_id(37084);
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: dovecot");
+
+ desc = "The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: dovecot
+
+CVE-2009-3897
+Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of
+certain directories at installation time, which allows local users to
+access arbitrary user accounts by replacing the auth socket, related
+to the parent directories of the base_dir directory, and possibly the
+base_dir directory itself.
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://secunia.com/advisories/37443
+http://www.vuxml.org/freebsd/30211c45-e52a-11de-b5cd-00e0815b8da8.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: dovecot");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"dovecot");
+if(!isnull(bver) && revcomp(a:bver, b:"1.2.8")<0) {
+    security_note(0, data:"Package dovecot version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_linux-flashplugin5.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_linux-flashplugin5.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/freebsd_linux-flashplugin5.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,93 @@
+#
+#VID 3c1a672e-e508-11de-9f4a-001b2134ef46
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID 3c1a672e-e508-11de-9f4a-001b2134ef46
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66523);
+ script_cve_id("CVE-2009-3794", "CVE-2009-3796", "CVE-2009-3797", "CVE-2009-3798", "CVE-2009-3799", "CVE-2009-3800", "CVE-2009-3951");
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: linux-flashplugin");
+
+ desc = "The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following packages are affected:
+   linux-flashplugin
+   linux-f8-flashplugin
+   linux-f10-flashplugin
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://www.zerodayinitiative.com/advisories/ZDI-09-092/
+http://www.zerodayinitiative.com/advisories/ZDI-09-093/
+http://www.adobe.com/support/security/bulletins/apsb09-19.html
+http://www.vuxml.org/freebsd/3c1a672e-e508-11de-9f4a-001b2134ef46.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: linux-flashplugin");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"linux-flashplugin");
+if(!isnull(bver) && revcomp(a:bver, b:"9.0r260")<0) {
+    security_note(0, data:"Package linux-flashplugin version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"linux-f8-flashplugin");
+if(!isnull(bver) && revcomp(a:bver, b:"10.0r42")<0) {
+    security_note(0, data:"Package linux-f8-flashplugin version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"linux-f10-flashplugin");
+if(!isnull(bver) && revcomp(a:bver, b:"10.0r42")<0) {
+    security_note(0, data:"Package linux-f10-flashplugin version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_piwik.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_piwik.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/freebsd_piwik.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,79 @@
+#
+#VID fcbf56dd-e667-11de-920a-00248c9b4be7
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID fcbf56dd-e667-11de-920a-00248c9b4be7
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66521);
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: piwik");
+
+ desc = "The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: piwik
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://secunia.com/advisories/37649/
+http://www.sektioneins.de/de/advisories/advisory-032009-piwik-cookie-unserialize-vulnerability/index.html
+http://piwik.org/blog/2009/12/piwik-response-to-shocking-news-in-php-exploitation/
+http://www.vuxml.org/freebsd/fcbf56dd-e667-11de-920a-00248c9b4be7.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: piwik");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"piwik");
+if(!isnull(bver) && revcomp(a:bver, b:"0.5.1")<0) {
+    security_note(0, data:"Package piwik version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_pligg.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_pligg.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/freebsd_pligg.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,80 @@
+#
+#VID bec38383-e6cb-11de-bdd4-000c2930e89b
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID bec38383-e6cb-11de-bdd4-000c2930e89b
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66520);
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: pligg");
+
+ desc = "The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: pligg
+
+=====
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://secunia.com/advisories/37349/
+http://www.pligg.com/blog/775/pligg-cms-1-0-3-release/
+http://www.vuxml.org/freebsd/bec38383-e6cb-11de-bdd4-000c2930e89b.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: pligg");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"pligg");
+if(!isnull(bver) && revcomp(a:bver, b:"1.0.3b")<0) {
+    security_note(0, data:"Package pligg version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_rt.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_rt.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/freebsd_rt.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,84 @@
+#
+#VID 714c1406-e4cf-11de-883a-003048590f9e
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID 714c1406-e4cf-11de-883a-003048590f9e
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66525);
+ script_cve_id("CVE-2009-3585");
+ script_bugtraq_id(37162);
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: rt");
+
+ desc = "The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: rt
+
+CVE-2009-3585
+Session fixation vulnerability in html/Elements/SetupSessionCookie in
+Best Practical Solutions RT 3.0.0 through 3.6.9 and 3.8.x through
+3.8.5 allows remote attackers to hijack web sessions by setting the
+session identifier via a manipulation that leverages a second web
+server within the same domain.
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: rt");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"rt");
+if(!isnull(bver) && revcomp(a:bver, b:"3.8.6")<0) {
+    security_note(0, data:"Package rt version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_ruby11.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_ruby11.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/freebsd_ruby11.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,78 @@
+#
+#VID eab8c3bd-e50c-11de-9cd0-001a926c7637
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID eab8c3bd-e50c-11de-9cd0-001a926c7637
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66524);
+ script_cve_id("CVE-2009-4124");
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: ruby");
+
+ desc = "The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: ruby
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://www.ruby-lang.org/en/news/2009/12/07/heap-overflow-in-string/
+http://www.vuxml.org/freebsd/eab8c3bd-e50c-11de-9cd0-001a926c7637.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: ruby");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"ruby");
+if(!isnull(bver) && revcomp(a:bver, b:"1.9.1,1")>=0 && revcomp(a:bver, b:"1.9.1.376,1")<0) {
+    security_note(0, data:"Package ruby version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/glsa_200912_01.nasl
===================================================================
--- trunk/openvas-plugins/scripts/glsa_200912_01.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/glsa_200912_01.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,84 @@
+#
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from Gentoo's XML based advisory
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+                                                                                
+if(description)
+{
+ script_id(66517);
+ script_cve_id("CVE-2009-1377", "CVE-2009-1378", "CVE-2009-1379", "CVE-2009-1387", "CVE-2009-2409", "CVE-2009-3555");
+ script_version ("$Revision$");
+ script_name("Gentoo Security Advisory GLSA 200912-01 (openssl)");
+
+ desc = "The remote host is missing updates announced in
+advisory GLSA 200912-01.
+
+Multiple vulnerabilities in OpenSSL might allow remote attackers to conduct
+    multiple attacks, including the injection of arbitrary data into
+encrypted
+    byte streams.
+
+Solution:
+All OpenSSL users should upgrade to the latest version:
+
+    # emerge --sync
+    # emerge --ask --oneshot --verbose '>=dev-libs/openssl-0.9.8l-r2'
+
+http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200912-01
+http://bugs.gentoo.org/show_bug.cgi?id=270305
+http://bugs.gentoo.org/show_bug.cgi?id=280591
+http://bugs.gentoo.org/show_bug.cgi?id=292022
+
+Risk factor : Medium";
+
+ script_description(desc);
+
+ script_summary("Gentoo Security Advisory GLSA 200912-01 (openssl)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Gentoo Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/gentoo");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-gentoo.inc");
+vuln = 0;
+if(ispkgvuln(pkg:"dev-libs/openssl", unaffected: make_list("ge 0.9.8l-r2"), vulnerable: make_list("lt 0.9.8l-r2"))) {
+    vuln=1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_030_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_030_1.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/mdksa_2009_030_1.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,120 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:030-1 (amarok)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66491);
+ script_cve_id("CVE-2009-0135", "CVE-2009-0136");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:030-1 (amarok)");
+
+ desc = "The remote host is missing an update to amarok
+announced via advisory MDVSA-2009:030-1.
+
+Data length values in metadata Audible Audio media file (.aa) can lead
+to an integer overflow enabling remote attackers use it to trigger an
+heap overflow and enabling the possibility to execute arbitrary code
+(CVE-2009-0135).
+
+Failure on checking heap allocation on Audible Audio media files
+(.aa) allows remote attackers either to cause denial of service or
+execute arbitrary code via a crafted media file (CVE-2009-0136).
+
+This update provide the fix for these security issues.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:030-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:030-1 (amarok)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"amarok", rpm:"amarok~1.4.7~9.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"amarok-engine-xine", rpm:"amarok-engine-xine~1.4.7~9.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"amarok-scripts", rpm:"amarok-scripts~1.4.7~9.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libamarok0", rpm:"libamarok0~1.4.7~9.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libamarok0-scripts", rpm:"libamarok0-scripts~1.4.7~9.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libamarok-devel", rpm:"libamarok-devel~1.4.7~9.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libamarok-scripts-devel", rpm:"libamarok-scripts-devel~1.4.7~9.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64amarok0", rpm:"lib64amarok0~1.4.7~9.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64amarok0-scripts", rpm:"lib64amarok0-scripts~1.4.7~9.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64amarok-devel", rpm:"lib64amarok-devel~1.4.7~9.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64amarok-scripts-devel", rpm:"lib64amarok-scripts-devel~1.4.7~9.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_038_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_038_1.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/mdksa_2009_038_1.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,87 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:038-1 (blender)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66486);
+ script_cve_id("CVE-2008-4863");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:038-1 (blender)");
+
+ desc = "The remote host is missing an update to blender
+announced via advisory MDVSA-2009:038-1.
+
+Python has a variable called sys.path that contains all paths where
+Python loads modules by using import scripting procedure. A wrong
+handling of that variable enables local attackers to execute arbitrary
+code via Python scripting in the current Blender working directory
+(CVE-2008-4863).
+
+This update provides fix for that vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:038-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:038-1 (blender)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"blender", rpm:"blender~2.45~2.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_046_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_046_1.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/mdksa_2009_046_1.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,87 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:046-1 (dia)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66488);
+ script_cve_id("CVE-2008-5984");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:046-1 (dia)");
+
+ desc = "The remote host is missing an update to dia
+announced via advisory MDVSA-2009:046-1.
+
+Python has a variable called sys.path that contains all paths where
+Python loads modules by using import scripting procedure. A wrong
+handling of that variable enables local attackers to execute arbitrary
+code via Python scripting in the current dia working directory
+(CVE-2008-5984).
+
+This update provides fix for that vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:046-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:046-1 (dia)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"dia", rpm:"dia~0.96.1~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_059_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_059_1.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/mdksa_2009_059_1.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,99 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:059-1 (xchat)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66489);
+ script_cve_id("CVE-2009-0315");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:059-1 (xchat)");
+
+ desc = "The remote host is missing an update to xchat
+announced via advisory MDVSA-2009:059-1.
+
+Python has a variable called sys.path that contains all paths where
+Python loads modules by using import scripting procedure. A wrong
+handling of that variable enables local attackers to execute arbitrary
+code via Python scripting in the current X-Chat working directory
+(CVE-2009-0315).
+
+This update provides fix for that vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:059-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:059-1 (xchat)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"xchat", rpm:"xchat~2.8.4~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xchat-devel", rpm:"xchat-devel~2.8.4~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xchat-perl", rpm:"xchat-perl~2.8.4~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xchat-python", rpm:"xchat-python~2.8.4~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"xchat-tcl", rpm:"xchat-tcl~2.8.4~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_091_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_091_1.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/mdksa_2009_091_1.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,91 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:091-1 (mod_perl)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66487);
+ script_cve_id("CVE-2009-0796");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:091-1 (mod_perl)");
+
+ desc = "The remote host is missing an update to mod_perl
+announced via advisory MDVSA-2009:091-1.
+
+A vulnerability has been found and corrected in mod_perl v1.x and v2.x:
+
+Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Status
+and Apache2::Status in mod_perl1 and mod_perl2 for the Apache HTTP
+Server, when /perl-status is accessible, allows remote attackers to
+inject arbitrary web script or HTML via the URI (CVE-2009-0796).
+
+The updated packages have been patched to correct these issues.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:091-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:091-1 (mod_perl)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"apache-mod_perl", rpm:"apache-mod_perl~2.0.3~7.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-mod_perl-devel", rpm:"apache-mod_perl-devel~2.0.3~7.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_093_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_093_1.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/mdksa_2009_093_1.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,90 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:093-1 (mpg123)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66485);
+ script_cve_id("CVE-2009-1301");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:093-1 (mpg123)");
+
+ desc = "The remote host is missing an update to mpg123
+announced via advisory MDVSA-2009:093-1.
+
+A vulnerability has been found and corrected in mpg123:
+
+Integer signedness error in the store_id3_text function in the
+ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a
+denial of service (out-of-bounds memory access) and possibly execute
+arbitrary code via an ID3 tag with a negative encoding value.  NOTE:
+some of these details are obtained from third party information
+(CVE-2009-1301).
+
+The updated packages have been patched to correct this issue.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:093-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:093-1 (mpg123)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"mpg123", rpm:"mpg123~0.66~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_098_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_098_1.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/mdksa_2009_098_1.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,139 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:098-1 (krb5)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66482);
+ script_cve_id("CVE-2009-0844", "CVE-2009-0845", "CVE-2009-0846", "CVE-2009-0847");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:098-1 (krb5)");
+
+ desc = "The remote host is missing an update to krb5
+announced via advisory MDVSA-2009:098-1.
+
+Multiple vulnerabilities has been found and corrected in krb5:
+
+The get_input_token function in the SPNEGO implementation in MIT
+Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote attackers to
+cause a denial of service (daemon crash) and possibly obtain sensitive
+information via a crafted length value that triggers a buffer over-read
+(CVE-2009-0844).
+
+The spnego_gss_accept_sec_context function in
+lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5
+through 1.6.3, when SPNEGO is used, allows remote attackers to cause
+a denial of service (NULL pointer dereference and daemon crash) via
+invalid ContextFlags data in the reqFlags field in a negTokenInit token
+(CVE-2009-0845).
+
+The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in
+the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before
+1.6.4 allows remote attackers to cause a denial of service (daemon
+crash) or possibly execute arbitrary code via vectors involving an
+invalid DER encoding that triggers a free of an uninitialized pointer
+(CVE-2009-0846).
+
+The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5
+(aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to
+cause a denial of service (application crash) via a crafted length
+value that triggers an erroneous malloc call, related to incorrect
+calculations with pointer arithmetic (CVE-2009-0847).
+
+The updated packages have been patched to correct these issues.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:098-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:098-1 (krb5)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"ftp-client-krb5", rpm:"ftp-client-krb5~1.6.2~7.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"ftp-server-krb5", rpm:"ftp-server-krb5~1.6.2~7.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"krb5", rpm:"krb5~1.6.2~7.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"krb5-server", rpm:"krb5-server~1.6.2~7.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"krb5-workstation", rpm:"krb5-workstation~1.6.2~7.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libkrb53", rpm:"libkrb53~1.6.2~7.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libkrb53-devel", rpm:"libkrb53-devel~1.6.2~7.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"telnet-client-krb5", rpm:"telnet-client-krb5~1.6.2~7.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"telnet-server-krb5", rpm:"telnet-server-krb5~1.6.2~7.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64krb53", rpm:"lib64krb53~1.6.2~7.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64krb53-devel", rpm:"lib64krb53-devel~1.6.2~7.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_099_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_099_1.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/mdksa_2009_099_1.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,120 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:099-1 (openafs)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66483);
+ script_cve_id("CVE-2009-1250", "CVE-2009-1251");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:099-1 (openafs)");
+
+ desc = "The remote host is missing an update to openafs
+announced via advisory MDVSA-2009:099-1.
+
+Multiple vulnerabilities has been found and corrected in openafs:
+
+The cache manager in the client in OpenAFS 1.0 through 1.4.8 and
+1.5.0 through 1.5.58 on Linux allows remote attackers to cause a
+denial of service (system crash) via an RX response with a large
+error-code value that is interpreted as a pointer and dereferenced,
+related to use of the ERR_PTR macro (CVE-2009-1250).
+
+Heap-based buffer overflow in the cache manager in the client in
+OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms
+allows remote attackers to cause a denial of service (system crash)
+or possibly execute arbitrary code via an RX response containing
+more data than specified in a request, related to use of XDR arrays
+(CVE-2009-1251).
+
+The updated packages have been patched to correct these issues.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:099-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:099-1 (openafs)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"dkms-libafs", rpm:"dkms-libafs~1.4.4~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libopenafs1", rpm:"libopenafs1~1.4.4~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libopenafs1-devel", rpm:"libopenafs1-devel~1.4.4~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"openafs", rpm:"openafs~1.4.4~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"openafs-client", rpm:"openafs-client~1.4.4~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"openafs-doc", rpm:"openafs-doc~1.4.4~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"openafs-server", rpm:"openafs-server~1.4.4~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64openafs1", rpm:"lib64openafs1~1.4.4~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64openafs1-devel", rpm:"lib64openafs1-devel~1.4.4~8.3mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_126_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_126_1.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/mdksa_2009_126_1.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,85 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:126-1 (eggdrop)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66484);
+ script_cve_id("CVE-2007-2807", "CVE-2009-1789");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:126-1 (eggdrop)");
+
+ desc = "The remote host is missing an update to eggdrop
+announced via advisory MDVSA-2009:126-1.
+
+mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and
+earlier allows remote attackers to cause a denial of service (crash)
+via a crafted PRIVMSG that causes an empty string to trigger a negative
+string length copy.  NOTE: this issue exists because of an incorrect
+fix for CVE-2007-2807 (CVE-2009-1789).
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:126-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:126-1 (eggdrop)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"eggdrop", rpm:"eggdrop~1.6.18~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_133_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_133_1.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/mdksa_2009_133_1.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,95 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:133-1 (irssi)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66480);
+ script_cve_id("CVE-2009-1959");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:133-1 (irssi)");
+
+ desc = "The remote host is missing an update to irssi
+announced via advisory MDVSA-2009:133-1.
+
+A vulnerability has been found and corrected in irssi:
+
+Off-by-one error in the event_wallops function in
+fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers
+to cause a denial of service (crash) via an empty command, which
+triggers a one-byte buffer under-read and a one-byte buffer underflow
+(CVE-2009-1959).
+
+This update provides fixes for this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:133-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:133-1 (irssi)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"irssi", rpm:"irssi~0.8.11~1.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"irssi-devel", rpm:"irssi-devel~0.8.11~1.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"irssi-perl", rpm:"irssi-perl~0.8.11~1.2mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_191_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_191_1.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/mdksa_2009_191_1.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,114 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:191-1 (OpenEXR)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66479);
+ script_cve_id("CVE-2009-1720", "CVE-2009-1721", "CVE-2009-1722");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:191-1 (OpenEXR)");
+
+ desc = "The remote host is missing an update to OpenEXR
+announced via advisory MDVSA-2009:191-1.
+
+Multiple vulnerabilities has been found and corrected in OpenEXR:
+
+Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1
+allow context-dependent attackers to cause a denial of service
+(application crash) or possibly execute arbitrary code via unspecified
+vectors that trigger heap-based buffer overflows, related to (1)
+the Imf::PreviewImage::PreviewImage function and (2) compressor
+constructors.  NOTE: some of these details are obtained from third
+party information (CVE-2009-1720).
+
+The decompression implementation in the Imf::hufUncompress function in
+OpenEXR 1.2.2 and 1.6.1 allows context-dependent attackers to cause a
+denial of service (application crash) or possibly execute arbitrary
+code via vectors that trigger a free of an uninitialized pointer
+(CVE-2009-1721).
+
+Buffer overflow in the compression implementation in OpenEXR 1.2.2
+allows context-dependent attackers to cause a denial of service
+(application crash) or possibly execute arbitrary code via unspecified
+vectors (CVE-2009-1722).
+
+This update provides fixes for these vulnerabilities.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:191-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:191-1 (OpenEXR)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libOpenEXR4", rpm:"libOpenEXR4~1.4.0~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libOpenEXR-devel", rpm:"libOpenEXR-devel~1.4.0~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"OpenEXR", rpm:"OpenEXR~1.4.0~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64OpenEXR4", rpm:"lib64OpenEXR4~1.4.0~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64OpenEXR-devel", rpm:"lib64OpenEXR-devel~1.4.0~3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_251_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_251_1.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/mdksa_2009_251_1.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,158 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:251-1 (postgresql8.2)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66478);
+ script_cve_id("CVE-2009-3229", "CVE-2007-6600", "CVE-2009-3230", "CVE-2009-3231");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:251-1 (postgresql8.2)");
+
+ desc = "The remote host is missing an update to postgresql8.2
+announced via advisory MDVSA-2009:251-1.
+
+The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before
+8.3.8, and 8.2 before 8.2.14 allows remote authenticated users to
+cause a denial of service (backend shutdown) by re-LOAD-ing libraries
+from a certain plugins directory (CVE-2009-3229).
+
+The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before
+8.3.8, 8.2 before 8.2.14, 8.1 before 8.1.18, 8.0 before 8.0.22,
+and 7.4 before 7.4.26 does not use the appropriate privileges for
+the (1) RESET ROLE and (2) RESET SESSION AUTHORIZATION operations,
+which allows remote authenticated users to gain privileges.  NOTE:
+this is due to an incomplete fix for CVE-2007-6600 (CVE-2009-3230).
+
+The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2
+before 8.2.14, when using LDAP authentication with anonymous binds,
+allows remote attackers to bypass authentication via an empty password
+(CVE-2009-3231).
+
+This update provides a fix for this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:251-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:251-1 (postgresql8.2)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libecpg5", rpm:"libecpg5~8.2.14~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libecpg-devel", rpm:"libecpg-devel~8.2.14~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libpq5", rpm:"libpq5~8.2.14~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libpq-devel", rpm:"libpq-devel~8.2.14~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"postgresql", rpm:"postgresql~8.2.14~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"postgresql8.2", rpm:"postgresql8.2~8.2.14~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"postgresql8.2-contrib", rpm:"postgresql8.2-contrib~8.2.14~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"postgresql8.2-devel", rpm:"postgresql8.2-devel~8.2.14~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"postgresql8.2-docs", rpm:"postgresql8.2-docs~8.2.14~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"postgresql8.2-pl", rpm:"postgresql8.2-pl~8.2.14~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"postgresql8.2-plperl", rpm:"postgresql8.2-plperl~8.2.14~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"postgresql8.2-plpgsql", rpm:"postgresql8.2-plpgsql~8.2.14~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"postgresql8.2-plpython", rpm:"postgresql8.2-plpython~8.2.14~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"postgresql8.2-pltcl", rpm:"postgresql8.2-pltcl~8.2.14~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"postgresql8.2-server", rpm:"postgresql8.2-server~8.2.14~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"postgresql8.2-test", rpm:"postgresql8.2-test~8.2.14~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"postgresql-devel", rpm:"postgresql-devel~8.2.14~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64ecpg5", rpm:"lib64ecpg5~8.2.14~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64ecpg-devel", rpm:"lib64ecpg-devel~8.2.14~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64pq5", rpm:"lib64pq5~8.2.14~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64pq-devel", rpm:"lib64pq-devel~8.2.14~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_259_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_259_1.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/mdksa_2009_259_1.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,122 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:259-1 (snort)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66495);
+ script_cve_id("CVE-2008-1804");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:259-1 (snort)");
+
+ desc = "The remote host is missing an update to snort
+announced via advisory MDVSA-2009:259-1.
+
+preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not
+properly identify packet fragments that have dissimilar TTL values,
+which allows remote attackers to bypass detection rules by using a
+different TTL for each fragment. (CVE-2008-1804)
+
+The updated packages have been patched to prevent this.
+
+Additionally there were problems with two rules in the snort-rules
+package for 2008.0 that is also fixed with this update.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:259-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:259-1 (snort)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"snort", rpm:"snort~2.7.0.1~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-bloat", rpm:"snort-bloat~2.7.0.1~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-inline", rpm:"snort-inline~2.7.0.1~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-inline+flexresp", rpm:"snort-inline+flexresp~2.7.0.1~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-mysql", rpm:"snort-mysql~2.7.0.1~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-mysql+flexresp", rpm:"snort-mysql+flexresp~2.7.0.1~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-plain+flexresp", rpm:"snort-plain+flexresp~2.7.0.1~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-postgresql", rpm:"snort-postgresql~2.7.0.1~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-postgresql+flexresp", rpm:"snort-postgresql+flexresp~2.7.0.1~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-prelude", rpm:"snort-prelude~2.7.0.1~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-prelude+flexresp", rpm:"snort-prelude+flexresp~2.7.0.1~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"snort-rules", rpm:"snort-rules~2.3.3~4.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_276_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_276_1.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/mdksa_2009_276_1.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,98 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:276-1 (python-django)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66490);
+ script_cve_id("CVE-2009-2659", "CVE-2009-3695");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:276-1 (python-django)");
+
+ desc = "The remote host is missing an update to python-django
+announced via advisory MDVSA-2009:276-1.
+
+Multiple vulnerabilities has been found and corrected in python-django:
+
+The Admin media handler in core/servers/basehttp.py in Django 1.0
+and 0.96 does not properly map URL requests to expected static media
+files, which allows remote attackers to conduct directory traversal
+attacks and read arbitrary files via a crafted URL (CVE-2009-2659).
+
+Algorithmic complexity vulnerability in the forms library in Django
+1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause
+a denial of service (CPU consumption) via a crafted (1) EmailField
+(email address) or (2) URLField (URL) that triggers a large amount
+of backtracking in a regular expression (CVE-2009-3695).
+
+The versions of Django shipping with Mandriva Linux have been updated
+to the latest patched version that include the fix for this issue.
+In addition, they provide other bug fixes.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:276-1
+http://www.djangoproject.com/weblog/2009/jul/28/security/
+http://www.djangoproject.com/weblog/2009/oct/09/security/
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:276-1 (python-django)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"python-django", rpm:"python-django~1.0.4~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_282_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_282_1.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/mdksa_2009_282_1.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,154 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:282-1 (cups)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66477);
+ script_cve_id("CVE-2009-0146", "CVE-2009-0147", "CVE-2009-0163", "CVE-2009-0165", "CVE-2009-0166", "CVE-2009-0195", "CVE-2009-1179", "CVE-2009-0791", "CVE-2009-0799", "CVE-2009-0800", "CVE-2009-0949", "CVE-2009-1180", "CVE-2009-1181", "CVE-2009-1182", "CVE-2009-1183", "CVE-2009-3608", "CVE-2009-3609");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:282-1 (cups)");
+
+ desc = "The remote host is missing an update to cups
+announced via advisory MDVSA-2009:282-1.
+
+For details on the issues addressed with this update,
+please visit the referenced security advisories.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:282-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:282-1 (cups)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"cups", rpm:"cups~1.3.10~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-common", rpm:"cups-common~1.3.10~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-serial", rpm:"cups-serial~1.3.10~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libcups2", rpm:"libcups2~1.3.10~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libcups2-devel", rpm:"libcups2-devel~1.3.10~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libpoppler2", rpm:"libpoppler2~0.6~3.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libpoppler-devel", rpm:"libpoppler-devel~0.6~3.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libpoppler-glib2", rpm:"libpoppler-glib2~0.6~3.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libpoppler-glib-devel", rpm:"libpoppler-glib-devel~0.6~3.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libpoppler-qt2", rpm:"libpoppler-qt2~0.6~3.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libpoppler-qt4-2", rpm:"libpoppler-qt4-2~0.6~3.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libpoppler-qt4-devel", rpm:"libpoppler-qt4-devel~0.6~3.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libpoppler-qt-devel", rpm:"libpoppler-qt-devel~0.6~3.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"php-cups", rpm:"php-cups~1.3.10~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"poppler", rpm:"poppler~0.6~3.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64cups2", rpm:"lib64cups2~1.3.10~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64cups2-devel", rpm:"lib64cups2-devel~1.3.10~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64poppler2", rpm:"lib64poppler2~0.6~3.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64poppler-devel", rpm:"lib64poppler-devel~0.6~3.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64poppler-glib2", rpm:"lib64poppler-glib2~0.6~3.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64poppler-glib-devel", rpm:"lib64poppler-glib-devel~0.6~3.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64poppler-qt2", rpm:"lib64poppler-qt2~0.6~3.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64poppler-qt4-2", rpm:"lib64poppler-qt4-2~0.6~3.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64poppler-qt4-devel", rpm:"lib64poppler-qt4-devel~0.6~3.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64poppler-qt-devel", rpm:"lib64poppler-qt-devel~0.6~3.5mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_296_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_296_1.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/mdksa_2009_296_1.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,104 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:296-1 (gimp)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66494);
+ script_cve_id("CVE-2009-1570");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:296-1 (gimp)");
+
+ desc = "The remote host is missing an update to gimp
+announced via advisory MDVSA-2009:296-1.
+
+A vulnerability was discovered and corrected in gimp:
+
+Integer overflow in the ReadImage function in
+plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers
+to execute arbitrary code via a BMP file with crafted width and height
+values that trigger a heap-based buffer overflow (CVE-2009-1570).
+
+This update provides a solution to this vulnerability.
+
+Update:
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:296-1
+http://secunia.com/secunia_research/2009-42/
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:296-1 (gimp)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"gimp", rpm:"gimp~2.4.0~0.rc2.3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"gimp-python", rpm:"gimp-python~2.4.0~0.rc2.3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgimp2.0_0", rpm:"libgimp2.0_0~2.4.0~0.rc2.3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libgimp2.0-devel", rpm:"libgimp2.0-devel~2.4.0~0.rc2.3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64gimp2.0_0", rpm:"lib64gimp2.0_0~2.4.0~0.rc2.3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64gimp2.0-devel", rpm:"lib64gimp2.0-devel~2.4.0~0.rc2.3.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_327.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_327.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/mdksa_2009_327.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,133 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:327 (clamav)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66481);
+ script_cve_id("CVE-2009-1241", "CVE-2008-6680", "CVE-2009-1270", "CVE-2009-1371", "CVE-2009-1372");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:327 (clamav)");
+
+ desc = "The remote host is missing an update to clamav
+announced via advisory MDVSA-2009:327.
+
+Multiple vulnerabilities has been found and corrected in clamav:
+
+Unspecified vulnerability in ClamAV before 0.95 allows remote
+attackers to bypass detection of malware via a modified RAR archive
+(CVE-2009-1241).
+
+libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause
+a denial of service (crash) via a crafted EXE file that triggers a
+divide-by-zero error (CVE-2008-6680).
+
+libclamav/untar.c in ClamAV before 0.95 allows remote attackers to
+cause a denial of service (infinite loop) via a crafted file that
+causes (1) clamd and (2) clamscan to hang (CVE-2009-1270).
+
+The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1
+allows remote attackers to cause a denial of service (application
+crash) via a malformed file with UPack encoding (CVE-2009-1371).
+
+Stack-based buffer overflow in the cli_url_canon function in
+libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers
+to cause a denial of service (application crash) and possibly execute
+arbitrary code via a crafted URL (CVE-2009-1372).
+
+Important notice about this upgrade: clamav-0.95+ bundles support
+for RAR v3 in libclamav which is a license violation as the RAR v3
+license and the GPL license is not compatible. As a consequence to
+this Mandriva has been forced to remove the RAR v3 code.
+
+Packages for 2008.0 are being provided due to extended support for
+Corporate products.
+
+This update provides clamav 0.95.2, which is not vulnerable to these
+issues. Additionally klamav-0.46 is being provided that has support
+for clamav-0.95+.
+
+Affected: 2008.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:327
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:327 (clamav)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"clamav", rpm:"clamav~0.95.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"clamav-db", rpm:"clamav-db~0.95.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"clamav-milter", rpm:"clamav-milter~0.95.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"clamd", rpm:"clamd~0.95.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"klamav", rpm:"klamav~0.46~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libclamav6", rpm:"libclamav6~0.95.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libclamav-devel", rpm:"libclamav-devel~0.95.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64clamav6", rpm:"lib64clamav6~0.95.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64clamav-devel", rpm:"lib64clamav-devel~0.95.2~0.1mdv2008.0", rls:"MNDK_2008.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_330.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_330.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/mdksa_2009_330.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,144 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:330 (kdelibs)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66492);
+ script_cve_id("CVE-2009-0689", "CVE-2009-1687", "CVE-2009-1690", "CVE-2009-1698", "CVE-2009-1725", "CVE-2009-1692", "CVE-2009-2537", "CVE-2009-2408", "CVE-2009-2702");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:330 (kdelibs)");
+
+ desc = "The remote host is missing an update to kdelibs
+announced via advisory MDVSA-2009:330.
+
+Multiple vulnerabilities has been found and corrected in kdelibs:
+
+The gdtoa (aka new dtoa) implementation in gdtoa/misc.c in
+libc in FreeBSD 6.4 and 7.2, NetBSD 5.0, and OpenBSD 4.5 allows
+context-dependent attackers to cause a denial of service (application
+crash) or possibly have unspecified other impact via a large precision
+value in the format argument to a printf function, related to an
+array overrun. (CVE-2009-0689)
+
+The JavaScript garbage collector in WebKit in Apple Safari before
+4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1
+through 2.2.1 does not properly handle allocation failures, which
+allows remote attackers to execute arbitrary code or cause a denial
+of service (memory corruption and application crash) via a crafted
+HTML document that triggers write access to an offset of a NULL
+pointer. (CVE-2009-1687)
+
+Use-after-free vulnerability in WebKit, as used in Apple Safari
+before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1
+through 2.2.1, Google Chrome 1.0.154.53, and possibly other products,
+allows remote attackers to execute arbitrary code or cause a denial
+of service (memory corruption and application crash) by setting an
+unspecified property of an HTML tag that causes child elements to
+be freed and later accessed when an HTML error occurs, related to
+recursion in certain DOM event handlers. (CVE-2009-1690)
+
+WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1,
+and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a
+pointer during handling of a Cascading Style Sheets (CSS) attr function
+call with a large numerical argument, which allows remote attackers to
+execute arbitrary code or cause a denial of service (memory corruption
+and application crash) via a crafted HTML document. (CVE-2009-1698)
+
+WebKit in Apple Safari before 4.0.2, KHTML in kdelibs in KDE, QtWebKit
+(aka Qt toolkit), and possibly other products does not properly handle
+numeric character references, which allows remote attackers to execute
+arbitrary code or cause a denial of service (memory corruption and
+application crash) via a crafted HTML document. (CVE-2009-1725)
+
+KDE Konqueror allows remote attackers to cause a denial of service
+(memory consumption) via a large integer value for the length property
+of a Select object, a related issue to CVE-2009-1692. (CVE-2009-2537)
+
+KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a
+'\0' (NUL) character in a domain name in the Subject Alternative Name
+field of an X.509 certificate, which allows man-in-the-middle attackers
+to spoof arbitrary SSL servers via a crafted certificate issued by a
+legitimate Certification Authority, a related issue to CVE-2009-2408
+(CVE-2009-2702).
+
+This update provides a solution to this vulnerability.
+
+Affected: Corporate 4.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:330
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:330 (kdelibs)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"kdelibs-arts", rpm:"kdelibs-arts~3.5.4~2.8.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdelibs-common", rpm:"kdelibs-common~3.5.4~2.8.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdelibs-devel-doc", rpm:"kdelibs-devel-doc~3.5.4~2.8.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libkdecore4", rpm:"libkdecore4~3.5.4~2.8.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libkdecore4-devel", rpm:"libkdecore4-devel~3.5.4~2.8.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64kdecore4", rpm:"lib64kdecore4~3.5.4~2.8.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64kdecore4-devel", rpm:"lib64kdecore4-devel~3.5.4~2.8.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/mdksa_2009_331.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_331.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/mdksa_2009_331.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,234 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:331 (kdegraphics)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66493);
+ script_cve_id("CVE-2009-0146", "CVE-2009-0147", "CVE-2009-0166", "CVE-2009-1179", "CVE-2009-0791", "CVE-2009-1709", "CVE-2009-0945");
+ script_version ("$Revision$");
+ script_name("Mandriva Security Advisory MDVSA-2009:331 (kdegraphics)");
+
+ desc = "The remote host is missing an update to kdegraphics
+announced via advisory MDVSA-2009:331.
+
+Multiple vulnerabilities has been found and corrected in kdegraphics:
+
+Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2
+and earlier allow remote attackers to cause a denial of service
+(crash) via a crafted PDF file, related to (1) setBitmap and (2)
+readSymbolDictSeg (CVE-2009-0146).
+
+Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and
+earlier allow remote attackers to cause a denial of service (crash)
+via a crafted PDF file (CVE-2009-0147).
+
+The JBIG2 decoder in Xpdf 3.02pl2 and earlier allows remote attackers
+to cause a denial of service (crash) via a crafted PDF file that
+triggers a free of uninitialized memory (CVE-2009-0166).
+
+Multiple integer overflows in the pdftops filter in CUPS 1.1.17,
+1.1.22, and 1.3.7 allow remote attackers to cause a denial of service
+(application crash) or possibly execute arbitrary code via a crafted
+PDF file that triggers a heap-based buffer overflow, possibly
+related to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4)
+JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/.  NOTE: the
+JBIG2Stream.cxx vector may overlap CVE-2009-1179. (CVE-2009-0791).
+
+Use-after-free vulnerability in the garbage-collection implementation
+in WebCore in WebKit in Apple Safari before 4.0 allows remote
+attackers to execute arbitrary code or cause a denial of service
+(heap corruption and application crash) via an SVG animation element,
+related to SVG set objects, SVG marker elements, the targetElement
+attribute, and unspecified caches. (CVE-2009-1709).
+
+WebKit, as used in Safari before 3.2.3 and 4 Public Beta, on Apple
+Mac OS X 10.4.11 and 10.5 before 10.5.7 and Windows allows remote
+attackers to execute arbitrary code via a crafted SVGList object that
+triggers memory corruption (CVE-2009-0945).
+
+This update provides a solution to this vulnerability.
+
+Affected: Corporate 4.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi.  The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:331
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Mandriva Security Advisory MDVSA-2009:331 (kdegraphics)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"kdegraphics", rpm:"kdegraphics~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdegraphics-common", rpm:"kdegraphics-common~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdegraphics-kcolorchooser", rpm:"kdegraphics-kcolorchooser~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdegraphics-kcoloredit", rpm:"kdegraphics-kcoloredit~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdegraphics-kdvi", rpm:"kdegraphics-kdvi~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdegraphics-kfax", rpm:"kdegraphics-kfax~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdegraphics-kghostview", rpm:"kdegraphics-kghostview~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdegraphics-kiconedit", rpm:"kdegraphics-kiconedit~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdegraphics-kolourpaint", rpm:"kdegraphics-kolourpaint~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdegraphics-kooka", rpm:"kdegraphics-kooka~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdegraphics-kpdf", rpm:"kdegraphics-kpdf~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdegraphics-kpovmodeler", rpm:"kdegraphics-kpovmodeler~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdegraphics-kruler", rpm:"kdegraphics-kruler~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdegraphics-ksnapshot", rpm:"kdegraphics-ksnapshot~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdegraphics-ksvg", rpm:"kdegraphics-ksvg~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdegraphics-kuickshow", rpm:"kdegraphics-kuickshow~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdegraphics-kview", rpm:"kdegraphics-kview~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdegraphics-mrmlsearch", rpm:"kdegraphics-mrmlsearch~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libkdegraphics0-common", rpm:"libkdegraphics0-common~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libkdegraphics0-common-devel", rpm:"libkdegraphics0-common-devel~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libkdegraphics0-kghostview", rpm:"libkdegraphics0-kghostview~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libkdegraphics0-kghostview-devel", rpm:"libkdegraphics0-kghostview-devel~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libkdegraphics0-kooka", rpm:"libkdegraphics0-kooka~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libkdegraphics0-kooka-devel", rpm:"libkdegraphics0-kooka-devel~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libkdegraphics0-kpovmodeler", rpm:"libkdegraphics0-kpovmodeler~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libkdegraphics0-kpovmodeler-devel", rpm:"libkdegraphics0-kpovmodeler-devel~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libkdegraphics0-ksvg", rpm:"libkdegraphics0-ksvg~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libkdegraphics0-ksvg-devel", rpm:"libkdegraphics0-ksvg-devel~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libkdegraphics0-kview", rpm:"libkdegraphics0-kview~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libkdegraphics0-kview-devel", rpm:"libkdegraphics0-kview-devel~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64kdegraphics0-common", rpm:"lib64kdegraphics0-common~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64kdegraphics0-common-devel", rpm:"lib64kdegraphics0-common-devel~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64kdegraphics0-kghostview", rpm:"lib64kdegraphics0-kghostview~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64kdegraphics0-kghostview-devel", rpm:"lib64kdegraphics0-kghostview-devel~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64kdegraphics0-kooka", rpm:"lib64kdegraphics0-kooka~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64kdegraphics0-kooka-devel", rpm:"lib64kdegraphics0-kooka-devel~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64kdegraphics0-kpovmodeler", rpm:"lib64kdegraphics0-kpovmodeler~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64kdegraphics0-kpovmodeler-devel", rpm:"lib64kdegraphics0-kpovmodeler-devel~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64kdegraphics0-ksvg", rpm:"lib64kdegraphics0-ksvg~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64kdegraphics0-ksvg-devel", rpm:"lib64kdegraphics0-ksvg-devel~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64kdegraphics0-kview", rpm:"lib64kdegraphics0-kview~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64kdegraphics0-kview-devel", rpm:"lib64kdegraphics0-kview-devel~3.5.4~0.9.20060mlcs4", rls:"MNDK_4.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/ovcesa2009_1646.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ovcesa2009_1646.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/ovcesa2009_1646.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,83 @@
+#CESA-2009:1646 66528 4
+# $Id$
+# Description: Auto-generated from advisory CESA-2009:1646 (libtool)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66528);
+ script_cve_id("CVE-2009-3736");
+ script_version ("$Revision$");
+ script_name("CentOS Security Advisory CESA-2009:1646 (libtool)");
+
+ desc = "The remote host is missing updates to libtool announced in
+advisory CESA-2009:1646.
+
+For details on the issues addressed in this update,
+please visit the referenced security advisories.
+
+Solution:
+Update the appropriate packages on your system.
+
+http://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1646
+http://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1646
+https://rhn.redhat.com/errata/RHSA-2009-1646.html
+
+Risk factor : Medium";
+
+ script_description(desc);
+
+ script_summary("CentOS Security Advisory CESA-2009:1646 (libtool)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("CentOS Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libtool", rpm:"libtool~1.4.3~7", rls:"CentOS3")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libtool-libs", rpm:"libtool-libs~1.4.3~7", rls:"CentOS3")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libtool", rpm:"libtool~1.5.6~5.el4_8", rls:"CentOS4")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libtool-libs", rpm:"libtool-libs~1.5.6~5.el4_8", rls:"CentOS4")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/ovcesa2009_1648.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ovcesa2009_1648.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/ovcesa2009_1648.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,74 @@
+#CESA-2009:1648 66527 2
+# $Id$
+# Description: Auto-generated from advisory CESA-2009:1648 (ntp)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66527);
+ script_cve_id("CVE-2009-3563");
+ script_version ("$Revision$");
+ script_name("CentOS Security Advisory CESA-2009:1648 (ntp)");
+
+ desc = "The remote host is missing updates to ntp announced in
+advisory CESA-2009:1648.
+
+For details on the issues addressed in this update,
+please visit the referenced security advisories.
+
+Solution:
+Update the appropriate packages on your system.
+
+http://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1648
+http://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1648
+https://rhn.redhat.com/errata/RHSA-2009-1648.html
+
+Risk factor : Medium";
+
+ script_description(desc);
+
+ script_summary("CentOS Security Advisory CESA-2009:1648 (ntp)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("CentOS Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"ntp", rpm:"ntp~4.2.0.a.20040617~8.el4_8.1", rls:"CentOS4")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/ovcesa2009_1651.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ovcesa2009_1651.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/ovcesa2009_1651.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,74 @@
+#CESA-2009:1651 66526 2
+# $Id$
+# Description: Auto-generated from advisory CESA-2009:1651 (ntp)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66526);
+ script_cve_id("CVE-2009-0159", "CVE-2009-3563");
+ script_version ("$Revision$");
+ script_name("CentOS Security Advisory CESA-2009:1651 (ntp)");
+
+ desc = "The remote host is missing updates to ntp announced in
+advisory CESA-2009:1651.
+
+For details on the issues addressed in this update,
+please visit the referenced security advisories.
+
+Solution:
+Update the appropriate packages on your system.
+
+http://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1651
+http://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1651
+https://rhn.redhat.com/errata/RHSA-2009-1651.html
+
+Risk factor : Medium";
+
+ script_description(desc);
+
+ script_summary("CentOS Security Advisory CESA-2009:1651 (ntp)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("CentOS Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"ntp", rpm:"ntp~4.1.2~6.el3", rls:"CentOS3")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/sles11_expat0.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sles11_expat0.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/sles11_expat0.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,85 @@
+#
+#VID df7fac6ab40235408e8ea35318a13920
+# OpenVAS Vulnerability Test
+# $
+# Description: Security update for expat
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66533);
+ script_cve_id("CVE-2009-3560");
+ script_version ("$Revision$");
+ script_name("SLES11: Security update for expat");
+
+ desc = "The remote host is missing updates to packages that affect
+the security of your system.  One or more of the following packages
+are affected:
+
+    expat
+    libexpat1
+
+References:
+    https://bugzilla.novell.com/show_bug.cgi?id=558892
+
+More details may also be found by searching for the SuSE
+Enterprise Server 11 patch database located at
+http://download.novell.com/patch/finder/
+
+Solution:
+
+Please install the updates provided by SuSE.
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("SLES11: Security update for expat");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("SuSE Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"expat", rpm:"expat~2.0.1~88.23.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"libexpat1", rpm:"libexpat1~2.0.1~88.23.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/sles11_kdelibs3.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sles11_kdelibs3.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/sles11_kdelibs3.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,85 @@
+#
+#VID 5d7c99e519a95f9108d35c51b0c854c5
+# OpenVAS Vulnerability Test
+# $
+# Description: Security update for kdelibs3
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66530);
+ script_cve_id("CVE-2009-0689");
+ script_version ("$Revision$");
+ script_name("SLES11: Security update for kdelibs3");
+
+ desc = "The remote host is missing updates to packages that affect
+the security of your system.  One or more of the following packages
+are affected:
+
+    kdelibs3
+    kdelibs3-default-style
+
+References:
+    https://bugzilla.novell.com/show_bug.cgi?id=557126
+
+More details may also be found by searching for the SuSE
+Enterprise Server 11 patch database located at
+http://download.novell.com/patch/finder/
+
+Solution:
+
+Please install the updates provided by SuSE.
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("SLES11: Security update for kdelibs3");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("SuSE Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"kdelibs3", rpm:"kdelibs3~3.5.10~23.27.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+if(isrpmvuln(pkg:"kdelibs3-default-style", rpm:"kdelibs3-default-style~3.5.10~23.27.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/sles11_perl-HTML-Parse.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sles11_perl-HTML-Parse.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/sles11_perl-HTML-Parse.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,81 @@
+#
+#VID 58f42631ae5a6c4bdfd6fb69a2114c32
+# OpenVAS Vulnerability Test
+# $
+# Description: Security update for perl-HTML-Parser
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66531);
+ script_cve_id("CVE-2009-3627");
+ script_version ("$Revision$");
+ script_name("SLES11: Security update for perl-HTML-Parser");
+
+ desc = "The remote host is missing updates to packages that affect
+the security of your system.  One or more of the following packages
+are affected:
+
+    perl-HTML-Parser
+
+References:
+    https://bugzilla.novell.com/show_bug.cgi?id=550076
+
+More details may also be found by searching for the SuSE
+Enterprise Server 11 patch database located at
+http://download.novell.com/patch/finder/
+
+Solution:
+
+Please install the updates provided by SuSE.
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("SLES11: Security update for perl-HTML-Parser");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("SuSE Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"perl-HTML-Parser", rpm:"perl-HTML-Parser~3.56~1.18.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/sles11_wireshark1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sles11_wireshark1.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/sles11_wireshark1.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,82 @@
+#
+#VID 21376954221689990a2fee3602c8189f
+# OpenVAS Vulnerability Test
+# $
+# Description: Security update for wireshark
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66532);
+ script_cve_id("CVE-2009-3549", "CVE-2009-3550", "CVE-2009-3551", "CVE-2009-2560", "CVE-2009-3829");
+ script_version ("$Revision$");
+ script_name("SLES11: Security update for wireshark");
+
+ desc = "The remote host is missing updates to packages that affect
+the security of your system.  One or more of the following packages
+are affected:
+
+    wireshark
+
+References:
+    https://bugzilla.novell.com/show_bug.cgi?id=550320
+    https://bugzilla.novell.com/show_bug.cgi?id=553215
+
+More details may also be found by searching for the SuSE
+Enterprise Server 11 patch database located at
+http://download.novell.com/patch/finder/
+
+Solution:
+
+Please install the updates provided by SuSE.
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("SLES11: Security update for wireshark");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("SuSE Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"wireshark", rpm:"wireshark~1.0.5~1.31.1", rls:"SLES11.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/sles9p5064331.nasl
===================================================================
--- trunk/openvas-plugins/scripts/sles9p5064331.nasl	2009-12-14 10:11:47 UTC (rev 6134)
+++ trunk/openvas-plugins/scripts/sles9p5064331.nasl	2009-12-14 22:06:43 UTC (rev 6135)
@@ -0,0 +1,80 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Security update for expat
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+                                                                                
+if(description)
+{
+ script_id(66529);
+ script_cve_id("CVE-2009-3560");
+ script_version ("$Revision$");
+ script_name("SLES9: Security update for expat");
+
+ desc = "The remote host is missing updates to packages that affect
+the security of your system.  One or more of the following packages
+are affected:
+
+    expat
+
+For more information, please visit the referenced security
+advisories.
+
+More details may also be found by searching for keyword
+5064331 within the SuSE Enterprise Server 9 patch
+database at http://download.novell.com/patch/finder/
+
+Solution:
+
+Please install the updates provided by SuSE.
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("SLES9: Security update for expat");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ script_family("SuSE Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"expat", rpm:"expat~1.95.7~37.6", rls:"SLES9.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}



More information about the Openvas-commits mailing list