[Openvas-commits] r2556 - in trunk/openvas-plugins: . scripts
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Mon Feb 23 21:31:19 CET 2009
Author: reinke
Date: 2009-02-23 21:31:14 +0100 (Mon, 23 Feb 2009)
New Revision: 2556
Added:
trunk/openvas-plugins/scripts/RHSA_2009_0275.nasl
trunk/openvas-plugins/scripts/RHSA_2009_0308.nasl
trunk/openvas-plugins/scripts/fcore_2009_1914.nasl
trunk/openvas-plugins/scripts/freebsd_ZendFramework.nasl
trunk/openvas-plugins/scripts/mdksa_2009_042.nasl
trunk/openvas-plugins/scripts/mdksa_2009_043.nasl
trunk/openvas-plugins/scripts/mdksa_2009_044.nasl
trunk/openvas-plugins/scripts/mdksa_2009_045.nasl
trunk/openvas-plugins/scripts/mdksa_2009_046.nasl
trunk/openvas-plugins/scripts/mdksa_2009_047.nasl
trunk/openvas-plugins/scripts/ovcesa2009_0275.nasl
trunk/openvas-plugins/scripts/ovcesa2009_0308.nasl
Modified:
trunk/openvas-plugins/ChangeLog
Log:
New scripts added
Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog 2009-02-23 16:49:54 UTC (rev 2555)
+++ trunk/openvas-plugins/ChangeLog 2009-02-23 20:31:14 UTC (rev 2556)
@@ -1,3 +1,10 @@
+2009-02-23 Thomas Reinke <reinke at securityspace.com>
+ * freebsd_ZendFramework.nasl mdksa_2009_042.nasl mdksa_2009_043.nasl
+ mdksa_2009_044.nasl mdksa_2009_045.nasl mdksa_2009_046.nasl
+ mdksa_2009_047.nasl RHSA_2009_0275.nasl RHSA_2009_0308.nasl
+ fcore_2009_1914.nasl ovcesa2009_0275.nasl ovcesa2009_0308.nasl
+ New scripts
+
2009-02-23 Michael Wiegand <michael.wiegand at intevation.de>
* scripts/osc_photoGallery_sql_injection.nasl: Added missing script_id.
Added: trunk/openvas-plugins/scripts/RHSA_2009_0275.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RHSA_2009_0275.nasl 2009-02-23 16:49:54 UTC (rev 2555)
+++ trunk/openvas-plugins/scripts/RHSA_2009_0275.nasl 2009-02-23 20:31:14 UTC (rev 2556)
@@ -0,0 +1,99 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory RHSA-2009:0275 ()
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63419);
+ script_cve_id("CVE-2008-5005");
+ script_version ("$");
+ name["english"] = "RedHat Security Advisory RHSA-2009:0275";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing updates announced in
+advisory RHSA-2009:0275.
+
+The imap package provides server daemons for both the IMAP (Internet
+Message Access Protocol) and POP (Post Office Protocol) mail access protocols.
+
+A buffer overflow flaw was discovered in the dmail and tmail mail delivery
+utilities shipped with imap. If either of these utilities were used as a
+mail delivery agent, a remote attacker could potentially use this flaw to
+run arbitrary code as the targeted user by sending a specially-crafted mail
+message to the victim. (CVE-2008-5005)
+
+Users of imap should upgrade to these updated packages, which contain a
+backported patch to resolve this issue.
+
+Solution:
+Please note that this update is available via
+Red Hat Network. To use Red Hat Network, launch the Red
+Hat Update Agent with the following command: up2date
+
+http://rhn.redhat.com/errata/RHSA-2009-0275.html
+http://www.redhat.com/security/updates/classification/#moderate
+
+Risk factor : Medium";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Redhat Security Advisory RHSA-2009:0275";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Red Hat Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"imap", rpm:"imap~2002d~15", rls:"RHENT_3")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"imap-debuginfo", rpm:"imap-debuginfo~2002d~15", rls:"RHENT_3")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"imap-devel", rpm:"imap-devel~2002d~15", rls:"RHENT_3")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"imap-utils", rpm:"imap-utils~2002d~15", rls:"RHENT_3")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/RHSA_2009_0308.nasl
===================================================================
--- trunk/openvas-plugins/scripts/RHSA_2009_0308.nasl 2009-02-23 16:49:54 UTC (rev 2555)
+++ trunk/openvas-plugins/scripts/RHSA_2009_0308.nasl 2009-02-23 20:31:14 UTC (rev 2556)
@@ -0,0 +1,102 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory RHSA-2009:0308 ()
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63420);
+ script_cve_id("CVE-2009-0577", "CVE-2008-3640");
+ script_version ("$");
+ name["english"] = "RedHat Security Advisory RHSA-2009:0308";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing updates announced in
+advisory RHSA-2009:0308.
+
+The Common UNIX® Printing System (CUPS) provides a portable printing layer
+for UNIX operating systems.
+
+The CUPS security advisory, RHSA-2008:0937, stated that it fixed
+CVE-2008-3640 for Red Hat Enterprise Linux 3, 4, and 5. It was discovered
+this flaw was not properly fixed on Red Hat Enterprise Linux 3, however.
+(CVE-2009-0577)
+
+These new packages contain a proper fix for CVE-2008-3640 on Red Hat
+Enterprise Linux 3. Red Hat Enterprise Linux 4 and 5 already contain the
+appropriate fix for this flaw and do not need to be updated.
+
+Users of cups should upgrade to these updated packages, which contain a
+backported patch to correct this issue.
+
+Solution:
+Please note that this update is available via
+Red Hat Network. To use Red Hat Network, launch the Red
+Hat Update Agent with the following command: up2date
+
+http://rhn.redhat.com/errata/RHSA-2009-0308.html
+http://www.redhat.com/security/updates/classification/#important
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Redhat Security Advisory RHSA-2009:0308";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Red Hat Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"cups", rpm:"cups~1.1.17~13.3.56", rls:"RHENT_3")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-debuginfo", rpm:"cups-debuginfo~1.1.17~13.3.56", rls:"RHENT_3")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.17~13.3.56", rls:"RHENT_3")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.17~13.3.56", rls:"RHENT_3")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/fcore_2009_1914.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_1914.nasl 2009-02-23 16:49:54 UTC (rev 2555)
+++ trunk/openvas-plugins/scripts/fcore_2009_1914.nasl 2009-02-23 20:31:14 UTC (rev 2556)
@@ -0,0 +1,102 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory FEDORA-2009-1914 (perl-Crypt-OpenSSL-DSA)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63427);
+ script_cve_id("CVE-2009-0129");
+ script_version ("$");
+ name["english"] = "Fedora Core 9 FEDORA-2009-1914 (perl-Crypt-OpenSSL-DSA)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to perl-Crypt-OpenSSL-DSA
+announced via advisory FEDORA-2009-1914.
+
+Crypt::OpenSSL::DSA - Digital Signature Algorithm using OpenSSL
+
+Update Information:
+
+Fixes CVE-2009-0129: The Crypto::OpenSSL::DSA module now croaks upon error
+rather than returning a -1 to ensure programmers are not caught by surprise
+which only checking for non-zero results.
+
+ChangeLog:
+
+* Wed Feb 18 2009 Wes Hardaker - 0.13-9
+- Version bump to solve build issues
+* Wed Feb 18 2009 Wes Hardaker - 0.13-8
+- Fix CVE-2009-0129 and have do_verify croak on fatal error
+
+References:
+
+[ 1 ] Bug #486012 - CVE-2009-0129 perl-Crypt-OpenSSL-DSA: do_verify() doesn't fail on errors in OpenSSL DSA_do_verify()
+https://bugzilla.redhat.com/show_bug.cgi?id=486012
+
+Solution: Apply the appropriate updates.
+
+This update can be installed with the yum update program. Use
+su -c 'yum update perl-Crypt-OpenSSL-DSA' at the command line.
+For more information, refer to Managing Software with yum,
+available at http://docs.fedoraproject.org/yum/.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-1914
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Fedora Core 9 FEDORA-2009-1914 (perl-Crypt-OpenSSL-DSA)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Fedora Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"perl-Crypt-OpenSSL", rpm:"perl-Crypt-OpenSSL~DSA~0.13", rls:"FC9")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"perl-Crypt-OpenSSL", rpm:"perl-Crypt-OpenSSL~DSA~debuginfo", rls:"FC9")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/freebsd_ZendFramework.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_ZendFramework.nasl 2009-02-23 16:49:54 UTC (rev 2555)
+++ trunk/openvas-plugins/scripts/freebsd_ZendFramework.nasl 2009-02-23 20:31:14 UTC (rev 2556)
@@ -0,0 +1,81 @@
+#
+#VID cf495fd4-fdcd-11dd-9a86-0050568452ac
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID cf495fd4-fdcd-11dd-9a86-0050568452ac
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63430);
+ script_version ("$");
+ name["english"] = "FreeBSD Ports: ZendFramework";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: ZendFramework
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://framework.zend.com/issues/browse/ZF-5748
+http://www.vuxml.org/freebsd/cf495fd4-fdcd-11dd-9a86-0050568452ac.html
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "FreeBSD Ports: ZendFramework";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "FreeBSD Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"ZendFramework");
+if(!isnull(bver) && revcomp(a:bver, b:"1.7.5")<0) {
+ security_note(0, data:"Package ZendFramework version " + bver + " is installed which is known to be vulnerable.");
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/mdksa_2009_042.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_042.nasl 2009-02-23 16:49:54 UTC (rev 2555)
+++ trunk/openvas-plugins/scripts/mdksa_2009_042.nasl 2009-02-23 20:31:14 UTC (rev 2556)
@@ -0,0 +1,183 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:042 (samba)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63421);
+ script_cve_id("CVE-2009-0022");
+ script_version ("$");
+ name["english"] = "Mandrake Security Advisory MDVSA-2009:042 (samba)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to samba
+announced via advisory MDVSA-2009:042.
+
+Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows
+remote authenticated users to access the root filesystem via a crafted
+connection request that specifies a blank share name (CVE-2009-0022).
+
+This update provides samba 3.2.7 to address this issue.
+
+Affected: 2009.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi. The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:042
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Mandrake Security Advisory MDVSA-2009:042 (samba)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Mandrake Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"libnetapi0", rpm:"libnetapi0~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libnetapi-devel", rpm:"libnetapi-devel~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libsmbclient0", rpm:"libsmbclient0~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libsmbclient0-devel", rpm:"libsmbclient0-devel~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libsmbclient0-static-devel", rpm:"libsmbclient0-static-devel~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libsmbsharemodes0", rpm:"libsmbsharemodes0~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libsmbsharemodes-devel", rpm:"libsmbsharemodes-devel~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libtalloc1", rpm:"libtalloc1~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libtalloc-devel", rpm:"libtalloc-devel~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libtdb1", rpm:"libtdb1~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libtdb-devel", rpm:"libtdb-devel~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libwbclient0", rpm:"libwbclient0~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libwbclient-devel", rpm:"libwbclient-devel~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mount-cifs", rpm:"mount-cifs~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"nss_wins", rpm:"nss_wins~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"samba-client", rpm:"samba-client~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"samba-common", rpm:"samba-common~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"samba-doc", rpm:"samba-doc~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"samba-server", rpm:"samba-server~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"samba-swat", rpm:"samba-swat~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"samba-winbind", rpm:"samba-winbind~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64netapi0", rpm:"lib64netapi0~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64netapi-devel", rpm:"lib64netapi-devel~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64smbclient0", rpm:"lib64smbclient0~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64smbclient0-devel", rpm:"lib64smbclient0-devel~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64smbclient0-static-devel", rpm:"lib64smbclient0-static-devel~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64smbsharemodes0", rpm:"lib64smbsharemodes0~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64smbsharemodes-devel", rpm:"lib64smbsharemodes-devel~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64talloc1", rpm:"lib64talloc1~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64talloc-devel", rpm:"lib64talloc-devel~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64tdb1", rpm:"lib64tdb1~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64tdb-devel", rpm:"lib64tdb-devel~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64wbclient0", rpm:"lib64wbclient0~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64wbclient-devel", rpm:"lib64wbclient-devel~3.2.7~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/mdksa_2009_043.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_043.nasl 2009-02-23 16:49:54 UTC (rev 2555)
+++ trunk/openvas-plugins/scripts/mdksa_2009_043.nasl 2009-02-23 20:31:14 UTC (rev 2556)
@@ -0,0 +1,116 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:043 (gnumeric)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63422);
+ script_cve_id("CVE-2009-0318");
+ script_version ("$");
+ name["english"] = "Mandrake Security Advisory MDVSA-2009:043 (gnumeric)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to gnumeric
+announced via advisory MDVSA-2009:043.
+
+Python has a variable called sys.path that contains all paths where
+Python loads modules by using import scripting procedure. A wrong
+handling of that variable enables local attackers to execute arbitrary
+code via Python scripting in the current Gnumeric working directory
+(CVE-2009-0318).
+
+This update provides fix for that vulnerability.
+
+Affected: 2008.1, 2009.0, Corporate 3.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi. The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:043
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Mandrake Security Advisory MDVSA-2009:043 (gnumeric)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Mandrake Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"gnumeric", rpm:"gnumeric~1.8.2~1.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libspreadsheet1.8.2", rpm:"libspreadsheet1.8.2~1.8.2~1.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libspreadsheet-devel", rpm:"libspreadsheet-devel~1.8.2~1.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64spreadsheet1.8.2", rpm:"lib64spreadsheet1.8.2~1.8.2~1.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64spreadsheet-devel", rpm:"lib64spreadsheet-devel~1.8.2~1.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"gnumeric", rpm:"gnumeric~1.9.2~1.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libspreadsheet1.9.2", rpm:"libspreadsheet1.9.2~1.9.2~1.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libspreadsheet-devel", rpm:"libspreadsheet-devel~1.9.2~1.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64spreadsheet1.9.2", rpm:"lib64spreadsheet1.9.2~1.9.2~1.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64spreadsheet-devel", rpm:"lib64spreadsheet-devel~1.9.2~1.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"gnumeric", rpm:"gnumeric~1.2.6~1.2.C30mdk", rls:"MNDK_3.0")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/mdksa_2009_044.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_044.nasl 2009-02-23 16:49:54 UTC (rev 2555)
+++ trunk/openvas-plugins/scripts/mdksa_2009_044.nasl 2009-02-23 20:31:14 UTC (rev 2556)
@@ -0,0 +1,759 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:044 (firefox)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63424);
+ script_cve_id("CVE-2009-0352", "CVE-2009-0353", "CVE-2009-0354", "CVE-2009-0355", "CVE-2009-0356", "CVE-2009-0357", "CVE-2009-0358");
+ script_version ("$");
+ name["english"] = "Mandrake Security Advisory MDVSA-2009:044 (firefox)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to firefox
+announced via advisory MDVSA-2009:044.
+
+Security vulnerabilities have been discovered and corrected in
+the latest Mozilla Firefox 3.x, version 3.0.5 (CVE-2009-0352,
+CVE-2009-0353, CVE-2009-0354, CVE-2009-0355, CVE-2009-0356,
+CVE-2009-0357, CVE-2009-0358).
+
+This update provides the latest Mozilla Firefox 3.x to correct
+these issues.
+
+As Mozilla Firefox 2.x has been phased out, version 3.x is also being
+provided for Mandriva Linux 2008 Spring.
+
+Affected: 2008.1, 2009.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi. The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:044
+http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.6
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Mandrake Security Advisory MDVSA-2009:044 (firefox)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Mandrake Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"devhelp", rpm:"devhelp~0.19~3.8mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"devhelp-plugins", rpm:"devhelp-plugins~0.19~3.8mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"epiphany", rpm:"epiphany~2.22.3~0.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"epiphany-devel", rpm:"epiphany-devel~2.22.3~0.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"epiphany-extensions", rpm:"epiphany-extensions~2.22.2~0.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox", rpm:"firefox~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-af", rpm:"firefox-af~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ar", rpm:"firefox-ar~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-be", rpm:"firefox-be~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-bg", rpm:"firefox-bg~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-bn", rpm:"firefox-bn~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ca", rpm:"firefox-ca~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-cs", rpm:"firefox-cs~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-cy", rpm:"firefox-cy~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-da", rpm:"firefox-da~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-de", rpm:"firefox-de~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-el", rpm:"firefox-el~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-en_GB", rpm:"firefox-en_GB~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-eo", rpm:"firefox-eo~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-es_AR", rpm:"firefox-es_AR~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-es_ES", rpm:"firefox-es_ES~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-et", rpm:"firefox-et~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-eu", rpm:"firefox-eu~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-fi", rpm:"firefox-fi~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-fr", rpm:"firefox-fr~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-fy", rpm:"firefox-fy~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ga_IE", rpm:"firefox-ga_IE~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-gl", rpm:"firefox-gl~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-gu_IN", rpm:"firefox-gu_IN~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-he", rpm:"firefox-he~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-hi", rpm:"firefox-hi~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-hu", rpm:"firefox-hu~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-id", rpm:"firefox-id~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-is", rpm:"firefox-is~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-it", rpm:"firefox-it~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ja", rpm:"firefox-ja~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ka", rpm:"firefox-ka~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-kn", rpm:"firefox-kn~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ko", rpm:"firefox-ko~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ku", rpm:"firefox-ku~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-lt", rpm:"firefox-lt~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-lv", rpm:"firefox-lv~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-mk", rpm:"firefox-mk~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-mn", rpm:"firefox-mn~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-mr", rpm:"firefox-mr~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-nb_NO", rpm:"firefox-nb_NO~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-nl", rpm:"firefox-nl~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-nn_NO", rpm:"firefox-nn_NO~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-oc", rpm:"firefox-oc~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-pa_IN", rpm:"firefox-pa_IN~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-pl", rpm:"firefox-pl~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-pt_BR", rpm:"firefox-pt_BR~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-pt_PT", rpm:"firefox-pt_PT~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ro", rpm:"firefox-ro~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ru", rpm:"firefox-ru~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-si", rpm:"firefox-si~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-sk", rpm:"firefox-sk~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-sl", rpm:"firefox-sl~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-sq", rpm:"firefox-sq~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-sr", rpm:"firefox-sr~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-sv_SE", rpm:"firefox-sv_SE~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-te", rpm:"firefox-te~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-th", rpm:"firefox-th~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-tr", rpm:"firefox-tr~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-uk", rpm:"firefox-uk~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-zh_CN", rpm:"firefox-zh_CN~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-zh_TW", rpm:"firefox-zh_TW~3.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"galeon", rpm:"galeon~2.0.7~0.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"gecko-sharp2", rpm:"gecko-sharp2~0.12~5.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"gecko-sharp2-doc", rpm:"gecko-sharp2-doc~0.12~5.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"gnome-python-extras", rpm:"gnome-python-extras~2.19.1~10.8mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"gnome-python-gda", rpm:"gnome-python-gda~2.19.1~10.8mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"gnome-python-gda-devel", rpm:"gnome-python-gda-devel~2.19.1~10.8mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"gnome-python-gdl", rpm:"gnome-python-gdl~2.19.1~10.8mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"gnome-python-gksu", rpm:"gnome-python-gksu~2.19.1~10.8mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"gnome-python-gtkhtml2", rpm:"gnome-python-gtkhtml2~2.19.1~10.8mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"gnome-python-gtkmozembed", rpm:"gnome-python-gtkmozembed~2.19.1~10.8mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"gnome-python-gtkspell", rpm:"gnome-python-gtkspell~2.19.1~10.8mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libdevhelp-1_0", rpm:"libdevhelp-1_0~0.19~3.8mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libdevhelp-1-devel", rpm:"libdevhelp-1-devel~0.19~3.8mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libgluezilla0", rpm:"libgluezilla0~1.2.6.1~2.8mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libxulrunner1.9", rpm:"libxulrunner1.9~1.9.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libxulrunner-devel", rpm:"libxulrunner-devel~1.9.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libxulrunner-unstable-devel", rpm:"libxulrunner-unstable-devel~1.9.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mailcap", rpm:"mailcap~2.0.4~20.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mono-tools", rpm:"mono-tools~1.2.6~2.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-firefox-ext-blogrovr", rpm:"mozilla-firefox-ext-blogrovr~1.1.779~2.6mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-firefox-ext-foxmarks", rpm:"mozilla-firefox-ext-foxmarks~2.0.47.4~2.6mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-firefox-ext-scribefire", rpm:"mozilla-firefox-ext-scribefire~2.2.7~2.6mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-atk", rpm:"ruby-atk~0.16.0~4.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-gconf2", rpm:"ruby-gconf2~0.16.0~4.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-gdkpixbuf2", rpm:"ruby-gdkpixbuf2~0.16.0~4.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-glib2", rpm:"ruby-glib2~0.16.0~4.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-gnome2", rpm:"ruby-gnome2~0.16.0~4.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-gnome2-devel", rpm:"ruby-gnome2-devel~0.16.0~4.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-gnomecanvas2", rpm:"ruby-gnomecanvas2~0.16.0~4.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-gnomeprint2", rpm:"ruby-gnomeprint2~0.16.0~4.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-gnomeprintui2", rpm:"ruby-gnomeprintui2~0.16.0~4.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-gnomevfs2", rpm:"ruby-gnomevfs2~0.16.0~4.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-gtk2", rpm:"ruby-gtk2~0.16.0~4.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-gtkglext", rpm:"ruby-gtkglext~0.16.0~4.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-gtkhtml2", rpm:"ruby-gtkhtml2~0.16.0~4.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-gtkmozembed", rpm:"ruby-gtkmozembed~0.16.0~4.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-gtksourceview", rpm:"ruby-gtksourceview~0.16.0~4.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-libart2", rpm:"ruby-libart2~0.16.0~4.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-libglade2", rpm:"ruby-libglade2~0.16.0~4.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-panelapplet2", rpm:"ruby-panelapplet2~0.16.0~4.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-pango", rpm:"ruby-pango~0.16.0~4.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-poppler", rpm:"ruby-poppler~0.16.0~4.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-rsvg2", rpm:"ruby-rsvg2~0.16.0~4.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"ruby-vte", rpm:"ruby-vte~0.16.0~4.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"totem", rpm:"totem~2.22.0~4.8mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"totem-common", rpm:"totem-common~2.22.0~4.8mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"totem-gstreamer", rpm:"totem-gstreamer~2.22.0~4.8mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"totem-mozilla", rpm:"totem-mozilla~2.22.0~4.8mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"totem-mozilla-gstreamer", rpm:"totem-mozilla-gstreamer~2.22.0~4.8mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"xulrunner", rpm:"xulrunner~1.9.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"yelp", rpm:"yelp~2.22.1~0.2mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64devhelp-1_0", rpm:"lib64devhelp-1_0~0.19~3.8mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64devhelp-1-devel", rpm:"lib64devhelp-1-devel~0.19~3.8mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64gluezilla0", rpm:"lib64gluezilla0~1.2.6.1~2.8mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xulrunner1.9", rpm:"lib64xulrunner1.9~1.9.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xulrunner-devel", rpm:"lib64xulrunner-devel~1.9.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xulrunner-unstable-devel", rpm:"lib64xulrunner-unstable-devel~1.9.0.6~0.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"beagle", rpm:"beagle~0.3.8~13.6mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"beagle-crawl-system", rpm:"beagle-crawl-system~0.3.8~13.6mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"beagle-doc", rpm:"beagle-doc~0.3.8~13.6mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"beagle-epiphany", rpm:"beagle-epiphany~0.3.8~13.6mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"beagle-evolution", rpm:"beagle-evolution~0.3.8~13.6mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"beagle-gui", rpm:"beagle-gui~0.3.8~13.6mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"beagle-gui-qt", rpm:"beagle-gui-qt~0.3.8~13.6mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"beagle-libs", rpm:"beagle-libs~0.3.8~13.6mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"devhelp", rpm:"devhelp~0.21~3.3mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"devhelp-plugins", rpm:"devhelp-plugins~0.21~3.3mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"epiphany", rpm:"epiphany~2.24.0.1~3.3mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"epiphany-devel", rpm:"epiphany-devel~2.24.0.1~3.3mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox", rpm:"firefox~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-af", rpm:"firefox-af~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ar", rpm:"firefox-ar~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-be", rpm:"firefox-be~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-bg", rpm:"firefox-bg~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-bn", rpm:"firefox-bn~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ca", rpm:"firefox-ca~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-cs", rpm:"firefox-cs~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-cy", rpm:"firefox-cy~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-da", rpm:"firefox-da~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-de", rpm:"firefox-de~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-el", rpm:"firefox-el~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-en_GB", rpm:"firefox-en_GB~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-eo", rpm:"firefox-eo~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-es_AR", rpm:"firefox-es_AR~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-es_ES", rpm:"firefox-es_ES~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-et", rpm:"firefox-et~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-eu", rpm:"firefox-eu~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ext-beagle", rpm:"firefox-ext-beagle~0.3.8~13.6mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ext-mozvoikko", rpm:"firefox-ext-mozvoikko~0.9.5~4.3mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-fi", rpm:"firefox-fi~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-fr", rpm:"firefox-fr~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-fy", rpm:"firefox-fy~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ga_IE", rpm:"firefox-ga_IE~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-gl", rpm:"firefox-gl~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-gu_IN", rpm:"firefox-gu_IN~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-he", rpm:"firefox-he~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-hi", rpm:"firefox-hi~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-hu", rpm:"firefox-hu~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-id", rpm:"firefox-id~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-is", rpm:"firefox-is~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-it", rpm:"firefox-it~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ja", rpm:"firefox-ja~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ka", rpm:"firefox-ka~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-kn", rpm:"firefox-kn~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ko", rpm:"firefox-ko~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ku", rpm:"firefox-ku~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-lt", rpm:"firefox-lt~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-lv", rpm:"firefox-lv~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-mk", rpm:"firefox-mk~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-mn", rpm:"firefox-mn~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-mr", rpm:"firefox-mr~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-nb_NO", rpm:"firefox-nb_NO~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-nl", rpm:"firefox-nl~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-nn_NO", rpm:"firefox-nn_NO~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-oc", rpm:"firefox-oc~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-pa_IN", rpm:"firefox-pa_IN~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-pl", rpm:"firefox-pl~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-pt_BR", rpm:"firefox-pt_BR~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-pt_PT", rpm:"firefox-pt_PT~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ro", rpm:"firefox-ro~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-ru", rpm:"firefox-ru~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-si", rpm:"firefox-si~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-sk", rpm:"firefox-sk~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-sl", rpm:"firefox-sl~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-sq", rpm:"firefox-sq~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-sr", rpm:"firefox-sr~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-sv_SE", rpm:"firefox-sv_SE~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-te", rpm:"firefox-te~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-th", rpm:"firefox-th~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-theme-kde4ff", rpm:"firefox-theme-kde4ff~0.14~4.3mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-tr", rpm:"firefox-tr~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-uk", rpm:"firefox-uk~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-zh_CN", rpm:"firefox-zh_CN~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"firefox-zh_TW", rpm:"firefox-zh_TW~3.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"gnome-python-extras", rpm:"gnome-python-extras~2.19.1~20.3mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"gnome-python-gda", rpm:"gnome-python-gda~2.19.1~20.3mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"gnome-python-gda-devel", rpm:"gnome-python-gda-devel~2.19.1~20.3mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"gnome-python-gdl", rpm:"gnome-python-gdl~2.19.1~20.3mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"gnome-python-gtkhtml2", rpm:"gnome-python-gtkhtml2~2.19.1~20.3mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"gnome-python-gtkmozembed", rpm:"gnome-python-gtkmozembed~2.19.1~20.3mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"gnome-python-gtkspell", rpm:"gnome-python-gtkspell~2.19.1~20.3mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libdevhelp-1_0", rpm:"libdevhelp-1_0~0.21~3.3mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libdevhelp-1-devel", rpm:"libdevhelp-1-devel~0.21~3.3mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libxulrunner1.9", rpm:"libxulrunner1.9~1.9.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libxulrunner-devel", rpm:"libxulrunner-devel~1.9.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libxulrunner-unstable-devel", rpm:"libxulrunner-unstable-devel~1.9.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-firefox-ext-blogrovr", rpm:"mozilla-firefox-ext-blogrovr~1.1.779~5.3mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-firefox-ext-foxmarks", rpm:"mozilla-firefox-ext-foxmarks~2.1.0.12~2.3mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-firefox-ext-scribefire", rpm:"mozilla-firefox-ext-scribefire~2.3.1~2.3mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"mozilla-thunderbird-beagle", rpm:"mozilla-thunderbird-beagle~0.3.8~13.6mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"xulrunner", rpm:"xulrunner~1.9.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"yelp", rpm:"yelp~2.24.0~3.3mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64devhelp-1_0", rpm:"lib64devhelp-1_0~0.21~3.3mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64devhelp-1-devel", rpm:"lib64devhelp-1-devel~0.21~3.3mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xulrunner1.9", rpm:"lib64xulrunner1.9~1.9.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xulrunner-devel", rpm:"lib64xulrunner-devel~1.9.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64xulrunner-unstable-devel", rpm:"lib64xulrunner-unstable-devel~1.9.0.6~0.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/mdksa_2009_045.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_045.nasl 2009-02-23 16:49:54 UTC (rev 2555)
+++ trunk/openvas-plugins/scripts/mdksa_2009_045.nasl 2009-02-23 20:31:14 UTC (rev 2556)
@@ -0,0 +1,752 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:045 (php)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63426);
+ script_cve_id("CVE-2008-5557", "CVE-2008-5658", "CVE-2008-5624", "CVE-2008-5625");
+ script_version ("$");
+ name["english"] = "Mandrake Security Advisory MDVSA-2009:045 (php)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to php
+announced via advisory MDVSA-2009:045.
+
+A number of vulnerabilities have been found and corrected in PHP:
+
+improve mbfl_filt_conv_html_dec_flush() error handling
+in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c
+(CVE-2008-5557). Additionally on Mandriva Linux 2009.0 and up the
+php-mbstring module is linked against a separate shared libmbfl
+library that also have been patched to address CVE-2008-5557.
+
+Directory traversal vulnerability in the ZipArchive::extractTo function
+in PHP 5.2.6 and earlier allows context-dependent attackers to write
+arbitrary files via a ZIP file with a file whose name contains .. (dot
+dot) sequences. (CVE-2008-5658)
+
+make sure the page_uid and page_gid get initialized properly in
+ext/standard/basic_functions.c. Also, init server_context before
+processing config variables in sapi/apache/mod_php5.c (CVE-2008-5624).
+
+enforce restrictions when merging in dir entry in
+sapi/apache/mod_php5.c and sapi/apache2handler/apache_config.c
+(CVE-2008-5625).
+
+On 2008.1, 2009.0 and cooker (2009.1) seen on x86_64 and with the
+latest phpmyadmin 3.1.2 software made apache+php segfault (#26274,
+#45864). This problem has been addressed by using -O0 for compiler
+optimization and by using -fno-strict-aliasing. Either the bug is
+in php and/or in gcc 4.3.2. Preferable just make it work as expected
+for now.
+
+In addition, the updated packages provide a number of bug fixes.
+
+The updated packages have been patched to correct these issues.
+
+Affected: 2008.0, 2008.1, 2009.0, Corporate 4.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi. The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:045
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Mandrake Security Advisory MDVSA-2009:045 (php)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Mandrake Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"apache-mod_php", rpm:"apache-mod_php~5.2.4~2.1mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libphp5_common5", rpm:"libphp5_common5~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-bcmath", rpm:"php-bcmath~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-bz2", rpm:"php-bz2~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-calendar", rpm:"php-calendar~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-cgi", rpm:"php-cgi~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-cli", rpm:"php-cli~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ctype", rpm:"php-ctype~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-curl", rpm:"php-curl~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-dba", rpm:"php-dba~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-dbase", rpm:"php-dbase~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-devel", rpm:"php-devel~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-dom", rpm:"php-dom~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-exif", rpm:"php-exif~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-fcgi", rpm:"php-fcgi~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-filter", rpm:"php-filter~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ftp", rpm:"php-ftp~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-gd", rpm:"php-gd~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-gettext", rpm:"php-gettext~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-gmp", rpm:"php-gmp~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-hash", rpm:"php-hash~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-iconv", rpm:"php-iconv~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-imap", rpm:"php-imap~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-json", rpm:"php-json~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ldap", rpm:"php-ldap~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mbstring", rpm:"php-mbstring~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mcrypt", rpm:"php-mcrypt~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mhash", rpm:"php-mhash~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mime_magic", rpm:"php-mime_magic~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ming", rpm:"php-ming~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mssql", rpm:"php-mssql~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mysql", rpm:"php-mysql~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mysqli", rpm:"php-mysqli~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ncurses", rpm:"php-ncurses~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-odbc", rpm:"php-odbc~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-openssl", rpm:"php-openssl~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pcntl", rpm:"php-pcntl~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo", rpm:"php-pdo~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_dblib", rpm:"php-pdo_dblib~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_mysql", rpm:"php-pdo_mysql~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_odbc", rpm:"php-pdo_odbc~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_pgsql", rpm:"php-pdo_pgsql~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_sqlite", rpm:"php-pdo_sqlite~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pgsql", rpm:"php-pgsql~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-posix", rpm:"php-posix~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pspell", rpm:"php-pspell~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-readline", rpm:"php-readline~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-recode", rpm:"php-recode~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-session", rpm:"php-session~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-shmop", rpm:"php-shmop~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-simplexml", rpm:"php-simplexml~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-snmp", rpm:"php-snmp~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-soap", rpm:"php-soap~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sockets", rpm:"php-sockets~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sqlite", rpm:"php-sqlite~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sysvmsg", rpm:"php-sysvmsg~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sysvsem", rpm:"php-sysvsem~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sysvshm", rpm:"php-sysvshm~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-tidy", rpm:"php-tidy~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-tokenizer", rpm:"php-tokenizer~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-wddx", rpm:"php-wddx~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xml", rpm:"php-xml~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xmlreader", rpm:"php-xmlreader~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xmlrpc", rpm:"php-xmlrpc~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xmlwriter", rpm:"php-xmlwriter~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xsl", rpm:"php-xsl~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-zlib", rpm:"php-zlib~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64php5_common5", rpm:"lib64php5_common5~5.2.4~3.4mdv2008.0", rls:"MNDK_2008.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-mod_php", rpm:"apache-mod_php~5.2.5~5.1mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libphp5_common5", rpm:"libphp5_common5~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-bcmath", rpm:"php-bcmath~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-bz2", rpm:"php-bz2~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-calendar", rpm:"php-calendar~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-cgi", rpm:"php-cgi~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-cli", rpm:"php-cli~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ctype", rpm:"php-ctype~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-curl", rpm:"php-curl~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-dba", rpm:"php-dba~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-dbase", rpm:"php-dbase~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-devel", rpm:"php-devel~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-dom", rpm:"php-dom~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-exif", rpm:"php-exif~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-fcgi", rpm:"php-fcgi~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-filter", rpm:"php-filter~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ftp", rpm:"php-ftp~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-gd", rpm:"php-gd~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-gettext", rpm:"php-gettext~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-gmp", rpm:"php-gmp~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-hash", rpm:"php-hash~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-iconv", rpm:"php-iconv~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-imap", rpm:"php-imap~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-json", rpm:"php-json~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ldap", rpm:"php-ldap~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mbstring", rpm:"php-mbstring~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mcrypt", rpm:"php-mcrypt~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mhash", rpm:"php-mhash~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mime_magic", rpm:"php-mime_magic~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ming", rpm:"php-ming~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mssql", rpm:"php-mssql~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mysql", rpm:"php-mysql~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mysqli", rpm:"php-mysqli~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ncurses", rpm:"php-ncurses~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-odbc", rpm:"php-odbc~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-openssl", rpm:"php-openssl~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pcntl", rpm:"php-pcntl~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo", rpm:"php-pdo~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_dblib", rpm:"php-pdo_dblib~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_mysql", rpm:"php-pdo_mysql~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_odbc", rpm:"php-pdo_odbc~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_pgsql", rpm:"php-pdo_pgsql~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_sqlite", rpm:"php-pdo_sqlite~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pgsql", rpm:"php-pgsql~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-posix", rpm:"php-posix~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pspell", rpm:"php-pspell~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-readline", rpm:"php-readline~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-recode", rpm:"php-recode~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-session", rpm:"php-session~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-shmop", rpm:"php-shmop~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-snmp", rpm:"php-snmp~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-soap", rpm:"php-soap~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sockets", rpm:"php-sockets~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sqlite", rpm:"php-sqlite~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sysvmsg", rpm:"php-sysvmsg~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sysvsem", rpm:"php-sysvsem~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sysvshm", rpm:"php-sysvshm~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-tidy", rpm:"php-tidy~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-tokenizer", rpm:"php-tokenizer~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-wddx", rpm:"php-wddx~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xml", rpm:"php-xml~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xmlreader", rpm:"php-xmlreader~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xmlrpc", rpm:"php-xmlrpc~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xmlwriter", rpm:"php-xmlwriter~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xsl", rpm:"php-xsl~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-zlib", rpm:"php-zlib~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64php5_common5", rpm:"lib64php5_common5~5.2.5~14.3mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-mod_php", rpm:"apache-mod_php~5.2.6~3.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libmbfl1", rpm:"libmbfl1~1.0.2~3.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libmbfl-devel", rpm:"libmbfl-devel~1.0.2~3.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libphp5_common5", rpm:"libphp5_common5~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-bcmath", rpm:"php-bcmath~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-bz2", rpm:"php-bz2~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-calendar", rpm:"php-calendar~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-cgi", rpm:"php-cgi~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-cli", rpm:"php-cli~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ctype", rpm:"php-ctype~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-curl", rpm:"php-curl~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-dba", rpm:"php-dba~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-dbase", rpm:"php-dbase~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-devel", rpm:"php-devel~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-dom", rpm:"php-dom~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-exif", rpm:"php-exif~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-fcgi", rpm:"php-fcgi~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-filter", rpm:"php-filter~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ftp", rpm:"php-ftp~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-gd", rpm:"php-gd~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-gettext", rpm:"php-gettext~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-gmp", rpm:"php-gmp~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-hash", rpm:"php-hash~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-iconv", rpm:"php-iconv~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-imap", rpm:"php-imap~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-json", rpm:"php-json~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ldap", rpm:"php-ldap~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mbstring", rpm:"php-mbstring~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mcrypt", rpm:"php-mcrypt~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mhash", rpm:"php-mhash~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mime_magic", rpm:"php-mime_magic~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ming", rpm:"php-ming~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mssql", rpm:"php-mssql~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mysql", rpm:"php-mysql~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mysqli", rpm:"php-mysqli~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-ncurses", rpm:"php-ncurses~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-odbc", rpm:"php-odbc~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-openssl", rpm:"php-openssl~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pcntl", rpm:"php-pcntl~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo", rpm:"php-pdo~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_dblib", rpm:"php-pdo_dblib~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_mysql", rpm:"php-pdo_mysql~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_odbc", rpm:"php-pdo_odbc~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_pgsql", rpm:"php-pdo_pgsql~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pdo_sqlite", rpm:"php-pdo_sqlite~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pgsql", rpm:"php-pgsql~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-posix", rpm:"php-posix~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-pspell", rpm:"php-pspell~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-readline", rpm:"php-readline~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-recode", rpm:"php-recode~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-session", rpm:"php-session~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-shmop", rpm:"php-shmop~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-snmp", rpm:"php-snmp~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-soap", rpm:"php-soap~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sockets", rpm:"php-sockets~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sqlite", rpm:"php-sqlite~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sybase", rpm:"php-sybase~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sysvmsg", rpm:"php-sysvmsg~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sysvsem", rpm:"php-sysvsem~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-sysvshm", rpm:"php-sysvshm~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-tidy", rpm:"php-tidy~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-tokenizer", rpm:"php-tokenizer~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-wddx", rpm:"php-wddx~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xml", rpm:"php-xml~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xmlreader", rpm:"php-xmlreader~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xmlrpc", rpm:"php-xmlrpc~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xmlwriter", rpm:"php-xmlwriter~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-xsl", rpm:"php-xsl~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-zlib", rpm:"php-zlib~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64mbfl1", rpm:"lib64mbfl1~1.0.2~3.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64mbfl-devel", rpm:"lib64mbfl-devel~1.0.2~3.1mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64php5_common5", rpm:"lib64php5_common5~5.2.6~18.2mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"apache-mod_php", rpm:"apache-mod_php~5.1.6~1.1.20060mlcs4", rls:"MNDK_4.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"libphp5_common5", rpm:"libphp5_common5~5.1.6~1.11.20060mlcs4", rls:"MNDK_4.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-cgi", rpm:"php-cgi~5.1.6~1.11.20060mlcs4", rls:"MNDK_4.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-cli", rpm:"php-cli~5.1.6~1.11.20060mlcs4", rls:"MNDK_4.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-devel", rpm:"php-devel~5.1.6~1.11.20060mlcs4", rls:"MNDK_4.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-fcgi", rpm:"php-fcgi~5.1.6~1.11.20060mlcs4", rls:"MNDK_4.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"php-mbstring", rpm:"php-mbstring~5.1.6~1.2.20060mlcs4", rls:"MNDK_4.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"lib64php5_common5", rpm:"lib64php5_common5~5.1.6~1.11.20060mlcs4", rls:"MNDK_4.0")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/mdksa_2009_046.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_046.nasl 2009-02-23 16:49:54 UTC (rev 2555)
+++ trunk/openvas-plugins/scripts/mdksa_2009_046.nasl 2009-02-23 20:31:14 UTC (rev 2556)
@@ -0,0 +1,86 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:046 (dia)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63423);
+ script_cve_id("CVE-2008-5984");
+ script_version ("$");
+ name["english"] = "Mandrake Security Advisory MDVSA-2009:046 (dia)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to dia
+announced via advisory MDVSA-2009:046.
+
+Python has a variable called sys.path that contains all paths where
+Python loads modules by using import scripting procedure. A wrong
+handling of that variable enables local attackers to execute arbitrary
+code via Python scripting in the current dia working directory
+(CVE-2008-5984).
+
+This update provides fix for that vulnerability.
+
+Affected: Corporate 3.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi. The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:046
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Mandrake Security Advisory MDVSA-2009:046 (dia)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Mandrake Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"dia", rpm:"dia~0.92.2~2.4.C30mdk", rls:"MNDK_3.0")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/mdksa_2009_047.nasl
===================================================================
--- trunk/openvas-plugins/scripts/mdksa_2009_047.nasl 2009-02-23 16:49:54 UTC (rev 2555)
+++ trunk/openvas-plugins/scripts/mdksa_2009_047.nasl 2009-02-23 20:31:14 UTC (rev 2556)
@@ -0,0 +1,131 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory MDVSA-2009:047 (vim)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63425);
+ script_cve_id("CVE-2009-0316");
+ script_version ("$");
+ name["english"] = "Mandrake Security Advisory MDVSA-2009:047 (vim)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to vim
+announced via advisory MDVSA-2009:047.
+
+Python has a variable called sys.path that contains all paths where
+Python loads modules by using import scripting procedure. A wrong
+handling of that variable enables local attackers to execute arbitrary
+code via Python scripting in the current Vim working directory
+(CVE-2009-0316).
+
+This update provides fix for that vulnerability.
+
+Affected: 2008.1, 2009.0, Corporate 3.0, Corporate 4.0
+
+Solution:
+To upgrade automatically use MandrakeUpdate or urpmi. The verification
+of md5 checksums and GPG signatures is performed automatically for you.
+
+https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:047
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Mandrake Security Advisory MDVSA-2009:047 (vim)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Mandrake Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"vim-common", rpm:"vim-common~7.2.065~9.4mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"vim-enhanced", rpm:"vim-enhanced~7.2.065~9.4mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"vim-minimal", rpm:"vim-minimal~7.2.065~9.4mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"vim-X11", rpm:"vim-X11~7.2.065~9.4mdv2008.1", rls:"MNDK_2008.1")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"vim-common", rpm:"vim-common~7.2.065~9.4mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"vim-enhanced", rpm:"vim-enhanced~7.2.065~9.4mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"vim-minimal", rpm:"vim-minimal~7.2.065~9.4mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"vim-X11", rpm:"vim-X11~7.2.065~9.4mdv2009.0", rls:"MNDK_2009.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"vim-common", rpm:"vim-common~7.2.065~9.4.C30mdk", rls:"MNDK_3.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"vim-enhanced", rpm:"vim-enhanced~7.2.065~9.4.C30mdk", rls:"MNDK_3.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"vim-minimal", rpm:"vim-minimal~7.2.065~9.4.C30mdk", rls:"MNDK_3.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"vim-X11", rpm:"vim-X11~7.2.065~9.4.C30mdk", rls:"MNDK_3.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"vim-common", rpm:"vim-common~7.2.065~8.4.20060mlcs4", rls:"MNDK_4.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"vim-enhanced", rpm:"vim-enhanced~7.2.065~8.4.20060mlcs4", rls:"MNDK_4.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"vim-minimal", rpm:"vim-minimal~7.2.065~8.4.20060mlcs4", rls:"MNDK_4.0")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"vim-X11", rpm:"vim-X11~7.2.065~8.4.20060mlcs4", rls:"MNDK_4.0")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/ovcesa2009_0275.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ovcesa2009_0275.nasl 2009-02-23 16:49:54 UTC (rev 2555)
+++ trunk/openvas-plugins/scripts/ovcesa2009_0275.nasl 2009-02-23 20:31:14 UTC (rev 2556)
@@ -0,0 +1,84 @@
+#CESA-2009:0275 63432 4
+# $Id$
+# Description: Auto-generated from advisory CESA-2009:0275 (imap)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63432);
+ script_cve_id("CVE-2008-5005");
+ script_version ("$");
+ name["english"] = "CentOS Security Advisory CESA-2009:0275 (imap)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing updates to imap announced in
+advisory CESA-2009:0275.
+
+For details on the issues addressed in this update,
+please visit the referenced security advisories.
+
+Solution:
+Update the appropriate packages on your system.
+
+http://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0275
+http://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0275
+https://rhn.redhat.com/errata/RHSA-2009-0275.html
+
+Risk factor : Medium";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "CentOS Security Advisory CESA-2009:0275 (imap)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "CentOS Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"imap", rpm:"imap~2002d~15", rls:"CentOS3")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"imap-devel", rpm:"imap-devel~2002d~15", rls:"CentOS3")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"imap-utils", rpm:"imap-utils~2002d~15", rls:"CentOS3")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/ovcesa2009_0308.nasl
===================================================================
--- trunk/openvas-plugins/scripts/ovcesa2009_0308.nasl 2009-02-23 16:49:54 UTC (rev 2555)
+++ trunk/openvas-plugins/scripts/ovcesa2009_0308.nasl 2009-02-23 20:31:14 UTC (rev 2556)
@@ -0,0 +1,84 @@
+#CESA-2009:0308 63431 4
+# $Id$
+# Description: Auto-generated from advisory CESA-2009:0308 (cups)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(63431);
+ script_cve_id("CVE-2009-0577", "CVE-2008-3640");
+ script_version ("$");
+ name["english"] = "CentOS Security Advisory CESA-2009:0308 (cups)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing updates to cups announced in
+advisory CESA-2009:0308.
+
+For details on the issues addressed in this update,
+please visit the referenced security advisories.
+
+Solution:
+Update the appropriate packages on your system.
+
+http://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0308
+http://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0308
+https://rhn.redhat.com/errata/RHSA-2009-0308.html
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "CentOS Security Advisory CESA-2009:0308 (cups)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "CentOS Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/rpms");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-rpm.inc");
+vuln = 0;
+if(isrpmvuln(pkg:"cups", rpm:"cups~1.1.17~13.3.56", rls:"CentOS3")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.17~13.3.56", rls:"CentOS3")) {
+ vuln = 1;
+}
+if(isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.17~13.3.56", rls:"CentOS3")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
More information about the Openvas-commits
mailing list