From scm-commit at wald.intevation.org Tue Sep 1 08:48:31 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 1 Sep 2009 08:48:31 +0200 (CEST) Subject: [Openvas-commits] r4797 - in branches/openvas-libraries-2-0: . libopenvas Message-ID: <20090901064831.B233D85C731C@pyrosoma.intevation.org> Author: felix Date: 2009-09-01 08:48:31 +0200 (Tue, 01 Sep 2009) New Revision: 4797 Modified: branches/openvas-libraries-2-0/ChangeLog branches/openvas-libraries-2-0/libopenvas/network.c Log: Backported from trunk (revision 4792). * libopenvas/network.c (auth_send): Removed call of nessus_perror because the respective errno has changed at this moment already anyway. Modified: branches/openvas-libraries-2-0/ChangeLog =================================================================== --- branches/openvas-libraries-2-0/ChangeLog 2009-08-31 19:01:49 UTC (rev 4796) +++ branches/openvas-libraries-2-0/ChangeLog 2009-09-01 06:48:31 UTC (rev 4797) @@ -1,3 +1,11 @@ +2009-09-01 Felix Wolfsteller + + Backported from trunk (revision 4792). + + * libopenvas/network.c (auth_send): Removed call of nessus_perror + because the respective errno has changed at this moment already + anyway. + 2009-08-17 Felix Wolfsteller Post release version bump. Modified: branches/openvas-libraries-2-0/libopenvas/network.c =================================================================== --- branches/openvas-libraries-2-0/libopenvas/network.c 2009-08-31 19:01:49 UTC (rev 4796) +++ branches/openvas-libraries-2-0/libopenvas/network.c 2009-09-01 06:48:31 UTC (rev 4797) @@ -2304,7 +2304,6 @@ n = 0; else { - nessus_perror("nsend"); goto out; } } From scm-commit at wald.intevation.org Tue Sep 1 09:48:41 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 1 Sep 2009 09:48:41 +0200 (CEST) Subject: [Openvas-commits] r4798 - in trunk/openvas-libraries: . nasl Message-ID: <20090901074841.44FE0852F531@pyrosoma.intevation.org> Author: felix Date: 2009-09-01 09:48:40 +0200 (Tue, 01 Sep 2009) New Revision: 4798 Modified: trunk/openvas-libraries/ChangeLog trunk/openvas-libraries/MANIFEST trunk/openvas-libraries/nasl/CMakeLists.txt Log: * nasl/CMakeLists.txt: Added target to build the openvas-nasl standalone interpreter (works at least on debian machines). * MANIFEST: Updated * ChangeLog: Corrected path. Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2009-09-01 06:48:31 UTC (rev 4797) +++ trunk/openvas-libraries/ChangeLog 2009-09-01 07:48:40 UTC (rev 4798) @@ -1,6 +1,13 @@ +2009-09-01 Felix Wolfsteller + + * nasl/CMakeLists.txt: Added target to build the openvas-nasl + standalone interpreter (works at least on debian machines). + + * MANIFEST: Updated + 2009-08-31 Jan-Oliver Wagner - * openvasd/network.c (auth_send): Removed call of nessus_perror + * misc/network.c (auth_send): Removed call of nessus_perror because the respective errno has changed at this moment already anyway. Modified: trunk/openvas-libraries/MANIFEST =================================================================== --- trunk/openvas-libraries/MANIFEST 2009-09-01 06:48:31 UTC (rev 4797) +++ trunk/openvas-libraries/MANIFEST 2009-09-01 07:48:40 UTC (rev 4798) @@ -16,6 +16,9 @@ doc/ doc/Doxyfile doc/Doxyfile_full +doc/libopenvas-config.1 +doc/openvas-nasl.1 +doc/signatures-howto.txt hg/hg_add_hosts.c hg/hg_add_hosts.h hg/hg_debug.c @@ -37,7 +40,6 @@ include/libvers.h.in INSTALL_README install-sh -libopenvas-config.1 libopenvas-config.in ltmain.sh Makefile @@ -200,6 +202,25 @@ nasl/smb_interface_stub.c nasl/strutils.c nasl/strutils.h +nasl/tests/ +nasl/tests/keys +nasl/tests/keys/keypair.asc +nasl/tests/keys/ownertrust.txt +nasl/tests/Makefile +nasl/tests/README.txt +nasl/tests/signed.nasl +nasl/tests/signed.nasl.asc +nasl/tests/test_blowfish.nasl +nasl/tests/test_bn.nasl +nasl/tests/test_dh.nasl +nasl/tests/test_dsa.nasl +nasl/tests/test_hexstr.nasl +nasl/tests/test_md.nasl +nasl/tests/test_privkey.nasl +nasl/tests/test_rsa.nasl +nasl/tests/test_script_signing.sh +nasl/tests/testsuiteinit.nasl +nasl/tests/testsuitesummary.nasl nasl/wmi_interface_stub.c openvas-libraries.tmpl.in packaging/debian/ Modified: trunk/openvas-libraries/nasl/CMakeLists.txt =================================================================== --- trunk/openvas-libraries/nasl/CMakeLists.txt 2009-09-01 06:48:31 UTC (rev 4797) +++ trunk/openvas-libraries/nasl/CMakeLists.txt 2009-09-01 07:48:40 UTC (rev 4798) @@ -120,7 +120,7 @@ exec_program (pkg-config ARGS --cflags glib-2.0 - OUTPUT_VARIABLE GLIB_CFLAGS) + OUTPUT_VARIABLE GLIB_CFLAGS) ## Library @@ -143,8 +143,8 @@ nasl_grammar.tab.c nasl_host.c nasl_http.c nasl_init.c nasl_lex_ctxt.c nasl_misc_funcs.c nasl_nessusd_glue.c nasl_packet_forgery.c nasl_signature.c nasl_smb.c nasl_socket.c nasl_text_utils.c nasl_tree.c - nasl_var.c nasl_wmi.c preparse.c regex.c smb_interface_stub.c - strutils.c wmi_interface_stub.c) + nasl_var.c nasl_wmi.c preparse.c regex.c smb_interface_stub.c strutils.c + wmi_interface_stub.c) SET_SOURCE_FILES_PROPERTIES(nasl_grammar.tab.c GENERATED) @@ -167,9 +167,37 @@ set_target_properties (openvas_nasl_shared PROPERTIES OUTPUT_NAME "openvas_nasl") set_target_properties (openvas_nasl_shared PROPERTIES CLEAN_DIRECT_OUTPUT 1) +# Find GLib +exec_program (pkg-config + ARGS --cflags glib-2.0 + OUTPUT_VARIABLE GLIB_CFLAGS) + # Find GLib and compile and link the openvas-nasl executable +exec_program (pkg-config + ARGS --libs glib-2.0 + OUTPUT_VARIABLE GLIB_LDFLAGS) + +# Add ("import") static libs from Make based subprojects of openvas-libraries +add_library (libopenvas_base STATIC IMPORTED) +add_library (libopenvashg STATIC IMPORTED) +add_library (libopenvasmisc STATIC IMPORTED) +set_property (TARGET libopenvasmisc PROPERTY + IMPORTED_LOCATION ../base/libopenvas_base.a) +set_property (TARGET libopenvas_base PROPERTY + IMPORTED_LOCATION ../misc/.libs/libopenvasmisc.a) +set_property (TARGET libopenvashg PROPERTY + IMPORTED_LOCATION ../hg/.libs/libopenvashg.a) + +# Link the openvas-nasl executable +add_executable (openvas-nasl ${static_libs} ${FILES}) +target_link_libraries (openvas-nasl libopenvas_base libopenvasmisc libopenvashg) +set_target_properties (openvas-nasl PROPERTIES COMPILE_FLAGS + ${GLIB_CFLAGS}) +set_target_properties (openvas-nasl PROPERTIES LINK_FLAGS + "${GLIB_LDFLAGS} -lgcrypt -lgpgme -lgpg-error -lgnutls -lpcap -lresolv") + ## Install -install (TARGETS openvas_nasl_static openvas_nasl_shared +install (TARGETS openvas_nasl_static openvas_nasl_shared openvas-nasl RUNTIME DESTINATION ${BINDIR} LIBRARY DESTINATION ${LIBDIR} ARCHIVE DESTINATION ${LIBDIR}) From scm-commit at wald.intevation.org Tue Sep 1 10:07:39 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 1 Sep 2009 10:07:39 +0200 (CEST) Subject: [Openvas-commits] r4799 - trunk/openvas-libnasl Message-ID: <20090901080739.CD02D852F788@pyrosoma.intevation.org> Author: felix Date: 2009-09-01 10:07:38 +0200 (Tue, 01 Sep 2009) New Revision: 4799 Modified: trunk/openvas-libnasl/ChangeLog trunk/openvas-libnasl/README Log: * README: Added end-of-life notice for this standalone module (moved into openvas-libraries). Modified: trunk/openvas-libnasl/ChangeLog =================================================================== --- trunk/openvas-libnasl/ChangeLog 2009-09-01 07:48:40 UTC (rev 4798) +++ trunk/openvas-libnasl/ChangeLog 2009-09-01 08:07:38 UTC (rev 4799) @@ -1,3 +1,8 @@ +2009-09-01 Felix Wolfsteller + + * README: Added end-of-life notice for this standalone module (moved + into openvas-libraries). + 2009-08-26 Jan-Oliver Wagner First set of changes to openvas-libnasl towards IPv6 support. Modified: trunk/openvas-libnasl/README =================================================================== --- trunk/openvas-libnasl/README 2009-09-01 07:48:40 UTC (rev 4798) +++ trunk/openvas-libnasl/README 2009-09-01 08:07:38 UTC (rev 4799) @@ -1,3 +1,11 @@ +ATTENTION +================= +openvas-libnasl is obsolete for openvas-libraries versions above 2.0.x and going +to be removed from svn trunk soon. +The content was copied to openvas-libraries/nasl and further developements will +take place there, with backports going into branches/openvas-libnasl-2-0/. + + openvas-libnasl ================= From scm-commit at wald.intevation.org Tue Sep 1 10:10:56 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 1 Sep 2009 10:10:56 +0200 (CEST) Subject: [Openvas-commits] r4800 - in trunk/openvas-libraries: . nasl Message-ID: <20090901081056.94BDF852F668@pyrosoma.intevation.org> Author: felix Date: 2009-09-01 10:10:55 +0200 (Tue, 01 Sep 2009) New Revision: 4800 Added: trunk/openvas-libraries/nasl/ChangeLog-pre-09-2009 trunk/openvas-libraries/nasl/README.txt trunk/openvas-libraries/nasl/TODO Modified: trunk/openvas-libraries/ChangeLog Log: * nasl/TODO: copied from openvas-nasl/TODO. * nasl/ChangeLog-pre-09-2009: Copied (soon old ChangeLog entries). * nasl/README.txt: New. Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2009-09-01 08:07:38 UTC (rev 4799) +++ trunk/openvas-libraries/ChangeLog 2009-09-01 08:10:55 UTC (rev 4800) @@ -1,5 +1,13 @@ 2009-09-01 Felix Wolfsteller + * nasl/TODO: copied from openvas-nasl/TODO. + + * nasl/ChangeLog-pre-09-2009: Copied (soon old ChangeLog entries). + + * nasl/README.txt: New. + +2009-09-01 Felix Wolfsteller + * nasl/CMakeLists.txt: Added target to build the openvas-nasl standalone interpreter (works at least on debian machines). Copied: trunk/openvas-libraries/nasl/ChangeLog-pre-09-2009 (from rev 4799, trunk/openvas-libnasl/ChangeLog) Property changes on: trunk/openvas-libraries/nasl/ChangeLog-pre-09-2009 ___________________________________________________________________ Name: svn:mergeinfo + Added: trunk/openvas-libraries/nasl/README.txt =================================================================== --- trunk/openvas-libraries/nasl/README.txt 2009-09-01 08:07:38 UTC (rev 4799) +++ trunk/openvas-libraries/nasl/README.txt 2009-09-01 08:10:55 UTC (rev 4800) @@ -0,0 +1,4 @@ +This is the library "libopenvas_nasl", formerly known as standalone module +"libnasl". + +See the file ChangeLog-pre-09-2009 for ChangeLog entries before 01-09-2009. Copied: trunk/openvas-libraries/nasl/TODO (from rev 4765, trunk/openvas-libnasl/TODO) Property changes on: trunk/openvas-libraries/nasl/TODO ___________________________________________________________________ Name: svn:mergeinfo + From scm-commit at wald.intevation.org Tue Sep 1 10:13:08 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 1 Sep 2009 10:13:08 +0200 (CEST) Subject: [Openvas-commits] r4801 - trunk/openvas-libraries Message-ID: <20090901081308.9D66E85D919B@pyrosoma.intevation.org> Author: felix Date: 2009-09-01 10:13:07 +0200 (Tue, 01 Sep 2009) New Revision: 4801 Modified: trunk/openvas-libraries/ChangeLog trunk/openvas-libraries/configure Log: * configure: Regenerated. Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2009-09-01 08:10:55 UTC (rev 4800) +++ trunk/openvas-libraries/ChangeLog 2009-09-01 08:13:07 UTC (rev 4801) @@ -1,5 +1,9 @@ 2009-09-01 Felix Wolfsteller + * configure: Regenerated. + +2009-09-01 Felix Wolfsteller + * nasl/TODO: copied from openvas-nasl/TODO. * nasl/ChangeLog-pre-09-2009: Copied (soon old ChangeLog entries). Modified: trunk/openvas-libraries/configure =================================================================== --- trunk/openvas-libraries/configure 2009-09-01 08:10:55 UTC (rev 4800) +++ trunk/openvas-libraries/configure 2009-09-01 08:13:07 UTC (rev 4801) @@ -847,6 +847,8 @@ PKG_CONFIG GLIB_CFLAGS GLIB_LIBS +GPGME_CONFIG +BISON ALLOCA CC_NOPIPE PWD @@ -860,6 +862,7 @@ version egdpath debug_ssl +NASLLIBS OPENVASLIBS_MAJOR OPENVASLIBS_MINOR OPENVASLIBS_SUPER @@ -3710,7 +3713,7 @@ ;; *-*-irix6*) # Find out which ABI we are using. - echo '#line 3713 "configure"' > conftest.$ac_ext + echo '#line 3716 "configure"' > conftest.$ac_ext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? @@ -6618,11 +6621,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:6621: $lt_compile\"" >&5) + (eval echo "\"\$as_me:6624: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:6625: \$? = $ac_status" >&5 + echo "$as_me:6628: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -6886,11 +6889,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:6889: $lt_compile\"" >&5) + (eval echo "\"\$as_me:6892: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:6893: \$? = $ac_status" >&5 + echo "$as_me:6896: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -6990,11 +6993,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:6993: $lt_compile\"" >&5) + (eval echo "\"\$as_me:6996: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:6997: \$? = $ac_status" >&5 + echo "$as_me:7000: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -9287,7 +9290,7 @@ lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext < conftest.$ac_ext <&5) + (eval echo "\"\$as_me:11729: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:11730: \$? = $ac_status" >&5 + echo "$as_me:11733: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -11827,11 +11830,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:11830: $lt_compile\"" >&5) + (eval echo "\"\$as_me:11833: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:11834: \$? = $ac_status" >&5 + echo "$as_me:11837: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -13388,11 +13391,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:13391: $lt_compile\"" >&5) + (eval echo "\"\$as_me:13394: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:13395: \$? = $ac_status" >&5 + echo "$as_me:13398: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -13492,11 +13495,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:13495: $lt_compile\"" >&5) + (eval echo "\"\$as_me:13498: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:13499: \$? = $ac_status" >&5 + echo "$as_me:13502: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -15679,11 +15682,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:15682: $lt_compile\"" >&5) + (eval echo "\"\$as_me:15685: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:15686: \$? = $ac_status" >&5 + echo "$as_me:15689: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -15947,11 +15950,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:15950: $lt_compile\"" >&5) + (eval echo "\"\$as_me:15953: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:15954: \$? = $ac_status" >&5 + echo "$as_me:15957: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -16051,11 +16054,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:16054: $lt_compile\"" >&5) + (eval echo "\"\$as_me:16057: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:16058: \$? = $ac_status" >&5 + echo "$as_me:16061: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -19207,6 +19210,298 @@ + +NEED_GPGME_VERSION=1.1.2 + +# Extract the first word of "gpgme-config", so it can be a program name with args. +set dummy gpgme-config; ac_word=$2 +{ echo "$as_me:$LINENO: checking for $ac_word" >&5 +echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } +if test "${ac_cv_path_GPGME_CONFIG+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + case $GPGME_CONFIG in + [\\/]* | ?:[\\/]*) + ac_cv_path_GPGME_CONFIG="$GPGME_CONFIG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_path_GPGME_CONFIG="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done +done +IFS=$as_save_IFS + + ;; +esac +fi +GPGME_CONFIG=$ac_cv_path_GPGME_CONFIG +if test -n "$GPGME_CONFIG"; then + { echo "$as_me:$LINENO: result: $GPGME_CONFIG" >&5 +echo "${ECHO_T}$GPGME_CONFIG" >&6; } +else + { echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6; } +fi + + + +test "x$GPGME_CONFIG" = x && { { echo "$as_me:$LINENO: error: \"\" +\"\" +\"*** gpgme is not installed ! You need to install it before you\" +\"compile openvas-libnasl.\" +\"See http://www.gnupg.org/gpgme.html\"" >&5 +echo "$as_me: error: \"\" +\"\" +\"*** gpgme is not installed ! You need to install it before you\" +\"compile openvas-libnasl.\" +\"See http://www.gnupg.org/gpgme.html\"" >&2;} + { (exit 1); exit 1; }; } + +GPGME_VERSION=`$GPGME_CONFIG --version | sed 's/-.*$//'` + +GPGME_MAJOR=`echo $GPGME_VERSION | \ + sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\)/\1/'` +GPGME_MINOR=`echo $GPGME_VERSION | \ + sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\)/\2/'` +GPGME_PATCH=`echo $GPGME_VERSION | \ + sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\)/\3/'` +REQ_GPGME_MAJOR=`echo $NEED_GPGME_VERSION | \ + sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\)/\1/'` +REQ_GPGME_MINOR=`echo $NEED_GPGME_VERSION | \ + sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\)/\2/'` +REQ_GPGME_PATCH=`echo $NEED_GPGME_VERSION | \ + sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\)/\3/'` + + +ok=no +if test "$GPGME_MAJOR" -gt "$REQ_GPGME_MAJOR"; then + ok=yes +else + if test "$GPGME_MAJOR" -eq "$REQ_GPGME_MAJOR"; then + if test "$GPGME_MINOR" -gt "$REQ_GPGME_MINOR"; then + ok=yes + else + if test "$GPGME_MINOR" -eq "$REQ_GPGME_MINOR"; then + if test "$GPGME_PATCH" -ge "$REQ_GPGME_PATCH"; then + ok=yes + fi + fi + fi + fi +fi +if test $ok = no; then +{ { echo "$as_me:$LINENO: error: gpgme $GPGME_VERSION too old. +Minimum required is $NEED_GPGME_VERSION . +" >&5 +echo "$as_me: error: gpgme $GPGME_VERSION too old. +Minimum required is $NEED_GPGME_VERSION . +" >&2;} + { (exit 1); exit 1; }; } +fi +GPGME_LIBS=`$GPGME_CONFIG --libs` +NASLLIBS="$GPGME_LIBS $NASLLIBS" + + +if test "${ac_cv_header_gcrypt_h+set}" = set; then + { echo "$as_me:$LINENO: checking for gcrypt.h" >&5 +echo $ECHO_N "checking for gcrypt.h... $ECHO_C" >&6; } +if test "${ac_cv_header_gcrypt_h+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +fi +{ echo "$as_me:$LINENO: result: $ac_cv_header_gcrypt_h" >&5 +echo "${ECHO_T}$ac_cv_header_gcrypt_h" >&6; } +else + # Is the header compilable? +{ echo "$as_me:$LINENO: checking gcrypt.h usability" >&5 +echo $ECHO_N "checking gcrypt.h usability... $ECHO_C" >&6; } +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_includes_default +#include +_ACEOF +rm -f conftest.$ac_objext +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then + ac_header_compiler=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_header_compiler=no +fi + +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 +echo "${ECHO_T}$ac_header_compiler" >&6; } + +# Is the header present? +{ echo "$as_me:$LINENO: checking gcrypt.h presence" >&5 +echo $ECHO_N "checking gcrypt.h presence... $ECHO_C" >&6; } +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +_ACEOF +if { (ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } >/dev/null && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + }; then + ac_header_preproc=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_header_preproc=no +fi + +rm -f conftest.err conftest.$ac_ext +{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 +echo "${ECHO_T}$ac_header_preproc" >&6; } + +# So? What about this header? +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) + { echo "$as_me:$LINENO: WARNING: gcrypt.h: accepted by the compiler, rejected by the preprocessor!" >&5 +echo "$as_me: WARNING: gcrypt.h: accepted by the compiler, rejected by the preprocessor!" >&2;} + { echo "$as_me:$LINENO: WARNING: gcrypt.h: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: gcrypt.h: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) + { echo "$as_me:$LINENO: WARNING: gcrypt.h: present but cannot be compiled" >&5 +echo "$as_me: WARNING: gcrypt.h: present but cannot be compiled" >&2;} + { echo "$as_me:$LINENO: WARNING: gcrypt.h: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: gcrypt.h: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: gcrypt.h: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: gcrypt.h: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: gcrypt.h: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: gcrypt.h: section \"Present But Cannot Be Compiled\"" >&2;} + { echo "$as_me:$LINENO: WARNING: gcrypt.h: proceeding with the preprocessor's result" >&5 +echo "$as_me: WARNING: gcrypt.h: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: gcrypt.h: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: gcrypt.h: in the future, the compiler will take precedence" >&2;} + + ;; +esac +{ echo "$as_me:$LINENO: checking for gcrypt.h" >&5 +echo $ECHO_N "checking for gcrypt.h... $ECHO_C" >&6; } +if test "${ac_cv_header_gcrypt_h+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_cv_header_gcrypt_h=$ac_header_preproc +fi +{ echo "$as_me:$LINENO: result: $ac_cv_header_gcrypt_h" >&5 +echo "${ECHO_T}$ac_cv_header_gcrypt_h" >&6; } + +fi +if test $ac_cv_header_gcrypt_h = yes; then + NASLLIBS="-lgcrypt $NASLLIBS" +else + { { echo "$as_me:$LINENO: error: \"gcrypt.h not found\"" >&5 +echo "$as_me: error: \"gcrypt.h not found\"" >&2;} + { (exit 1); exit 1; }; } +fi + + + +# Extract the first word of "bison", so it can be a program name with args. +set dummy bison; ac_word=$2 +{ echo "$as_me:$LINENO: checking for $ac_word" >&5 +echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } +if test "${ac_cv_path_BISON+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + case $BISON in + [\\/]* | ?:[\\/]*) + ac_cv_path_BISON="$BISON" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_path_BISON="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done +done +IFS=$as_save_IFS + + ;; +esac +fi +BISON=$ac_cv_path_BISON +if test -n "$BISON"; then + { echo "$as_me:$LINENO: result: $BISON" >&5 +echo "${ECHO_T}$BISON" >&6; } +else + { echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6; } +fi + + +test "x$BISON" = "x" && { { echo "$as_me:$LINENO: error: \"\" +\"\" +\"*** bison is not installed on this host ! You need to install it before you\" +\"compile libnasl\" +\"Get it at ftp://ftp.gnu.org/pub/gnu/bison/ or check your operating system\" +\"packages\"" >&5 +echo "$as_me: error: \"\" +\"\" +\"*** bison is not installed on this host ! You need to install it before you\" +\"compile libnasl\" +\"Get it at ftp://ftp.gnu.org/pub/gnu/bison/ or check your operating system\" +\"packages\"" >&2;} + { (exit 1); exit 1; }; } + + + { echo "$as_me:$LINENO: checking for dn_expand in -lresolv" >&5 echo $ECHO_N "checking for dn_expand in -lresolv... $ECHO_C" >&6; } if test "${ac_cv_lib_resolv_dn_expand+set}" = set; then @@ -19633,8 +19928,6 @@ - - # Check whether --with-egd was given. if test "${with_egd+set}" = set; then withval=$with_egd; @@ -25191,6 +25484,7 @@ + ac_config_files="$ac_config_files openvas-libraries.tmpl libopenvas-config include/libvers.h" cat >confcache <<\_ACEOF @@ -25889,6 +26183,8 @@ PKG_CONFIG!$PKG_CONFIG$ac_delim GLIB_CFLAGS!$GLIB_CFLAGS$ac_delim GLIB_LIBS!$GLIB_LIBS$ac_delim +GPGME_CONFIG!$GPGME_CONFIG$ac_delim +BISON!$BISON$ac_delim ALLOCA!$ALLOCA$ac_delim CC_NOPIPE!$CC_NOPIPE$ac_delim PWD!$PWD$ac_delim @@ -25902,12 +26198,10 @@ version!$version$ac_delim egdpath!$egdpath$ac_delim debug_ssl!$debug_ssl$ac_delim +NASLLIBS!$NASLLIBS$ac_delim OPENVASLIBS_MAJOR!$OPENVASLIBS_MAJOR$ac_delim OPENVASLIBS_MINOR!$OPENVASLIBS_MINOR$ac_delim OPENVASLIBS_SUPER!$OPENVASLIBS_SUPER$ac_delim -OPENVASLIBS_PATCH!$OPENVASLIBS_PATCH$ac_delim -OPENVASLIBS_DATE!$OPENVASLIBS_DATE$ac_delim -VERSION!$VERSION$ac_delim _ACEOF if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then @@ -25949,12 +26243,15 @@ ac_delim='%!_!# ' for ac_last_try in false false false false false :; do cat >conf$$subs.sed <<_ACEOF +OPENVASLIBS_PATCH!$OPENVASLIBS_PATCH$ac_delim +OPENVASLIBS_DATE!$OPENVASLIBS_DATE$ac_delim +VERSION!$VERSION$ac_delim ac_configure_args!$ac_configure_args$ac_delim LIBOBJS!$LIBOBJS$ac_delim LTLIBOBJS!$LTLIBOBJS$ac_delim _ACEOF - if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 3; then + if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 6; then break elif $ac_last_try; then { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5 From scm-commit at wald.intevation.org Tue Sep 1 10:14:08 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 1 Sep 2009 10:14:08 +0200 (CEST) Subject: [Openvas-commits] r4802 - trunk/openvas-server Message-ID: <20090901081408.CC099852F668@pyrosoma.intevation.org> Author: felix Date: 2009-09-01 10:14:07 +0200 (Tue, 01 Sep 2009) New Revision: 4802 Modified: trunk/openvas-server/ChangeLog trunk/openvas-server/configure Log: * configure: Regenerated. Modified: trunk/openvas-server/ChangeLog =================================================================== --- trunk/openvas-server/ChangeLog 2009-09-01 08:13:07 UTC (rev 4801) +++ trunk/openvas-server/ChangeLog 2009-09-01 08:14:07 UTC (rev 4802) @@ -1,3 +1,7 @@ +2009-09-01 Felix Wolfsteller + + * configure: Regenerated. + 2009-08-31 Felix Wolfsteller * configure.in, openvasd/Makefile: Removed libnasl dependence (is Modified: trunk/openvas-server/configure =================================================================== --- trunk/openvas-server/configure 2009-09-01 08:13:07 UTC (rev 4801) +++ trunk/openvas-server/configure 2009-09-01 08:14:07 UTC (rev 4802) @@ -1,5 +1,5 @@ #! /bin/sh -# From configure.in Revision: 3857 . +# From configure.in Revision: 4785 . # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.61. # @@ -842,7 +842,6 @@ ac_ct_F77 LIBTOOL LIBOPENVASCONFIG -OPENVASLIBNASLCONFIG PKG_CONFIG GLIB_CFLAGS GLIB_LIBS @@ -1960,7 +1959,6 @@ NEED_OPENVASLIBS_VERSION=2.0.4 -NEED_OPENVASLIBNASL_VERSION=2.0.2 save_IFS="${IFS}" IFS=. @@ -3843,7 +3841,7 @@ ;; *-*-irix6*) # Find out which ABI we are using. - echo '#line 3846 "configure"' > conftest.$ac_ext + echo '#line 3844 "configure"' > conftest.$ac_ext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? @@ -6461,11 +6459,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:6464: $lt_compile\"" >&5) + (eval echo "\"\$as_me:6462: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:6468: \$? = $ac_status" >&5 + echo "$as_me:6466: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -6729,11 +6727,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:6732: $lt_compile\"" >&5) + (eval echo "\"\$as_me:6730: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:6736: \$? = $ac_status" >&5 + echo "$as_me:6734: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -6833,11 +6831,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:6836: $lt_compile\"" >&5) + (eval echo "\"\$as_me:6834: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:6840: \$? = $ac_status" >&5 + echo "$as_me:6838: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -9130,7 +9128,7 @@ lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext < conftest.$ac_ext <&5) + (eval echo "\"\$as_me:11567: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:11573: \$? = $ac_status" >&5 + echo "$as_me:11571: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -11670,11 +11668,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:11673: $lt_compile\"" >&5) + (eval echo "\"\$as_me:11671: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:11677: \$? = $ac_status" >&5 + echo "$as_me:11675: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -13231,11 +13229,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:13234: $lt_compile\"" >&5) + (eval echo "\"\$as_me:13232: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:13238: \$? = $ac_status" >&5 + echo "$as_me:13236: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -13335,11 +13333,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:13338: $lt_compile\"" >&5) + (eval echo "\"\$as_me:13336: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:13342: \$? = $ac_status" >&5 + echo "$as_me:13340: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -15522,11 +15520,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:15525: $lt_compile\"" >&5) + (eval echo "\"\$as_me:15523: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:15529: \$? = $ac_status" >&5 + echo "$as_me:15527: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -15790,11 +15788,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:15793: $lt_compile\"" >&5) + (eval echo "\"\$as_me:15791: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:15797: \$? = $ac_status" >&5 + echo "$as_me:15795: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -15894,11 +15892,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:15897: $lt_compile\"" >&5) + (eval echo "\"\$as_me:15895: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:15901: \$? = $ac_status" >&5 + echo "$as_me:15899: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -18594,8 +18592,6 @@ - - # Extract the first word of "libopenvas-config", so it can be a program name with args. set dummy libopenvas-config; ac_word=$2 { echo "$as_me:$LINENO: checking for $ac_word" >&5 @@ -18690,101 +18686,9 @@ fi -# Extract the first word of "openvas-libnasl-config", so it can be a program name with args. -set dummy openvas-libnasl-config; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_path_OPENVASLIBNASLCONFIG+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - case $OPENVASLIBNASLCONFIG in - [\\/]* | ?:[\\/]*) - ac_cv_path_OPENVASLIBNASLCONFIG="$OPENVASLIBNASLCONFIG" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $XPATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_path_OPENVASLIBNASLCONFIG="$as_dir/$ac_word$ac_exec_ext" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - ;; -esac -fi -OPENVASLIBNASLCONFIG=$ac_cv_path_OPENVASLIBNASLCONFIG -if test -n "$OPENVASLIBNASLCONFIG"; then - { echo "$as_me:$LINENO: result: $OPENVASLIBNASLCONFIG" >&5 -echo "${ECHO_T}$OPENVASLIBNASLCONFIG" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - -test "x$OPENVASLIBNASLCONFIG" = x && { { echo "$as_me:$LINENO: error: \"\" -\"\" -\"*** openvas-libnasl is not installed ! You need to install it before you \" -\"compile openvas-server.\"" >&5 -echo "$as_me: error: \"\" -\"\" -\"*** openvas-libnasl is not installed ! You need to install it before you \" -\"compile openvas-server.\"" >&2;} - { (exit 1); exit 1; }; } - -OPENVASLIBNASL_VERSION=`$OPENVASLIBNASLCONFIG --version` - -OPENVASLIBNASL_MAJOR=`echo $OPENVASLIBNASL_VERSION | \ - sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\)/\1/'` -OPENVASLIBNASL_MINOR=`echo $OPENVASLIBNASL_VERSION | \ - sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\)/\2/'` -OPENVASLIBNASL_PATCH=`echo $OPENVASLIBNASL_VERSION | \ - sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\)/\3/'` -REQ_OPENVASLIBNASL_MAJOR=`echo $NEED_OPENVASLIBNASL_VERSION | \ - sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\)/\1/'` -REQ_OPENVASLIBNASL_MINOR=`echo $NEED_OPENVASLIBNASL_VERSION | \ - sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\)/\2/'` -REQ_OPENVASLIBNASL_PATCH=`echo $NEED_OPENVASLIBNASL_VERSION | \ - sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\)/\3/'` - - -ok=no -if test "$OPENVASLIBNASL_MAJOR" -gt "$REQ_OPENVASLIBNASL_MAJOR"; then - ok=yes -else - if test "$OPENVASLIBNASL_MAJOR" -eq "$REQ_OPENVASLIBNASL_MAJOR"; then - if test "$OPENVASLIBNASL_MINOR" -gt "$REQ_OPENVASLIBNASL_MINOR"; then - ok=yes - else - if test "$OPENVASLIBNASL_MINOR" -eq "$REQ_OPENVASLIBNASL_MINOR"; then - if test "$OPENVASLIBNASL_PATCH" -ge "$REQ_OPENVASLIBNASL_PATCH"; then - ok=yes - fi - fi - fi - fi -fi -if test $ok = no; then -{ { echo "$as_me:$LINENO: error: openvas-libnasl $OPENVASLIBNASL_VERSION too old. -Minimum required is $NEED_OPENVASLIBNASL_VERSION . -" >&5 -echo "$as_me: error: openvas-libnasl $OPENVASLIBNASL_VERSION too old. -Minimum required is $NEED_OPENVASLIBNASL_VERSION . -" >&2;} - { (exit 1); exit 1; }; } -fi - - - if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args. @@ -28065,7 +27969,6 @@ - ac_config_files="$ac_config_files openvas.tmpl include/corevers.h openvas-adduser openvas-rmuser openvas-mkcert openvas-mkcert-client openvasd-config openvas-nvt-sync" cat >confcache <<\_ACEOF @@ -28764,7 +28667,6 @@ ac_ct_F77!$ac_ct_F77$ac_delim LIBTOOL!$LIBTOOL$ac_delim LIBOPENVASCONFIG!$LIBOPENVASCONFIG$ac_delim -OPENVASLIBNASLCONFIG!$OPENVASLIBNASLCONFIG$ac_delim PKG_CONFIG!$PKG_CONFIG$ac_delim GLIB_CFLAGS!$GLIB_CFLAGS$ac_delim GLIB_LIBS!$GLIB_LIBS$ac_delim @@ -28788,6 +28690,7 @@ OVS_COMPILER!$OVS_COMPILER$ac_delim OVS_OS_NAME!$OVS_OS_NAME$ac_delim OVS_OS_VERSION!$OVS_OS_VERSION$ac_delim +OPENVASD_CONFDIR!$OPENVASD_CONFDIR$ac_delim _ACEOF if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then @@ -28829,7 +28732,6 @@ ac_delim='%!_!# ' for ac_last_try in false false false false false :; do cat >conf$$subs.sed <<_ACEOF -OPENVASD_CONFDIR!$OPENVASD_CONFDIR$ac_delim OPENVASD_STATEDIR!$OPENVASD_STATEDIR$ac_delim OPENVASD_PIDDIR!$OPENVASD_PIDDIR$ac_delim OPENVASD_SHAREDSTATEDIR!$OPENVASD_SHAREDSTATEDIR$ac_delim @@ -28864,7 +28766,7 @@ LTLIBOBJS!$LTLIBOBJS$ac_delim _ACEOF - if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 33; then + if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 32; then break elif $ac_last_try; then { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5 From scm-commit at wald.intevation.org Tue Sep 1 11:13:53 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 1 Sep 2009 11:13:53 +0200 (CEST) Subject: [Openvas-commits] r4803 - in trunk/openvas-manager: . src src/tests Message-ID: <20090901091353.98CD7852B920@pyrosoma.intevation.org> Author: mattm Date: 2009-09-01 11:13:52 +0200 (Tue, 01 Sep 2009) New Revision: 4803 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/CMakeLists.txt trunk/openvas-manager/src/tests/CMakeLists.txt Log: * src/tests/CMakeLists.txt: Remove "-I .." from all COMPILE_FLAGS. Add libopenvas-config generated flags to OVAS_LDFLAGS and OVAS_CFLAGS. * src/CMakeLists.txt (openvasmd): Replace -lopenvas with OPENVAS_LDFLAGS in LINK_FLAGS. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2009-09-01 08:14:07 UTC (rev 4802) +++ trunk/openvas-manager/ChangeLog 2009-09-01 09:13:52 UTC (rev 4803) @@ -1,3 +1,11 @@ +2009-09-01 Matthew Mundell + + * src/tests/CMakeLists.txt: Remove "-I .." from all COMPILE_FLAGS. Add + libopenvas-config generated flags to OVAS_LDFLAGS and OVAS_CFLAGS. + + * src/CMakeLists.txt (openvasmd): Replace -lopenvas with OPENVAS_LDFLAGS + in LINK_FLAGS. + 2009-08-31 Matthew Mundell * src/oxpd.c: Quote in cpp error message with double quotes. Modified: trunk/openvas-manager/src/CMakeLists.txt =================================================================== --- trunk/openvas-manager/src/CMakeLists.txt 2009-09-01 08:14:07 UTC (rev 4802) +++ trunk/openvas-manager/src/CMakeLists.txt 2009-09-01 09:13:52 UTC (rev 4803) @@ -131,7 +131,7 @@ endif (OPENVAS_SYSCONF_DIR) set_target_properties (openvasmd PROPERTIES LINK_FLAGS - "${LIB_TEMP} -unessus_get_socket_from_connection -lopenvas -lgnutls -lossp-uuid ${GLIB_LDFLAGS} ${TASKS_LDFLAG}") + "${LIB_TEMP} -unessus_get_socket_from_connection -lgnutls -lossp-uuid ${GLIB_LDFLAGS} ${TASKS_LDFLAG} ${OPENVAS_LDFLAGS}") set_target_properties (openvasmd PROPERTIES COMPILE_FLAGS "${TASKS_CFLAG} ${HEADER_TEMP} ${OPENVAS_CFLAGS} ${GLIB_CFLAGS}") Modified: trunk/openvas-manager/src/tests/CMakeLists.txt =================================================================== --- trunk/openvas-manager/src/tests/CMakeLists.txt 2009-09-01 08:14:07 UTC (rev 4802) +++ trunk/openvas-manager/src/tests/CMakeLists.txt 2009-09-01 09:13:52 UTC (rev 4803) @@ -26,8 +26,15 @@ add_definitions (-DTASKS_SQL) +exec_program (libopenvas-config + ARGS --cflags + OUTPUT_VARIABLE OPENVAS_CFLAGS) +exec_program (libopenvas-config + ARGS --libs + OUTPUT_VARIABLE OPENVAS_LDFLAGS) + if (OPENVAS_HEADER_INSTALL_DIR) - set (OVAS_CFLAGS "-I${OPENVAS_HEADER_INSTALL_DIR}") + set (OVAS_CFLAGS "-I${OPENVAS_HEADER_INSTALL_DIR} ${OPENVAS_CFLAGS}") else (OPENVAS_HEADER_INSTALL_DIR) set (OVAS_CFLAGS "") endif (OPENVAS_HEADER_INSTALL_DIR) @@ -38,7 +45,7 @@ set (LIB_TEMP "") endif (OPENVAS_LIB_INSTALL_DIR) -set (OVAS_LDFLAG "${LIB_TEMP} -lsqlite3 -lgnutls -lopenvas") +set (OVAS_LDFLAG "${LIB_TEMP} -lsqlite3 -lgnutls ${OPENVAS_LDFLAGS}") MARK_AS_ADVANCED (LIB_TEMP) @@ -53,7 +60,7 @@ ## Libraries add_library (common common.c) -set_target_properties (common PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (common PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") ## Tests of support libraries @@ -63,48 +70,48 @@ add_executable (make_report_uuid_0 make_report_uuid_0.c) target_link_libraries (make_report_uuid_0 manage ovas-mngr-comm string file) -set_target_properties (make_report_uuid_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS} ${OVAS_CFLAGS}") +set_target_properties (make_report_uuid_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS} ${OVAS_CFLAGS}") set_target_properties (make_report_uuid_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS} -lossp-uuid") ADD_TEST (make_report_uuid_0 make_report_uuid_0) add_executable (rmdir_recursively_0 rmdir_recursively_0.c) target_link_libraries (rmdir_recursively_0 file) -set_target_properties (rmdir_recursively_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (rmdir_recursively_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (rmdir_recursively_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (rmdir_recursively_0 common) ADD_TEST (rmdir_recursively_0 rmdir_recursively_0) add_executable (rmdir_recursively_1 rmdir_recursively_1.c) target_link_libraries (rmdir_recursively_1 file) -set_target_properties (rmdir_recursively_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (rmdir_recursively_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (rmdir_recursively_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (rmdir_recursively_1 common) ADD_TEST (rmdir_recursively_1 rmdir_recursively_1) add_executable (strip_space_0 strip_space_0.c) target_link_libraries (strip_space_0 string) -set_target_properties (strip_space_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (strip_space_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (strip_space_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (strip_space_0 common) ADD_TEST (strip_space_0 strip_space_0) add_executable (strip_space_1 strip_space_1.c) target_link_libraries (strip_space_1 string) -set_target_properties (strip_space_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (strip_space_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (strip_space_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (strip_space_1 common) ADD_TEST (strip_space_1 strip_space_1) add_executable (strip_space_2 strip_space_2.c) target_link_libraries (strip_space_2 string) -set_target_properties (strip_space_2 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (strip_space_2 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (strip_space_2 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (strip_space_2 common) ADD_TEST (strip_space_2 strip_space_2) add_executable (strip_space_3 strip_space_3.c) target_link_libraries (strip_space_3 string) -set_target_properties (strip_space_3 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (strip_space_3 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (strip_space_3 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (strip_space_3 common) ADD_TEST (strip_space_3 strip_space_3) @@ -113,525 +120,525 @@ add_executable (omp_abort_task_0 omp_abort_task_0.c) target_link_libraries (omp_abort_task_0 string) -set_target_properties (omp_abort_task_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_abort_task_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_abort_task_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_abort_task_0 common) ADD_TEST (omp_abort_task_0 omp_abort_task_0) add_executable (omp_authenticate_0 omp_authenticate_0.c) target_link_libraries (omp_authenticate_0 string) -set_target_properties (omp_authenticate_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_authenticate_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_authenticate_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_authenticate_0 common) ADD_TEST (omp_authenticate_0 omp_authenticate_0) add_executable (omp_bogus_0 omp_bogus_0.c) target_link_libraries (omp_bogus_0 string) -set_target_properties (omp_bogus_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_bogus_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_bogus_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_bogus_0 common) ADD_TEST (omp_bogus_0 omp_bogus_0) add_executable (omp_bogus_1 omp_bogus_1.c) target_link_libraries (omp_bogus_1 string) -set_target_properties (omp_bogus_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_bogus_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_bogus_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_bogus_1 common) ADD_TEST (omp_bogus_1 omp_bogus_1) add_executable (omp_commands_0 omp_commands_0.c) target_link_libraries (omp_commands_0 string) -set_target_properties (omp_commands_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_commands_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_commands_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_commands_0 common) ADD_TEST (omp_commands_0 omp_commands_0) add_executable (omp_create_config_0 omp_create_config_0.c) target_link_libraries (omp_create_config_0 string) -set_target_properties (omp_create_config_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_create_config_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_create_config_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_create_config_0 common) ADD_TEST (omp_create_config_0 omp_create_config_0) add_executable (omp_create_config_1 omp_create_config_1.c) target_link_libraries (omp_create_config_1 string) -set_target_properties (omp_create_config_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_create_config_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_create_config_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_create_config_1 common) ADD_TEST (omp_create_config_1 omp_create_config_1) add_executable (omp_create_target_0 omp_create_target_0.c) target_link_libraries (omp_create_target_0 string) -set_target_properties (omp_create_target_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_create_target_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_create_target_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_create_target_0 common) ADD_TEST (omp_create_target_0 omp_create_target_0) add_executable (omp_create_target_1 omp_create_target_1.c) target_link_libraries (omp_create_target_1 string) -set_target_properties (omp_create_target_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_create_target_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_create_target_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_create_target_1 common) ADD_TEST (omp_create_target_1 omp_create_target_1) add_executable (omp_create_task_0 omp_create_task_0.c) target_link_libraries (omp_create_task_0 string) -set_target_properties (omp_create_task_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_create_task_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_create_task_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_create_task_0 common) ADD_TEST (omp_create_task_0 omp_create_task_0) add_executable (omp_create_task_1 omp_create_task_1.c) target_link_libraries (omp_create_task_1 string) -set_target_properties (omp_create_task_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_create_task_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_create_task_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_create_task_1 common) ADD_TEST (omp_create_task_1 omp_create_task_1) add_executable (omp_create_task_2 omp_create_task_2.c) target_link_libraries (omp_create_task_2 string) -set_target_properties (omp_create_task_2 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_create_task_2 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_create_task_2 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_create_task_2 common) ADD_TEST (omp_create_task_2 omp_create_task_2) add_executable (omp_create_task_3 omp_create_task_3.c) target_link_libraries (omp_create_task_3 string) -set_target_properties (omp_create_task_3 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_create_task_3 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_create_task_3 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_create_task_3 common) ADD_TEST (omp_create_task_3 omp_create_task_3) add_executable (omp_create_task_4 omp_create_task_4.c) target_link_libraries (omp_create_task_4 string) -set_target_properties (omp_create_task_4 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_create_task_4 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_create_task_4 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_create_task_4 common) ADD_TEST (omp_create_task_4 omp_create_task_4) add_executable (omp_delete_config_0 omp_delete_config_0.c) target_link_libraries (omp_delete_config_0 string) -set_target_properties (omp_delete_config_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_delete_config_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_delete_config_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_delete_config_0 common) ADD_TEST (omp_delete_config_0 omp_delete_config_0) add_executable (omp_delete_config_1 omp_delete_config_1.c) target_link_libraries (omp_delete_config_1 string) -set_target_properties (omp_delete_config_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_delete_config_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_delete_config_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_delete_config_1 common) ADD_TEST (omp_delete_config_1 omp_delete_config_1) add_executable (omp_delete_report_0 omp_delete_report_0.c) target_link_libraries (omp_delete_report_0 string) -set_target_properties (omp_delete_report_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_delete_report_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_delete_report_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_delete_report_0 common) ADD_TEST (omp_delete_report_0 omp_delete_report_0) add_executable (omp_delete_report_1 omp_delete_report_1.c) target_link_libraries (omp_delete_report_1 string) -set_target_properties (omp_delete_report_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_delete_report_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_delete_report_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_delete_report_1 common) ADD_TEST (omp_delete_report_1 omp_delete_report_1) add_executable (omp_delete_target_0 omp_delete_target_0.c) target_link_libraries (omp_delete_target_0 string) -set_target_properties (omp_delete_target_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_delete_target_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_delete_target_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_delete_target_0 common) ADD_TEST (omp_delete_target_0 omp_delete_target_0) add_executable (omp_delete_target_1 omp_delete_target_1.c) target_link_libraries (omp_delete_target_1 string) -set_target_properties (omp_delete_target_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_delete_target_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_delete_target_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_delete_target_1 common) ADD_TEST (omp_delete_target_1 omp_delete_target_1) add_executable (omp_delete_task_0 omp_delete_task_0.c) target_link_libraries (omp_delete_task_0 string) -set_target_properties (omp_delete_task_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_delete_task_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_delete_task_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_delete_task_0 common) ADD_TEST (omp_delete_task_0 omp_delete_task_0) add_executable (omp_delete_task_1 omp_delete_task_1.c) target_link_libraries (omp_delete_task_1 string) -set_target_properties (omp_delete_task_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_delete_task_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_delete_task_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_delete_task_1 common) ADD_TEST (omp_delete_task_1 omp_delete_task_1) add_executable (omp_delete_task_2 omp_delete_task_2.c) target_link_libraries (omp_delete_task_2 string) -set_target_properties (omp_delete_task_2 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_delete_task_2 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_delete_task_2 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_delete_task_2 common) ADD_TEST (omp_delete_task_2 omp_delete_task_2) add_executable (omp_get_certificates_0 omp_get_certificates_0.c) target_link_libraries (omp_get_certificates_0 string) -set_target_properties (omp_get_certificates_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_certificates_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_certificates_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_certificates_0 common) ADD_TEST (omp_get_certificates_0 omp_get_certificates_0) add_executable (omp_get_certificates_1 omp_get_certificates_1.c) target_link_libraries (omp_get_certificates_1 string) -set_target_properties (omp_get_certificates_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_certificates_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_certificates_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_certificates_1 common) ADD_TEST (omp_get_certificates_1 omp_get_certificates_1) add_executable (omp_get_configs_0 omp_get_configs_0.c) target_link_libraries (omp_get_configs_0 string) -set_target_properties (omp_get_configs_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_configs_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_configs_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_configs_0 common) ADD_TEST (omp_get_configs_0 omp_get_configs_0) add_executable (omp_get_configs_1 omp_get_configs_1.c) target_link_libraries (omp_get_configs_1 string) -set_target_properties (omp_get_configs_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_configs_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_configs_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_configs_1 common) ADD_TEST (omp_get_configs_1 omp_get_configs_1) add_executable (omp_get_configs_2 omp_get_configs_2.c) target_link_libraries (omp_get_configs_2 string) -set_target_properties (omp_get_configs_2 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_configs_2 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_configs_2 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_configs_2 common) ADD_TEST (omp_get_configs_2 omp_get_configs_2) add_executable (omp_get_configs_3 omp_get_configs_3.c) target_link_libraries (omp_get_configs_3 string) -set_target_properties (omp_get_configs_3 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_configs_3 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_configs_3 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_configs_3 common) ADD_TEST (omp_get_configs_3 omp_get_configs_3) add_executable (omp_get_dependencies_0 omp_get_dependencies_0.c) target_link_libraries (omp_get_dependencies_0 string) -set_target_properties (omp_get_dependencies_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_dependencies_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_dependencies_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_dependencies_0 common) ADD_TEST (omp_get_dependencies_0 omp_get_dependencies_0) add_executable (omp_get_dependencies_1 omp_get_dependencies_1.c) target_link_libraries (omp_get_dependencies_1 string) -set_target_properties (omp_get_dependencies_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_dependencies_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_dependencies_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_dependencies_1 common) ADD_TEST (omp_get_dependencies_1 omp_get_dependencies_1) add_executable (omp_get_targets_0 omp_get_targets_0.c) target_link_libraries (omp_get_targets_0 string) -set_target_properties (omp_get_targets_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_targets_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_targets_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_targets_0 common) ADD_TEST (omp_get_targets_0 omp_get_targets_0) add_executable (omp_get_nvt_all_0 omp_get_nvt_all_0.c) target_link_libraries (omp_get_nvt_all_0 string) -set_target_properties (omp_get_nvt_all_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_nvt_all_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_nvt_all_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_nvt_all_0 common) ADD_TEST (omp_get_nvt_all_0 omp_get_nvt_all_0) add_executable (omp_get_nvt_all_1 omp_get_nvt_all_1.c) target_link_libraries (omp_get_nvt_all_1 string) -set_target_properties (omp_get_nvt_all_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_nvt_all_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_nvt_all_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_nvt_all_1 common) ADD_TEST (omp_get_nvt_all_1 omp_get_nvt_all_1) add_executable (omp_get_nvt_details_0 omp_get_nvt_details_0.c) target_link_libraries (omp_get_nvt_details_0 string) -set_target_properties (omp_get_nvt_details_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_nvt_details_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_nvt_details_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_nvt_details_0 common) ADD_TEST (omp_get_nvt_details_0 omp_get_nvt_details_0) add_executable (omp_get_nvt_details_1 omp_get_nvt_details_1.c) target_link_libraries (omp_get_nvt_details_1 string) -set_target_properties (omp_get_nvt_details_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_nvt_details_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_nvt_details_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_nvt_details_1 common) ADD_TEST (omp_get_nvt_details_1 omp_get_nvt_details_1) add_executable (omp_get_nvt_details_2 omp_get_nvt_details_2.c) target_link_libraries (omp_get_nvt_details_2 string) -set_target_properties (omp_get_nvt_details_2 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_nvt_details_2 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_nvt_details_2 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_nvt_details_2 common) ADD_TEST (omp_get_nvt_details_2 omp_get_nvt_details_2) add_executable (omp_get_nvt_details_3 omp_get_nvt_details_3.c) target_link_libraries (omp_get_nvt_details_3 string) -set_target_properties (omp_get_nvt_details_3 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_nvt_details_3 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_nvt_details_3 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_nvt_details_3 common) ADD_TEST (omp_get_nvt_details_3 omp_get_nvt_details_3) add_executable (omp_get_nvt_details_4 omp_get_nvt_details_4.c) target_link_libraries (omp_get_nvt_details_4 string) -set_target_properties (omp_get_nvt_details_4 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_nvt_details_4 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_nvt_details_4 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_nvt_details_4 common) ADD_TEST (omp_get_nvt_details_4 omp_get_nvt_details_4) add_executable (omp_get_nvt_feed_checksum_0 omp_get_nvt_feed_checksum_0.c) target_link_libraries (omp_get_nvt_feed_checksum_0 string) -set_target_properties (omp_get_nvt_feed_checksum_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_nvt_feed_checksum_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_nvt_feed_checksum_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_nvt_feed_checksum_0 common) ADD_TEST (omp_get_nvt_feed_checksum_0 omp_get_nvt_feed_checksum_0) add_executable (omp_get_nvt_feed_checksum_1 omp_get_nvt_feed_checksum_1.c) target_link_libraries (omp_get_nvt_feed_checksum_1 string) -set_target_properties (omp_get_nvt_feed_checksum_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_nvt_feed_checksum_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_nvt_feed_checksum_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_nvt_feed_checksum_1 common) ADD_TEST (omp_get_nvt_feed_checksum_1 omp_get_nvt_feed_checksum_1) add_executable (omp_get_nvt_feed_checksum_2 omp_get_nvt_feed_checksum_2.c) target_link_libraries (omp_get_nvt_feed_checksum_2 string) -set_target_properties (omp_get_nvt_feed_checksum_2 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_nvt_feed_checksum_2 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_nvt_feed_checksum_2 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_nvt_feed_checksum_2 common) ADD_TEST (omp_get_nvt_feed_checksum_2 omp_get_nvt_feed_checksum_2) add_executable (omp_get_nvt_feed_checksum_3 omp_get_nvt_feed_checksum_3.c) target_link_libraries (omp_get_nvt_feed_checksum_3 string) -set_target_properties (omp_get_nvt_feed_checksum_3 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_nvt_feed_checksum_3 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_nvt_feed_checksum_3 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_nvt_feed_checksum_3 common) ADD_TEST (omp_get_nvt_feed_checksum_3 omp_get_nvt_feed_checksum_3) add_executable (omp_get_nvt_feed_checksum_4 omp_get_nvt_feed_checksum_4.c) target_link_libraries (omp_get_nvt_feed_checksum_4 string) -set_target_properties (omp_get_nvt_feed_checksum_4 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_nvt_feed_checksum_4 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_nvt_feed_checksum_4 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_nvt_feed_checksum_4 common) ADD_TEST (omp_get_nvt_feed_checksum_4 omp_get_nvt_feed_checksum_4) add_executable (omp_get_nvt_feed_checksum_5 omp_get_nvt_feed_checksum_5.c) target_link_libraries (omp_get_nvt_feed_checksum_5 string) -set_target_properties (omp_get_nvt_feed_checksum_5 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_nvt_feed_checksum_5 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_nvt_feed_checksum_5 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_nvt_feed_checksum_5 common) ADD_TEST (omp_get_nvt_feed_checksum_5 omp_get_nvt_feed_checksum_5) add_executable (omp_get_preferences_0 omp_get_preferences_0.c) target_link_libraries (omp_get_preferences_0 string) -set_target_properties (omp_get_preferences_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_preferences_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_preferences_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_preferences_0 common) ADD_TEST (omp_get_preferences_0 omp_get_preferences_0) add_executable (omp_get_preferences_1 omp_get_preferences_1.c) target_link_libraries (omp_get_preferences_1 string) -set_target_properties (omp_get_preferences_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_preferences_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_preferences_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_preferences_1 common) ADD_TEST (omp_get_preferences_1 omp_get_preferences_1) add_executable (omp_get_report_0 omp_get_report_0.c) target_link_libraries (omp_get_report_0 string) -set_target_properties (omp_get_report_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_report_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_report_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_report_0 common) ADD_TEST (omp_get_report_0 omp_get_report_0) add_executable (omp_get_report_1 omp_get_report_1.c) target_link_libraries (omp_get_report_1 string) -set_target_properties (omp_get_report_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_report_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_report_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_report_1 common) ADD_TEST (omp_get_report_1 omp_get_report_1) add_executable (omp_get_report_2 omp_get_report_2.c) target_link_libraries (omp_get_report_2 string) -set_target_properties (omp_get_report_2 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_report_2 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_report_2 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_report_2 common) ADD_TEST (omp_get_report_2 omp_get_report_2) add_executable (omp_get_report_3 omp_get_report_3.c) target_link_libraries (omp_get_report_3 string) -set_target_properties (omp_get_report_3 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_report_3 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_report_3 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_report_3 common) ADD_TEST (omp_get_report_3 omp_get_report_3) add_executable (omp_get_report_4 omp_get_report_4.c) target_link_libraries (omp_get_report_4 string) -set_target_properties (omp_get_report_4 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_report_4 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_report_4 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_report_4 common) ADD_TEST (omp_get_report_4 omp_get_report_4) add_executable (omp_get_report_5 omp_get_report_5.c) target_link_libraries (omp_get_report_5 string) -set_target_properties (omp_get_report_5 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_report_5 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_report_5 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_report_5 common) ADD_TEST (omp_get_report_5 omp_get_report_5) add_executable (omp_get_report_6 omp_get_report_6.c) target_link_libraries (omp_get_report_6 string) -set_target_properties (omp_get_report_6 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_report_6 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_report_6 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_report_6 common) ADD_TEST (omp_get_report_6 omp_get_report_6) add_executable (omp_get_report_7 omp_get_report_7.c) target_link_libraries (omp_get_report_7 string) -set_target_properties (omp_get_report_7 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_report_7 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_report_7 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_report_7 common) ADD_TEST (omp_get_report_7 omp_get_report_7) add_executable (omp_get_report_8 omp_get_report_8.c) target_link_libraries (omp_get_report_8 string) -set_target_properties (omp_get_report_8 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_report_8 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_report_8 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_report_8 common) ADD_TEST (omp_get_report_8 omp_get_report_8) add_executable (omp_get_rules_0 omp_get_rules_0.c) target_link_libraries (omp_get_rules_0 string) -set_target_properties (omp_get_rules_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_rules_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_rules_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_rules_0 common) ADD_TEST (omp_get_rules_0 omp_get_rules_0) add_executable (omp_get_rules_1 omp_get_rules_1.c) target_link_libraries (omp_get_rules_1 string) -set_target_properties (omp_get_rules_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_rules_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_rules_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_rules_1 common) ADD_TEST (omp_get_rules_1 omp_get_rules_1) add_executable (omp_get_status_0 omp_get_status_0.c) target_link_libraries (omp_get_status_0 string) -set_target_properties (omp_get_status_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_status_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_status_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_status_0 common) ADD_TEST (omp_get_status_0 omp_get_status_0) add_executable (omp_get_status_1 omp_get_status_1.c) target_link_libraries (omp_get_status_1 string) -set_target_properties (omp_get_status_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_status_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_status_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_status_1 common) ADD_TEST (omp_get_status_1 omp_get_status_1) add_executable (omp_get_status_2 omp_get_status_2.c) target_link_libraries (omp_get_status_2 string) -set_target_properties (omp_get_status_2 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_status_2 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_status_2 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_status_2 common) ADD_TEST (omp_get_status_2 omp_get_status_2) add_executable (omp_get_status_3 omp_get_status_3.c) target_link_libraries (omp_get_status_3 string) -set_target_properties (omp_get_status_3 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_status_3 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_status_3 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_status_3 common) ADD_TEST (omp_get_status_3 omp_get_status_3) add_executable (omp_get_status_4 omp_get_status_4.c) target_link_libraries (omp_get_status_4 string) -set_target_properties (omp_get_status_4 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_status_4 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_status_4 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_status_4 common) ADD_TEST (omp_get_status_4 omp_get_status_4) add_executable (omp_get_status_5 omp_get_status_5.c) target_link_libraries (omp_get_status_5 string) -set_target_properties (omp_get_status_5 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_status_5 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_status_5 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_status_5 common) ADD_TEST (omp_get_status_5 omp_get_status_5) add_executable (omp_get_version_0 omp_get_version_0.c) target_link_libraries (omp_get_version_0 string) -set_target_properties (omp_get_version_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_get_version_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_get_version_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_get_version_0 common) ADD_TEST (omp_get_version_0 omp_get_version_0) add_executable (omp_help_0 omp_help_0.c) target_link_libraries (omp_help_0 string) -set_target_properties (omp_help_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_help_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_help_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_help_0 common) ADD_TEST (omp_help_0 omp_help_0) add_executable (omp_help_1 omp_help_1.c) target_link_libraries (omp_help_1 string) -set_target_properties (omp_help_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_help_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_help_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_help_1 common) ADD_TEST (omp_help_1 omp_help_1) add_executable (omp_modify_report_0 omp_modify_report_0.c) target_link_libraries (omp_modify_report_0 string) -set_target_properties (omp_modify_report_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_modify_report_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_modify_report_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_modify_report_0 common) ADD_TEST (omp_modify_report_0 omp_modify_report_0) add_executable (omp_modify_task_0 omp_modify_task_0.c) target_link_libraries (omp_modify_task_0 string) -set_target_properties (omp_modify_task_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_modify_task_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_modify_task_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_modify_task_0 common) ADD_TEST (omp_modify_task_0 omp_modify_task_0) add_executable (omp_modify_task_1 omp_modify_task_1.c) target_link_libraries (omp_modify_task_1 string) -set_target_properties (omp_modify_task_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_modify_task_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_modify_task_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_modify_task_1 common) ADD_TEST (omp_modify_task_1 omp_modify_task_1) add_executable (omp_start_task_0 omp_start_task_0.c) target_link_libraries (omp_start_task_0 string) -set_target_properties (omp_start_task_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_start_task_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_start_task_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_start_task_0 common) ADD_TEST (omp_start_task_0 omp_start_task_0) add_executable (omp_start_task_1 omp_start_task_1.c) target_link_libraries (omp_start_task_1 string) -set_target_properties (omp_start_task_1 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_start_task_1 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_start_task_1 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_start_task_1 common) ADD_TEST (omp_start_task_1 omp_start_task_1) add_executable (omp_start_task_2 omp_start_task_2.c) target_link_libraries (omp_start_task_2 string) -set_target_properties (omp_start_task_2 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_start_task_2 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_start_task_2 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_start_task_2 common) ADD_TEST (omp_start_task_2 omp_start_task_2) add_executable (omp_start_task_3 omp_start_task_3.c) target_link_libraries (omp_start_task_3 string) -set_target_properties (omp_start_task_3 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_start_task_3 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_start_task_3 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_start_task_3 common) ADD_TEST (omp_start_task_3 omp_start_task_3) add_executable (omp_start_task_4 omp_start_task_4.c) target_link_libraries (omp_start_task_4 string) -set_target_properties (omp_start_task_4 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_start_task_4 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (omp_start_task_4 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (omp_start_task_4 common) ADD_TEST (omp_start_task_4 omp_start_task_4) @@ -640,14 +647,14 @@ add_executable (read_protocol_0 read_protocol_0.c) target_link_libraries (read_protocol_0 string) -set_target_properties (read_protocol_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (read_protocol_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (read_protocol_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (read_protocol_0 common) ADD_TEST (read_protocol_0 read_protocol_0) add_executable (timeout_0 timeout_0.c) target_link_libraries (timeout_0 string) -set_target_properties (timeout_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (timeout_0 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") set_target_properties (timeout_0 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") target_link_libraries (timeout_0 common) ADD_TEST (timeout_0 timeout_0) From scm-commit at wald.intevation.org Tue Sep 1 11:22:55 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 1 Sep 2009 11:22:55 +0200 (CEST) Subject: [Openvas-commits] r4804 - in trunk/openvas-manager: . src/tests Message-ID: <20090901092255.49C34852F98D@pyrosoma.intevation.org> Author: mattm Date: 2009-09-01 11:22:54 +0200 (Tue, 01 Sep 2009) New Revision: 4804 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/tests/common.c Log: * src/tests/common.c (OPENVASMD_PORT): Change to 9390. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2009-09-01 09:13:52 UTC (rev 4803) +++ trunk/openvas-manager/ChangeLog 2009-09-01 09:22:54 UTC (rev 4804) @@ -1,5 +1,9 @@ 2009-09-01 Matthew Mundell + * src/tests/common.c (OPENVASMD_PORT): Change to 9390. + +2009-09-01 Matthew Mundell + * src/tests/CMakeLists.txt: Remove "-I .." from all COMPILE_FLAGS. Add libopenvas-config generated flags to OVAS_LDFLAGS and OVAS_CFLAGS. Modified: trunk/openvas-manager/src/tests/common.c =================================================================== --- trunk/openvas-manager/src/tests/common.c 2009-09-01 09:13:52 UTC (rev 4803) +++ trunk/openvas-manager/src/tests/common.c 2009-09-01 09:22:54 UTC (rev 4804) @@ -57,7 +57,7 @@ /** * @brief Manager (openvasmd) port. */ -#define OPENVASMD_PORT 1242 +#define OPENVASMD_PORT 9390 /** * @brief Manager (openvasmd) address. From scm-commit at wald.intevation.org Tue Sep 1 12:58:13 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 1 Sep 2009 12:58:13 +0200 (CEST) Subject: [Openvas-commits] r4805 - trunk/openvas-plugins/scripts Message-ID: <20090901105813.D7FEC85C730F@pyrosoma.intevation.org> Author: chandra Date: 2009-09-01 12:58:12 +0200 (Tue, 01 Sep 2009) New Revision: 4805 Modified: trunk/openvas-plugins/scripts/remote-MS04-017.nasl Log: Updated to resolve the issue in dump messages Modified: trunk/openvas-plugins/scripts/remote-MS04-017.nasl =================================================================== --- trunk/openvas-plugins/scripts/remote-MS04-017.nasl 2009-09-01 09:22:54 UTC (rev 4804) +++ trunk/openvas-plugins/scripts/remote-MS04-017.nasl 2009-09-01 10:58:12 UTC (rev 4805) @@ -108,19 +108,22 @@ foreach page (pages) { soc = open_sock_tcp(port); - # build the malicious request - request = page + '/crystalimagehandler.aspx?dynamicimage=../../../../../../../../../boot.ini'; + if(soc) + { + # build the malicious request + request = page + '/crystalimagehandler.aspx?dynamicimage=../../../../../../../../../boot.ini'; - qry = string('GET ' + request + ' HTTP/1.0\r\n', - 'Host: ' + h_ip + ':' + port + '\r\n\r\n'); + qry = string('GET ' + request + ' HTTP/1.0\r\n', + 'Host: ' + h_ip + ':' + port + '\r\n\r\n'); - req = http_get(item:qry, port:port); - send(socket:soc, data: req); + req = http_get(item:qry, port:port); + send(socket:soc, data: req); - # Get back the response - reply = recv(socket:soc, length:4096); + # Get back the response + reply = recv(socket:soc, length:4096); - close(soc); + close(soc); + } if(reply) { From scm-commit at wald.intevation.org Tue Sep 1 16:01:26 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 1 Sep 2009 16:01:26 +0200 (CEST) Subject: [Openvas-commits] r4806 - in trunk/openvas-manager: . src Message-ID: <20090901140126.512BB852FC1D@pyrosoma.intevation.org> Author: mattm Date: 2009-09-01 16:01:23 +0200 (Tue, 01 Sep 2009) New Revision: 4806 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/tasks_sql.h Log: * src/tasks_sql.h (setup_full_config_prefs): Switch to integers for the option args, to work around sending string literals to `sql'. Update callers. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2009-09-01 10:58:12 UTC (rev 4805) +++ trunk/openvas-manager/ChangeLog 2009-09-01 14:01:23 UTC (rev 4806) @@ -1,5 +1,11 @@ 2009-09-01 Matthew Mundell + * src/tasks_sql.h (setup_full_config_prefs): Switch to integers for the + option args, to work around sending string literals to `sql'. Update + callers. + +2009-09-01 Matthew Mundell + * src/tests/common.c (OPENVASMD_PORT): Change to 9390. 2009-09-01 Matthew Mundell Modified: trunk/openvas-manager/src/tasks_sql.h =================================================================== --- trunk/openvas-manager/src/tasks_sql.h 2009-09-01 10:58:12 UTC (rev 4805) +++ trunk/openvas-manager/src/tasks_sql.h 2009-09-01 14:01:23 UTC (rev 4806) @@ -522,13 +522,13 @@ * @brief Setup config preferences for a config. * * @param[in] config The config. - * @param[in] safe_checks Value for safe_checks option. - * @param[in] optimize_test Value for optimize_test option. - * @param[in] port_range Value for port_range option. + * @param[in] safe_checks safe_checks option: 1 for "yes", 0 for "no". + * @param[in] optimize_test optimize_test option: 1 for "yes", 0 for "no". + * @param[in] port_range port_range option: 1 for "yes", 0 for "no". */ -void -setup_full_config_prefs (config_t config, const char *safe_checks, - const char *optimize_test, const char *port_range) +static void +setup_full_config_prefs (config_t config, int safe_checks, + int optimize_test, int port_range) { sql ("INSERT into config_preferences (config, type, name, value)" " VALUES (%i, 'SERVER_PREFS', 'max_hosts', '20');", @@ -539,11 +539,15 @@ sql ("INSERT into config_preferences (config, type, name, value)" " VALUES (%i, 'SERVER_PREFS', 'cgi_path', '/cgi-bin:/scripts');", config); + if (port_range) + sql ("INSERT into config_preferences (config, type, name, value)" + " VALUES (%i, 'SERVER_PREFS', 'port_range', '1-65535');", + config); + else + sql ("INSERT into config_preferences (config, type, name, value)" + " VALUES (%i, 'SERVER_PREFS', 'port_range', 'default');", + config); sql ("INSERT into config_preferences (config, type, name, value)" - " VALUES (%i, 'SERVER_PREFS', 'port_range', '%s');", - config, - port_range); - sql ("INSERT into config_preferences (config, type, name, value)" " VALUES (%i, 'SERVER_PREFS', 'auto_enable_dependencies', 'yes');", config); sql ("INSERT into config_preferences (config, type, name, value)" @@ -558,15 +562,23 @@ sql ("INSERT into config_preferences (config, type, name, value)" " VALUES (%i, 'SERVER_PREFS', 'reverse_lookup', 'no');", config); + if (optimize_test) + sql ("INSERT into config_preferences (config, type, name, value)" + " VALUES (%i, 'SERVER_PREFS', 'optimize_test', 'yes');", + config); + else + sql ("INSERT into config_preferences (config, type, name, value)" + " VALUES (%i, 'SERVER_PREFS', 'optimize_test', 'no');", + config); + if (safe_checks) + sql ("INSERT into config_preferences (config, type, name, value)" + " VALUES (%i, 'SERVER_PREFS', 'safe_checks', 'yes');", + config); + else + sql ("INSERT into config_preferences (config, type, name, value)" + " VALUES (%i, 'SERVER_PREFS', 'safe_checks', 'no');", + config); sql ("INSERT into config_preferences (config, type, name, value)" - " VALUES (%i, 'SERVER_PREFS', 'optimize_test', '%s');", - config, - optimize_test); - sql ("INSERT into config_preferences (config, type, name, value)" - " VALUES (%i, 'SERVER_PREFS', 'safe_checks', '%s');", - config, - safe_checks); - sql ("INSERT into config_preferences (config, type, name, value)" " VALUES (%i, 'SERVER_PREFS', 'use_mac_addr', 'no');", config); sql ("INSERT into config_preferences (config, type, name, value)" @@ -715,7 +727,7 @@ /* Setup preferences for the config. */ config = sqlite3_last_insert_rowid (task_db); - setup_full_config_prefs (config, "yes", "yes", "default"); + setup_full_config_prefs (config, 1, 1, 0); } if (sql_int (0, 0, @@ -732,9 +744,9 @@ " optimized by using previously collected information.'," " 1, 1);"); - /* Setup preferences for the full config. */ + /* Setup preferences for the config. */ config = sqlite3_last_insert_rowid (task_db); - setup_full_config_prefs (config, "no", "yes", "default"); + setup_full_config_prefs (config, 0, 1, 0); } if (sql_int (0, 0, @@ -750,10 +762,9 @@ " 'All NVT''s; don''t trust previously collected information; slow.'," " 1, 1);"); - /* Setup preferences for the full config. */ + /* Setup preferences for the config. */ config = sqlite3_last_insert_rowid (task_db); - setup_full_config_prefs (config, "yes", "no", "1-65535"); - + setup_full_config_prefs (config, 1, 0, 1); } if (sql_int (0, 0, @@ -770,9 +781,9 @@ " don''t trust previously collected information; slow.'," " 1, 1);"); - /* Setup preferences for the full config. */ + /* Setup preferences for the config. */ config = sqlite3_last_insert_rowid (task_db); - setup_full_config_prefs (config, "no", "no", "1-65535"); + setup_full_config_prefs (config, 0, 0, 1); } /* Ensure the predefined target exists. */ From scm-commit at wald.intevation.org Tue Sep 1 17:32:51 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 1 Sep 2009 17:32:51 +0200 (CEST) Subject: [Openvas-commits] r4807 - in trunk/openvas-manager: . src src/tests Message-ID: <20090901153251.32036852FD65@pyrosoma.intevation.org> Author: mattm Date: 2009-09-01 17:32:49 +0200 (Tue, 01 Sep 2009) New Revision: 4807 Added: trunk/openvas-manager/src/tests/omp_start_task_5.c Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/manage.c trunk/openvas-manager/src/omp.c trunk/openvas-manager/src/tests/CMakeLists.txt Log: Switch START_TASK response to an error if the task is active. * src/manage.c (start_task): Return 1 if task is active. * src/omp.c (omp_xml_handle_end_element): In CLIENT_START_TASK respond with error if task is active. * src/tests/omp_start_task_5.c: New file. * src/tests/CMakeLists.txt: Add omp_start_task_5. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2009-09-01 14:01:23 UTC (rev 4806) +++ trunk/openvas-manager/ChangeLog 2009-09-01 15:32:49 UTC (rev 4807) @@ -1,5 +1,18 @@ 2009-09-01 Matthew Mundell + Switch START_TASK response to an error if the task is active. + + * src/manage.c (start_task): Return 1 if task is active. + + * src/omp.c (omp_xml_handle_end_element): In CLIENT_START_TASK respond + with error if task is active. + + * src/tests/omp_start_task_5.c: New file. + + * src/tests/CMakeLists.txt: Add omp_start_task_5. + +2009-09-01 Matthew Mundell + * src/tasks_sql.h (setup_full_config_prefs): Switch to integers for the option args, to work around sending string literals to `sql'. Update callers. Modified: trunk/openvas-manager/src/manage.c =================================================================== --- trunk/openvas-manager/src/manage.c 2009-09-01 14:01:23 UTC (rev 4806) +++ trunk/openvas-manager/src/manage.c 2009-09-01 15:32:49 UTC (rev 4807) @@ -570,7 +570,8 @@ * * @param[in] task A pointer to the task. * - * @return 0 on success, -1 if out of space in \ref to_server buffer, -2 if the + * @return 0 on success, 1 task is active already, + * -1 if out of space in \ref to_server buffer, -2 if the * task is missing a target, -3 if creating the report fails, -4 target * missing hosts, -5 task missing config, -6 if there's already a task * running in this process. @@ -588,8 +589,10 @@ task_status_t run_status = task_run_status (task); if (run_status == TASK_STATUS_REQUESTED - || run_status == TASK_STATUS_RUNNING) - return 0; + || run_status == TASK_STATUS_RUNNING + || run_status == TASK_STATUS_STOP_REQUESTED + || run_status == TASK_STATUS_DELETE_REQUESTED) + return 1; if (current_server_task) return -6; Modified: trunk/openvas-manager/src/omp.c =================================================================== --- trunk/openvas-manager/src/omp.c 2009-09-01 14:01:23 UTC (rev 4806) +++ trunk/openvas-manager/src/omp.c 2009-09-01 15:32:49 UTC (rev 4807) @@ -4067,6 +4067,11 @@ case 0: SEND_TO_CLIENT_OR_FAIL (XML_OK_REQUESTED ("start_task")); break; + case 1: + SEND_TO_CLIENT_OR_FAIL + (XML_ERROR_SYNTAX ("start_task", + "Task is active already")); + break; case -1: /* to_server is full. */ // FIX or other error Modified: trunk/openvas-manager/src/tests/CMakeLists.txt =================================================================== --- trunk/openvas-manager/src/tests/CMakeLists.txt 2009-09-01 14:01:23 UTC (rev 4806) +++ trunk/openvas-manager/src/tests/CMakeLists.txt 2009-09-01 15:32:49 UTC (rev 4807) @@ -643,6 +643,13 @@ target_link_libraries (omp_start_task_4 common) ADD_TEST (omp_start_task_4 omp_start_task_4) +add_executable (omp_start_task_5 omp_start_task_5.c) +target_link_libraries (omp_start_task_5 string) +set_target_properties (omp_start_task_5 PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") +set_target_properties (omp_start_task_5 PROPERTIES LINK_FLAGS "${OVAS_LDFLAG} ${GLIB_LDFLAGS}") +target_link_libraries (omp_start_task_5 common) +ADD_TEST (omp_start_task_5 omp_start_task_5) + ## Tests of the manager add_executable (read_protocol_0 read_protocol_0.c) Added: trunk/openvas-manager/src/tests/omp_start_task_5.c =================================================================== --- trunk/openvas-manager/src/tests/omp_start_task_5.c 2009-09-01 14:01:23 UTC (rev 4806) +++ trunk/openvas-manager/src/tests/omp_start_task_5.c 2009-09-01 15:32:49 UTC (rev 4807) @@ -0,0 +1,101 @@ +/* Test 5 of OMP START_TASK. + * $Id$ + * Description: Test starting a task that is already running. + * + * Authors: + * Matthew Mundell + * + * Copyright: + * Copyright (C) 2009 Greenbone Networks GmbH + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2, + * or, at your option, any later version as published by the Free + * Software Foundation + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#define TRACE 1 + +#include +#include +#include +#include + +#include "common.h" +#include "../tracef.h" + +int +main () +{ + int socket, ret; + gnutls_session_t session; + char* id; + entity_t entity, expected; + + setup_test (); + + socket = connect_to_manager (&session); + if (socket == -1) return EXIT_FAILURE; + + if (env_authenticate (&session)) goto fail; + + /* Create a task. */ + + if (create_task_from_rc_file (&session, + "new_task_empty_rc", + "Task for omp_start_task_0", + "Test omp_start_task_0 task.", + &id)) + goto fail; + + /* Start the task. */ + + if (start_task (&session, id)) goto delete_fail; + + /* Start the task again. */ + + gchar* msg = g_strdup_printf ("", id); + ret = send_to_manager (&session, msg); + g_free (msg); + if (ret == -1) + goto delete_fail; + + /* Read the response. */ + + entity = NULL; + read_entity (&session, &entity); + + /* Compare response to expected response. */ + + expected = add_entity (NULL, "start_task_response", NULL); + add_attribute (expected, "status", "400"); + add_attribute (expected, "status_text", "Task is active already"); + + if (compare_entities (entity, expected)) + { + free_entity (expected); + free_entity (entity); + delete_fail: + delete_task (&session, id); + free (id); + fail: + close_manager_connection (socket, session); + return EXIT_FAILURE; + } + + free_entity (expected); + free_entity (entity); + delete_task (&session, id); + free (id); + close_manager_connection (socket, session); + return EXIT_SUCCESS; +} From scm-commit at wald.intevation.org Tue Sep 1 22:29:32 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 1 Sep 2009 22:29:32 +0200 (CEST) Subject: [Openvas-commits] r4808 - in trunk/openvas-plugins: . scripts Message-ID: <20090901202932.3510B852F98D@pyrosoma.intevation.org> Author: mime Date: 2009-09-01 22:29:29 +0200 (Tue, 01 Sep 2009) New Revision: 4808 Added: trunk/openvas-plugins/scripts/dnsmasq_version.nasl Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/scripts/bind_version.nasl Log: Added new plugin Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2009-09-01 15:32:49 UTC (rev 4807) +++ trunk/openvas-plugins/ChangeLog 2009-09-01 20:29:29 UTC (rev 4808) @@ -1,3 +1,11 @@ +2009-00-01 Michael Meyer + + * scripts/dnsmasq_version.nasl: + Added new plugin. + + * scripts/bind_version.nasl: + Exit if dnsmasq found. + 2009-08-31 Michael Meyer * scripts/ProSysInfo_tftpdwin_20131.nasl: Modified: trunk/openvas-plugins/scripts/bind_version.nasl =================================================================== --- trunk/openvas-plugins/scripts/bind_version.nasl 2009-09-01 15:32:49 UTC (rev 4807) +++ trunk/openvas-plugins/scripts/bind_version.nasl 2009-09-01 20:29:29 UTC (rev 4808) @@ -37,6 +37,7 @@ script_copyright("This script is Copyright (C) 1999 SecuriTeam"); family = "General"; script_family(family); + script_dependencies("dnsmasq_version.nasl"); exit(0); } @@ -52,6 +53,9 @@ include("misc_func.inc"); +## +# Don't detect dnsmasq as BIND. +if(get_kb_item("dnsmasq/version"))exit(0); # start report off with generic description ... lots of proprietary DNS servers (Cisco, QIP, a bunch more # are all BIND-based... Added: trunk/openvas-plugins/scripts/dnsmasq_version.nasl =================================================================== --- trunk/openvas-plugins/scripts/dnsmasq_version.nasl 2009-09-01 15:32:49 UTC (rev 4807) +++ trunk/openvas-plugins/scripts/dnsmasq_version.nasl 2009-09-01 20:29:29 UTC (rev 4808) @@ -0,0 +1,142 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Detection of Dnsmasq Version +# +# Authors: +# Michael Meyer +# +# Based on bind_version.nasl from Noam Rathaus +# +# Copyright: +# Copyright (c) 2009 Michael Meyer +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + + desc = " Overview: + Dnsmasq, a DNS forwarder is running at this host. + + See also: + http://www.thekelleys.org.uk/dnsmasq/doc.html + + Risk factor : None"; + +if (description) +{ + script_id(100266); + script_version ("1.0"); + script_name("Dnsmasq Detection"); + script_description(desc); + script_summary("Check for the version of Dnsmasq"); + script_category(ACT_GATHER_INFO); + script_family("Service detection"); + script_dependencies("find_service.nes"); + script_copyright("This script is Copyright (C) 2009 Michael Meyer"); + exit(0); +} + +include("global_settings.inc"); +include("misc_func.inc"); + + soctcp53 = 0; + + if(get_port_state(53)) + { + soctcp53 = open_sock_tcp(53); + } + if(!soctcp53){ + if(!(get_udp_port_state(53)))exit(0); + socudp53 = open_sock_udp(53); + soc = socudp53; + offset = 0; + } + else { + soc = soctcp53; + offset = 2; + } + + if (soc) + { + + raw_data = raw_string( + 0x00, 0x0A, 0x01, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x07); + + if(offset)raw_data = raw_string(0x00, 0x1E) + raw_data; + + raw_data = raw_data + "VERSION"; + raw_data = raw_data + raw_string( 0x04 ); + raw_data = raw_data + "BIND"; + raw_data = raw_data + raw_string(0x00, 0x00, 0x10, 0x00, 0x03); + + send(socket:soc, data:raw_data); + result = recv(socket:soc, length:1000); + if (result) + { + if ((result[0+offset] == raw_string(0x00)) && (result[1+offset] == raw_string(0x0A))) + { + if (((result[2+offset] == raw_string(0x85))||(result[2+offset] == raw_string(0x84))) && ((result[3+offset] == raw_string(0x80))||(result[3+offset] == raw_string(0x00)))) + { + if ((result[4+offset] == raw_string(0x00)) && (result[5+offset] == raw_string(0x01))) + { + if ((result[6+offset] == raw_string(0x00)) && (result[7+offset] == raw_string(0x01))) + { + if(result[30+offset]>=0xc0)base=40; + else base=52; + size = ord(result[base+1+offset]); + slen = base + 3 + offset - 1; + if(slen > strlen(result))exit(0); + if (size > 0) + { + hole_data = ""; + for (i = 0; i < size - 1; i = i + 1) + { + hole_data = hole_data + result[base+3+i+offset]; + } + if(offset)proto = "tcp"; + else proto = "udp"; + + if("dnsmasq" >!< hole_data)exit(0); + + hole_data -= string("dnsmasq-"); + + info = string("None\n\nDnsmasq Version '"); + info += hole_data; + info += string("' was detected on the remote Host\n\n"); + + desc = ereg_replace( + string:desc, + pattern:"None$", + replace:info + ); + + set_kb_item(name:"dnsmasq/version",value:hole_data); + if(report_verbosity > 0) { + security_note(port:53, data:desc, protocol:proto); + } + close(soc); + exit(0); + } + } + } + } + } + close(soc); + exit(0); + } + } + +exit(0); Property changes on: trunk/openvas-plugins/scripts/dnsmasq_version.nasl ___________________________________________________________________ Name: svn:keyword + ID From scm-commit at wald.intevation.org Wed Sep 2 01:42:02 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 2 Sep 2009 01:42:02 +0200 (CEST) Subject: [Openvas-commits] r4809 - in trunk/openvas-plugins: . scripts Message-ID: <20090901234202.568C8852F9B6@pyrosoma.intevation.org> Author: timb Date: 2009-09-02 01:41:39 +0200 (Wed, 02 Sep 2009) New Revision: 4809 Added: trunk/openvas-plugins/scripts/microsoft-iis-nlst-stack-overflow.nasl Modified: trunk/openvas-plugins/ChangeLog Log: Added new plugin Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2009-09-01 20:29:29 UTC (rev 4808) +++ trunk/openvas-plugins/ChangeLog 2009-09-01 23:41:39 UTC (rev 4809) @@ -1,3 +1,7 @@ +2009-09-01 Tim Brown + + * scripts/microsoft-iis-nlst-stack-overflow.nasl: Added new plugin. + 2009-00-01 Michael Meyer * scripts/dnsmasq_version.nasl: @@ -204,6 +208,7 @@ Removed english. 2009-08-17 Thomas Reinke + * scripts/deb_1834_2.nasl, scripts/deb_1843_2.nasl, scripts/deb_1844_1.nasl, Added: trunk/openvas-plugins/scripts/microsoft-iis-nlst-stack-overflow.nasl =================================================================== --- trunk/openvas-plugins/scripts/microsoft-iis-nlst-stack-overflow.nasl 2009-09-01 20:29:29 UTC (rev 4808) +++ trunk/openvas-plugins/scripts/microsoft-iis-nlst-stack-overflow.nasl 2009-09-01 23:41:39 UTC (rev 4809) @@ -0,0 +1,91 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Microsoft IIS FTPd NLST stack overflow +# +# Authors: +# Tim Brown +# +# Copyright: +# Copyright (c) 2009 Tim Brown +# Text descriptions are largerly excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +desc = "Microsoft IIS FTPd NLST stack overflow + +The Microsoft IIS FTPd service may be vulnerable to a stack overflow via the NLST command. On Microsoft IIS 5.x this vulnerability can be used to gain remote SYSTEM level access, whilst on IIS 6.x it has been reported to result in a denial of service. Whilst it can be triggered by authenticated users with write access to the FTP server, this check determines whether anonymous users have the write access necessary to trigger it without authentication. + +On the following platforms, we recommend you mitigate in the described manner: +Microsoft IIS 5.x +Microsoft IIS 6.x + +We recommend you mitigate in the following manner: +Filter inbound traffic to 21/tcp to only known management hosts +Consider removing directories writable by anonymous + +Solution: +We are not aware of a vendor approved solution at the current time. + +See also: +http://www.securityfocus.com/bid/36189 + +Risk factor: High"; + +if (description) +{ + script_id(100952); + script_cve_id("CVE-2009-3023"); + name = "Microsoft IIS FTPd NLST stack overflow"; + script_name(name); + script_description(desc); + summary = "Determines whether Microsoft IIS FTPd is accessible and whether anonymous users have write access"; + script_summary(summary); + script_category(ACT_GATHER_INFO); + family = "FTP"; + script_family(family); + copyright = "(c) Tim Brown, 2009"; + script_copyright(copyright); + script_dependencie("find_service.nes", "secpod_ftp_anonymous.nasl", "ftp_writeable_directories.nasl"); + script_require_keys("ftp/writeable_dir"); + script_require_ports("Services/ftp", 21); + exit(0); +} + +include ("ftp_func.inc"); + +port = 21; +if (!get_port_state(port)) +{ + exit(0); +} +if(!get_kb_item("ftp/writeable_dir")) +{ + exit(0); +} +banner = get_ftp_banner(port); +if (!banner) { + exit(0); +} +display(banner); +if ("Microsoft FTP Service (Version 5.0)" >< banner){ + security_hole(port); +} +else +{ + if ("Microsoft FTP Service" >< banner){ + security_warning(port); + } +} From scm-commit at wald.intevation.org Wed Sep 2 04:58:51 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 2 Sep 2009 04:58:51 +0200 (CEST) Subject: [Openvas-commits] r4810 - in trunk/openvas-plugins: . scripts Message-ID: <20090902025851.78E3985C7311@pyrosoma.intevation.org> Author: reinke Date: 2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009) New Revision: 4810 Added: trunk/openvas-plugins/scripts/RHSA_2009_1218.nasl trunk/openvas-plugins/scripts/RHSA_2009_1219.nasl trunk/openvas-plugins/scripts/RHSA_2009_1222.nasl trunk/openvas-plugins/scripts/RHSA_2009_1223.nasl trunk/openvas-plugins/scripts/RHSA_2009_1232.nasl trunk/openvas-plugins/scripts/RHSA_2009_1233.nasl trunk/openvas-plugins/scripts/RHSA_2009_1236.nasl trunk/openvas-plugins/scripts/RHSA_2009_1238.nasl trunk/openvas-plugins/scripts/deb_1833_2.nasl trunk/openvas-plugins/scripts/deb_1862_1.nasl trunk/openvas-plugins/scripts/deb_1863_1.nasl trunk/openvas-plugins/scripts/deb_1864_1.nasl trunk/openvas-plugins/scripts/deb_1865_1.nasl trunk/openvas-plugins/scripts/deb_1866_1.nasl trunk/openvas-plugins/scripts/deb_1867_1.nasl trunk/openvas-plugins/scripts/deb_1868_1.nasl trunk/openvas-plugins/scripts/deb_1869_1.nasl trunk/openvas-plugins/scripts/deb_1870_1.nasl trunk/openvas-plugins/scripts/deb_1871_1.nasl trunk/openvas-plugins/scripts/deb_1871_2.nasl trunk/openvas-plugins/scripts/deb_1872_1.nasl trunk/openvas-plugins/scripts/deb_1873_1.nasl trunk/openvas-plugins/scripts/deb_1874_1.nasl trunk/openvas-plugins/scripts/deb_1875_1.nasl trunk/openvas-plugins/scripts/fcore_2009_7004.nasl trunk/openvas-plugins/scripts/fcore_2009_8270.nasl trunk/openvas-plugins/scripts/fcore_2009_8305.nasl trunk/openvas-plugins/scripts/fcore_2009_8317.nasl trunk/openvas-plugins/scripts/fcore_2009_8324.nasl trunk/openvas-plugins/scripts/fcore_2009_8327.nasl trunk/openvas-plugins/scripts/fcore_2009_8332.nasl trunk/openvas-plugins/scripts/fcore_2009_8340.nasl trunk/openvas-plugins/scripts/fcore_2009_8344.nasl trunk/openvas-plugins/scripts/fcore_2009_8345.nasl trunk/openvas-plugins/scripts/fcore_2009_8350.nasl trunk/openvas-plugins/scripts/fcore_2009_8516.nasl trunk/openvas-plugins/scripts/fcore_2009_8529.nasl trunk/openvas-plugins/scripts/fcore_2009_8535.nasl trunk/openvas-plugins/scripts/fcore_2009_8538.nasl trunk/openvas-plugins/scripts/fcore_2009_8577.nasl trunk/openvas-plugins/scripts/fcore_2009_8580.nasl trunk/openvas-plugins/scripts/fcore_2009_8582.nasl trunk/openvas-plugins/scripts/fcore_2009_8594.nasl trunk/openvas-plugins/scripts/fcore_2009_8595.nasl trunk/openvas-plugins/scripts/fcore_2009_8611.nasl trunk/openvas-plugins/scripts/fcore_2009_8647.nasl trunk/openvas-plugins/scripts/fcore_2009_8649.nasl trunk/openvas-plugins/scripts/fcore_2009_8684.nasl trunk/openvas-plugins/scripts/fcore_2009_8779.nasl trunk/openvas-plugins/scripts/fcore_2009_8789.nasl trunk/openvas-plugins/scripts/fcore_2009_8791.nasl trunk/openvas-plugins/scripts/fcore_2009_8792.nasl trunk/openvas-plugins/scripts/fcore_2009_8794.nasl trunk/openvas-plugins/scripts/fcore_2009_8797.nasl trunk/openvas-plugins/scripts/fcore_2009_8799.nasl trunk/openvas-plugins/scripts/fcore_2009_8800.nasl trunk/openvas-plugins/scripts/fcore_2009_8802.nasl trunk/openvas-plugins/scripts/fcore_2009_8804.nasl trunk/openvas-plugins/scripts/fcore_2009_8812.nasl trunk/openvas-plugins/scripts/fcore_2009_8815.nasl trunk/openvas-plugins/scripts/fcore_2009_8816.nasl trunk/openvas-plugins/scripts/fcore_2009_8819.nasl trunk/openvas-plugins/scripts/fcore_2009_8822.nasl trunk/openvas-plugins/scripts/fcore_2009_8826.nasl trunk/openvas-plugins/scripts/fcore_2009_8868.nasl trunk/openvas-plugins/scripts/fcore_2009_8874.nasl trunk/openvas-plugins/scripts/fcore_2009_8888.nasl trunk/openvas-plugins/scripts/fcore_2009_8897.nasl trunk/openvas-plugins/scripts/fcore_2009_8969.nasl trunk/openvas-plugins/scripts/fcore_2009_9044.nasl trunk/openvas-plugins/scripts/fcore_2009_9095.nasl trunk/openvas-plugins/scripts/fcore_2009_9112.nasl trunk/openvas-plugins/scripts/freebsd_apache15.nasl trunk/openvas-plugins/scripts/freebsd_gnutls4.nasl trunk/openvas-plugins/scripts/freebsd_gnutls5.nasl trunk/openvas-plugins/scripts/freebsd_memcached.nasl trunk/openvas-plugins/scripts/freebsd_pidgin0.nasl trunk/openvas-plugins/scripts/glsa_200908_05.nasl trunk/openvas-plugins/scripts/glsa_200908_06.nasl trunk/openvas-plugins/scripts/glsa_200908_07.nasl trunk/openvas-plugins/scripts/glsa_200908_08.nasl trunk/openvas-plugins/scripts/glsa_200908_09.nasl trunk/openvas-plugins/scripts/glsa_200908_10.nasl trunk/openvas-plugins/scripts/mdksa_2009_202.nasl trunk/openvas-plugins/scripts/mdksa_2009_203.nasl trunk/openvas-plugins/scripts/mdksa_2009_204.nasl trunk/openvas-plugins/scripts/mdksa_2009_205.nasl trunk/openvas-plugins/scripts/mdksa_2009_206.nasl trunk/openvas-plugins/scripts/mdksa_2009_207.nasl trunk/openvas-plugins/scripts/mdksa_2009_208.nasl trunk/openvas-plugins/scripts/mdksa_2009_209.nasl trunk/openvas-plugins/scripts/mdksa_2009_210.nasl trunk/openvas-plugins/scripts/mdksa_2009_211.nasl trunk/openvas-plugins/scripts/mdksa_2009_212.nasl trunk/openvas-plugins/scripts/mdksa_2009_213.nasl trunk/openvas-plugins/scripts/mdksa_2009_214.nasl trunk/openvas-plugins/scripts/mdksa_2009_215.nasl trunk/openvas-plugins/scripts/mdksa_2009_216.nasl trunk/openvas-plugins/scripts/mdksa_2009_217.nasl trunk/openvas-plugins/scripts/mdksa_2009_218.nasl trunk/openvas-plugins/scripts/mdksa_2009_219.nasl trunk/openvas-plugins/scripts/mdksa_2009_220.nasl trunk/openvas-plugins/scripts/mdksa_2009_221.nasl trunk/openvas-plugins/scripts/mdksa_2009_222.nasl trunk/openvas-plugins/scripts/mdksa_2009_223.nasl trunk/openvas-plugins/scripts/mdksa_2009_224.nasl trunk/openvas-plugins/scripts/ovcesa2009_1218.nasl trunk/openvas-plugins/scripts/ovcesa2009_1219.nasl trunk/openvas-plugins/scripts/ovcesa2009_1222.nasl trunk/openvas-plugins/scripts/ovcesa2009_1223.nasl trunk/openvas-plugins/scripts/ovcesa2009_123.nasl trunk/openvas-plugins/scripts/ovcesa2009_1232.nasl trunk/openvas-plugins/scripts/ovcesa2009_1233.nasl trunk/openvas-plugins/scripts/suse_sa_2009_045.nasl trunk/openvas-plugins/scripts/ubuntu_802_2.nasl trunk/openvas-plugins/scripts/ubuntu_809_1.nasl trunk/openvas-plugins/scripts/ubuntu_817_1.nasl trunk/openvas-plugins/scripts/ubuntu_818_1.nasl trunk/openvas-plugins/scripts/ubuntu_820_1.nasl trunk/openvas-plugins/scripts/ubuntu_822_1.nasl trunk/openvas-plugins/scripts/ubuntu_823_1.nasl trunk/openvas-plugins/scripts/ubuntu_824_1.nasl trunk/openvas-plugins/scripts/ubuntu_825_1.nasl trunk/openvas-plugins/scripts/ubuntu_826_1.nasl Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/scripts/ovcesa2009_1209.nasl Log: New scripts added Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/ChangeLog 2009-09-02 02:58:39 UTC (rev 4810) @@ -1,3 +1,131 @@ +2009-09-01 Thomas Reinke + * scripts/deb_1833_2.nasl, + scripts/deb_1862_1.nasl, + scripts/deb_1863_1.nasl, + scripts/deb_1864_1.nasl, + scripts/deb_1865_1.nasl, + scripts/deb_1866_1.nasl, + scripts/deb_1867_1.nasl, + scripts/deb_1868_1.nasl, + scripts/deb_1869_1.nasl, + scripts/deb_1870_1.nasl, + scripts/deb_1871_1.nasl, + scripts/deb_1871_2.nasl, + scripts/deb_1872_1.nasl, + scripts/deb_1873_1.nasl, + scripts/deb_1874_1.nasl, + scripts/deb_1875_1.nasl, + scripts/freebsd_apache15.nasl, + scripts/freebsd_gnutls4.nasl, + scripts/freebsd_gnutls5.nasl, + scripts/freebsd_memcached.nasl, + scripts/freebsd_pidgin0.nasl, + scripts/glsa_200908_05.nasl, + scripts/glsa_200908_06.nasl, + scripts/glsa_200908_07.nasl, + scripts/glsa_200908_08.nasl, + scripts/glsa_200908_09.nasl, + scripts/glsa_200908_10.nasl, + scripts/suse_sa_2009_045.nasl, + scripts/ubuntu_802_2.nasl, + scripts/ubuntu_809_1.nasl, + scripts/ubuntu_817_1.nasl, + scripts/ubuntu_818_1.nasl, + scripts/ubuntu_820_1.nasl, + scripts/ubuntu_822_1.nasl, + scripts/ubuntu_823_1.nasl, + scripts/ubuntu_824_1.nasl, + scripts/ubuntu_825_1.nasl, + scripts/ubuntu_826_1.nasl, + scripts/mdksa_2009_202.nasl, + scripts/mdksa_2009_203.nasl, + scripts/mdksa_2009_204.nasl, + scripts/mdksa_2009_205.nasl, + scripts/mdksa_2009_206.nasl, + scripts/mdksa_2009_207.nasl, + scripts/mdksa_2009_208.nasl, + scripts/mdksa_2009_209.nasl, + scripts/mdksa_2009_210.nasl, + scripts/mdksa_2009_211.nasl, + scripts/mdksa_2009_212.nasl, + scripts/mdksa_2009_213.nasl, + scripts/mdksa_2009_214.nasl, + scripts/mdksa_2009_215.nasl, + scripts/mdksa_2009_216.nasl, + scripts/mdksa_2009_217.nasl, + scripts/mdksa_2009_218.nasl, + scripts/mdksa_2009_219.nasl, + scripts/mdksa_2009_220.nasl, + scripts/mdksa_2009_221.nasl, + scripts/mdksa_2009_222.nasl, + scripts/mdksa_2009_223.nasl, + scripts/mdksa_2009_224.nasl, + scripts/RHSA_2009_1218.nasl, + scripts/RHSA_2009_1219.nasl, + scripts/RHSA_2009_1222.nasl, + scripts/RHSA_2009_1223.nasl, + scripts/RHSA_2009_1232.nasl, + scripts/RHSA_2009_1233.nasl, + scripts/RHSA_2009_1236.nasl, + scripts/RHSA_2009_1238.nasl, + scripts/fcore_2009_7004.nasl, + scripts/fcore_2009_8270.nasl, + scripts/fcore_2009_8305.nasl, + scripts/fcore_2009_8317.nasl, + scripts/fcore_2009_8324.nasl, + scripts/fcore_2009_8327.nasl, + scripts/fcore_2009_8332.nasl, + scripts/fcore_2009_8340.nasl, + scripts/fcore_2009_8344.nasl, + scripts/fcore_2009_8345.nasl, + scripts/fcore_2009_8350.nasl, + scripts/fcore_2009_8516.nasl, + scripts/fcore_2009_8529.nasl, + scripts/fcore_2009_8535.nasl, + scripts/fcore_2009_8538.nasl, + scripts/fcore_2009_8577.nasl, + scripts/fcore_2009_8580.nasl, + scripts/fcore_2009_8582.nasl, + scripts/fcore_2009_8594.nasl, + scripts/fcore_2009_8595.nasl, + scripts/fcore_2009_8611.nasl, + scripts/fcore_2009_8647.nasl, + scripts/fcore_2009_8649.nasl, + scripts/fcore_2009_8684.nasl, + scripts/fcore_2009_8779.nasl, + scripts/fcore_2009_8789.nasl, + scripts/fcore_2009_8791.nasl, + scripts/fcore_2009_8792.nasl, + scripts/fcore_2009_8794.nasl, + scripts/fcore_2009_8797.nasl, + scripts/fcore_2009_8799.nasl, + scripts/fcore_2009_8800.nasl, + scripts/fcore_2009_8802.nasl, + scripts/fcore_2009_8804.nasl, + scripts/fcore_2009_8812.nasl, + scripts/fcore_2009_8815.nasl, + scripts/fcore_2009_8816.nasl, + scripts/fcore_2009_8819.nasl, + scripts/fcore_2009_8822.nasl, + scripts/fcore_2009_8826.nasl, + scripts/fcore_2009_8868.nasl, + scripts/fcore_2009_8874.nasl, + scripts/fcore_2009_8888.nasl, + scripts/fcore_2009_8897.nasl, + scripts/fcore_2009_8969.nasl, + scripts/fcore_2009_9044.nasl, + scripts/fcore_2009_9095.nasl, + scripts/fcore_2009_9112.nasl, + scripts/ovcesa2009_1209.nasl, + scripts/ovcesa2009_1218.nasl, + scripts/ovcesa2009_1219.nasl, + scripts/ovcesa2009_1222.nasl, + scripts/ovcesa2009_1223.nasl, + scripts/ovcesa2009_123.nasl, + scripts/ovcesa2009_1232.nasl, + scripts/ovcesa2009_1233.nasl: + Added new plugins. + 2009-09-01 Tim Brown * scripts/microsoft-iis-nlst-stack-overflow.nasl: Added new plugin. Added: trunk/openvas-plugins/scripts/RHSA_2009_1218.nasl =================================================================== --- trunk/openvas-plugins/scripts/RHSA_2009_1218.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/RHSA_2009_1218.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,155 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory RHSA-2009:1218 () +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64666); + script_cve_id("CVE-2009-2694"); + script_version ("$"); + script_name("RedHat Security Advisory RHSA-2009:1218"); + + desc = " +The remote host is missing updates announced in +advisory RHSA-2009:1218. + +Pidgin is an instant messaging program which can log in to multiple +accounts on multiple instant messaging networks simultaneously. + +Federico Muttis of Core Security Technologies discovered a flaw in Pidgin's +MSN protocol handler. If a user received a malicious MSN message, it was +possible to execute arbitrary code with the permissions of the user running +Pidgin. (CVE-2009-2694) + +Note: Users can change their privacy settings to only allow messages from +users on their buddy list to limit the impact of this flaw. + +These packages upgrade Pidgin to version 2.5.9. Refer to the Pidgin release +notes for a full list of changes: http://developer.pidgin.im/wiki/ChangeLog + +All Pidgin users should upgrade to these updated packages, which resolve +this issue. Pidgin must be restarted for this update to take effect. + +Solution: +Please note that this update is available via +Red Hat Network. To use Red Hat Network, launch the Red +Hat Update Agent with the following command: up2date + +http://rhn.redhat.com/errata/RHSA-2009-1218.html +http://www.redhat.com/security/updates/classification/#critical + +Risk factor : High"; + + script_description(desc); + + script_summary("Redhat Security Advisory RHSA-2009:1218"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Red Hat Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"pidgin", rpm:"pidgin~1.5.1~4.el3", rls:"RHENT_3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin-debuginfo", rpm:"pidgin-debuginfo~1.5.1~4.el3", rls:"RHENT_3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"finch", rpm:"finch~2.5.9~1.el4", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"finch-devel", rpm:"finch-devel~2.5.9~1.el4", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple", rpm:"libpurple~2.5.9~1.el4", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple-devel", rpm:"libpurple-devel~2.5.9~1.el4", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple-perl", rpm:"libpurple-perl~2.5.9~1.el4", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple-tcl", rpm:"libpurple-tcl~2.5.9~1.el4", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin", rpm:"pidgin~2.5.9~1.el4", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin-debuginfo", rpm:"pidgin-debuginfo~2.5.9~1.el4", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin-devel", rpm:"pidgin-devel~2.5.9~1.el4", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin-perl", rpm:"pidgin-perl~2.5.9~1.el4", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"finch", rpm:"finch~2.5.9~1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple", rpm:"libpurple~2.5.9~1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple-perl", rpm:"libpurple-perl~2.5.9~1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple-tcl", rpm:"libpurple-tcl~2.5.9~1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin", rpm:"pidgin~2.5.9~1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin-debuginfo", rpm:"pidgin-debuginfo~2.5.9~1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin-perl", rpm:"pidgin-perl~2.5.9~1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"finch-devel", rpm:"finch-devel~2.5.9~1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple-devel", rpm:"libpurple-devel~2.5.9~1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin-devel", rpm:"pidgin-devel~2.5.9~1.el5", rls:"RHENT_5")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/RHSA_2009_1219.nasl =================================================================== --- trunk/openvas-plugins/scripts/RHSA_2009_1219.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/RHSA_2009_1219.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,115 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory RHSA-2009:1219 () +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64667); + script_cve_id("CVE-2009-2663"); + script_version ("$"); + script_name("RedHat Security Advisory RHSA-2009:1219"); + + desc = " +The remote host is missing updates announced in +advisory RHSA-2009:1219. + +The libvorbis packages contain runtime libraries for use in programs that +support Ogg Vorbis. Ogg Vorbis is a fully open, non-proprietary, patent-and +royalty-free, general-purpose compressed audio format. + +An insufficient input validation flaw was found in the way libvorbis +processes the codec file headers (static mode headers and encoding books) +of the Ogg Vorbis audio file format (Ogg). A remote attacker could provide +a specially-crafted Ogg file that would cause a denial of service (memory +corruption and application crash) or, potentially, execute arbitrary code +with the privileges of an application using the libvorbis library when +opened by a victim. (CVE-2009-2663) + +Users of libvorbis should upgrade to these updated packages, which contain +a backported patch to correct this issue. The desktop must be restarted +(log out, then log back in) for this update to take effect. + +Solution: +Please note that this update is available via +Red Hat Network. To use Red Hat Network, launch the Red +Hat Update Agent with the following command: up2date + +http://rhn.redhat.com/errata/RHSA-2009-1219.html +http://www.redhat.com/security/updates/classification/#important + +Risk factor : High"; + + script_description(desc); + + script_summary("Redhat Security Advisory RHSA-2009:1219"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Red Hat Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"libvorbis", rpm:"libvorbis~1.0~11.el3", rls:"RHENT_3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libvorbis-debuginfo", rpm:"libvorbis-debuginfo~1.0~11.el3", rls:"RHENT_3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libvorbis-devel", rpm:"libvorbis-devel~1.0~11.el3", rls:"RHENT_3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libvorbis", rpm:"libvorbis~1.1.0~3.el4_8.2", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libvorbis-debuginfo", rpm:"libvorbis-debuginfo~1.1.0~3.el4_8.2", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libvorbis-devel", rpm:"libvorbis-devel~1.1.0~3.el4_8.2", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libvorbis", rpm:"libvorbis~1.1.2~3.el5_3.3", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libvorbis-debuginfo", rpm:"libvorbis-debuginfo~1.1.2~3.el5_3.3", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libvorbis-devel", rpm:"libvorbis-devel~1.1.2~3.el5_3.3", rls:"RHENT_5")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/RHSA_2009_1222.nasl =================================================================== --- trunk/openvas-plugins/scripts/RHSA_2009_1222.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/RHSA_2009_1222.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,155 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory RHSA-2009:1222 () +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64668); + script_cve_id("CVE-2009-2692", "CVE-2009-2698"); + script_version ("$"); + script_name("RedHat Security Advisory RHSA-2009:1222"); + + desc = " +The remote host is missing updates announced in +advisory RHSA-2009:1222. + +The kernel packages contain the Linux kernel, the core of any Linux +operating system. + +These updated packages fix the following security issues: + +* a flaw was found in the SOCKOPS_WRAP macro in the Linux kernel. This +macro did not initialize the sendpage operation in the proto_ops structure +correctly. A local, unprivileged user could use this flaw to cause a local +denial of service or escalate their privileges. (CVE-2009-2692, Important) + +* a flaw was found in the udp_sendmsg() implementation in the Linux kernel +when using the MSG_MORE flag on UDP sockets. A local, unprivileged user +could use this flaw to cause a local denial of service or escalate their +privileges. (CVE-2009-2698, Important) + +Red Hat would like to thank Tavis Ormandy and Julien Tinnes of the Google +Security Team for responsibly reporting these flaws. + +These updated packages also fix the following bug: + +* in the dlm code, a socket was allocated in tcp_connect_to_sock(), but was +not freed in the error exit path. This bug led to a memory leak and an +unresponsive system. A reported case of this bug occurred after running +cman_tool kill -n [nodename]. (BZ#515432) + +Users should upgrade to these updated packages, which contain backported +patches to correct these issues. The system must be rebooted for this +update to take effect. + +Solution: +Please note that this update is available via +Red Hat Network. To use Red Hat Network, launch the Red +Hat Update Agent with the following command: up2date + +http://rhn.redhat.com/errata/RHSA-2009-1222.html +http://www.redhat.com/security/updates/classification/#important + +Risk factor : High"; + + script_description(desc); + + script_summary("Redhat Security Advisory RHSA-2009:1222"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Red Hat Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.18~128.7.1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE", rpm:"kernel-PAE~2.6.18~128.7.1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE-debuginfo", rpm:"kernel-PAE-debuginfo~2.6.18~128.7.1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE-devel", rpm:"kernel-PAE-devel~2.6.18~128.7.1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.18~128.7.1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.18~128.7.1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.18~128.7.1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.6.18~128.7.1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~2.6.18~128.7.1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.18~128.7.1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.18~128.7.1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.18~128.7.1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-xen-debuginfo", rpm:"kernel-xen-debuginfo~2.6.18~128.7.1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-xen-devel", rpm:"kernel-xen-devel~2.6.18~128.7.1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.18~128.7.1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-kdump", rpm:"kernel-kdump~2.6.18~128.7.1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-kdump-debuginfo", rpm:"kernel-kdump-debuginfo~2.6.18~128.7.1.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-kdump-devel", rpm:"kernel-kdump-devel~2.6.18~128.7.1.el5", rls:"RHENT_5")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/RHSA_2009_1223.nasl =================================================================== --- trunk/openvas-plugins/scripts/RHSA_2009_1223.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/RHSA_2009_1223.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,130 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory RHSA-2009:1223 () +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64669); + script_cve_id("CVE-2009-2692", "CVE-2009-2698"); + script_version ("$"); + script_name("RedHat Security Advisory RHSA-2009:1223"); + + desc = " +The remote host is missing updates announced in +advisory RHSA-2009:1223. + +The kernel packages contain the Linux kernel, the core of any Linux +operating system. + +These updated packages fix the following security issues: + +* a flaw was found in the SOCKOPS_WRAP macro in the Linux kernel. This +macro did not initialize the sendpage operation in the proto_ops structure +correctly. A local, unprivileged user could use this flaw to cause a local +denial of service or escalate their privileges. (CVE-2009-2692, Important) + +* a flaw was found in the udp_sendmsg() implementation in the Linux kernel +when using the MSG_MORE flag on UDP sockets. A local, unprivileged user +could use this flaw to cause a local denial of service or escalate their +privileges. (CVE-2009-2698, Important) + +Red Hat would like to thank Tavis Ormandy and Julien Tinnes of the Google +Security Team for responsibly reporting these flaws. + +Users should upgrade to these updated packages, which contain backported +patches to correct these issues. The system must be rebooted for this +update to take effect. + +Solution: +Please note that this update is available via +Red Hat Network. To use Red Hat Network, launch the Red +Hat Update Agent with the following command: up2date + +http://rhn.redhat.com/errata/RHSA-2009-1223.html +http://www.redhat.com/security/updates/classification/#important + +Risk factor : High"; + + script_description(desc); + + script_summary("Redhat Security Advisory RHSA-2009:1223"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Red Hat Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.9~89.0.9.EL", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.6.9~89.0.9.EL", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.9~89.0.9.EL", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-hugemem", rpm:"kernel-hugemem~2.6.9~89.0.9.EL", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-hugemem-devel", rpm:"kernel-hugemem-devel~2.6.9~89.0.9.EL", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.6.9~89.0.9.EL", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp-devel", rpm:"kernel-smp-devel~2.6.9~89.0.9.EL", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-xenU", rpm:"kernel-xenU~2.6.9~89.0.9.EL", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-xenU-devel", rpm:"kernel-xenU-devel~2.6.9~89.0.9.EL", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-largesmp", rpm:"kernel-largesmp~2.6.9~89.0.9.EL", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-largesmp-devel", rpm:"kernel-largesmp-devel~2.6.9~89.0.9.EL", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.9~89.0.9.EL", rls:"RHENT_4")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/RHSA_2009_1232.nasl =================================================================== --- trunk/openvas-plugins/scripts/RHSA_2009_1232.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/RHSA_2009_1232.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,106 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory RHSA-2009:1232 () +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64670); + script_cve_id("CVE-2009-2730"); + script_version ("$"); + script_name("RedHat Security Advisory RHSA-2009:1232"); + + desc = " +The remote host is missing updates announced in +advisory RHSA-2009:1232. + +The GnuTLS library provides support for cryptographic algorithms and for +protocols such as Transport Layer Security (TLS). + +A flaw was discovered in the way GnuTLS handles NULL characters in certain +fields of X.509 certificates. If an attacker is able to get a +carefully-crafted certificate signed by a Certificate Authority trusted by +an application using GnuTLS, the attacker could use the certificate during +a man-in-the-middle attack and potentially confuse the application into +accepting it by mistake. (CVE-2009-2730) + +Users of GnuTLS are advised to upgrade to these updated packages, which +contain a backported patch that corrects this issue. + +Solution: +Please note that this update is available via +Red Hat Network. To use Red Hat Network, launch the Red +Hat Update Agent with the following command: up2date + +http://rhn.redhat.com/errata/RHSA-2009-1232.html +http://www.redhat.com/security/updates/classification/#moderate + +Risk factor : Medium"; + + script_description(desc); + + script_summary("Redhat Security Advisory RHSA-2009:1232"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Red Hat Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"gnutls", rpm:"gnutls~1.0.20~4.el4_8.3", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnutls-debuginfo", rpm:"gnutls-debuginfo~1.0.20~4.el4_8.3", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnutls-devel", rpm:"gnutls-devel~1.0.20~4.el4_8.3", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnutls", rpm:"gnutls~1.4.1~3.el5_3.5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnutls-debuginfo", rpm:"gnutls-debuginfo~1.4.1~3.el5_3.5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnutls-utils", rpm:"gnutls-utils~1.4.1~3.el5_3.5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnutls-devel", rpm:"gnutls-devel~1.4.1~3.el5_3.5", rls:"RHENT_5")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/RHSA_2009_1233.nasl =================================================================== --- trunk/openvas-plugins/scripts/RHSA_2009_1233.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/RHSA_2009_1233.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,124 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory RHSA-2009:1233 () +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64671); + script_cve_id("CVE-2009-2692", "CVE-2009-2698"); + script_version ("$"); + script_name("RedHat Security Advisory RHSA-2009:1233"); + + desc = " +The remote host is missing updates announced in +advisory RHSA-2009:1233. + +The kernel packages contain the Linux kernel, the core of any Linux +operating system. + +These updated packages fix the following security issues: + +* a flaw was found in the SOCKOPS_WRAP macro in the Linux kernel. This +macro did not initialize the sendpage operation in the proto_ops structure +correctly. A local, unprivileged user could use this flaw to cause a local +denial of service or escalate their privileges. (CVE-2009-2692, Important) + +* a flaw was found in the udp_sendmsg() implementation in the Linux kernel +when using the MSG_MORE flag on UDP sockets. A local, unprivileged user +could use this flaw to cause a local denial of service or escalate their +privileges. (CVE-2009-2698, Important) + +Red Hat would like to thank Tavis Ormandy and Julien Tinnes of the Google +Security Team for responsibly reporting these flaws. + +All Red Hat Enterprise Linux 3 users should upgrade to these updated +packages, which contain backported patches to resolve these issues. The +system must be rebooted for this update to take effect. + +Solution: +Please note that this update is available via +Red Hat Network. To use Red Hat Network, launch the Red +Hat Update Agent with the following command: up2date + +http://rhn.redhat.com/errata/RHSA-2009-1233.html +http://www.redhat.com/security/updates/classification/#important + +Risk factor : High"; + + script_description(desc); + + script_summary("Redhat Security Advisory RHSA-2009:1233"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Red Hat Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.4.21~60.EL", rls:"RHENT_3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-BOOT", rpm:"kernel-BOOT~2.4.21~60.EL", rls:"RHENT_3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.4.21~60.EL", rls:"RHENT_3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.4.21~60.EL", rls:"RHENT_3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-hugemem", rpm:"kernel-hugemem~2.4.21~60.EL", rls:"RHENT_3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-hugemem-unsupported", rpm:"kernel-hugemem-unsupported~2.4.21~60.EL", rls:"RHENT_3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.4.21~60.EL", rls:"RHENT_3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp-unsupported", rpm:"kernel-smp-unsupported~2.4.21~60.EL", rls:"RHENT_3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-source", rpm:"kernel-source~2.4.21~60.EL", rls:"RHENT_3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-unsupported", rpm:"kernel-unsupported~2.4.21~60.EL", rls:"RHENT_3")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/RHSA_2009_1236.nasl =================================================================== --- trunk/openvas-plugins/scripts/RHSA_2009_1236.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/RHSA_2009_1236.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,139 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory RHSA-2009:1236 () +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64672); + script_cve_id("CVE-2009-2625", "CVE-2009-2670", "CVE-2009-2671", "CVE-2009-2672", "CVE-2009-2673", "CVE-2009-2675"); + script_version ("$"); + script_name("RedHat Security Advisory RHSA-2009:1236"); + + desc = " +The remote host is missing updates announced in +advisory RHSA-2009:1236. + +The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and +the IBM Java 2 Software Development Kit. + +This update fixes several vulnerabilities in the IBM Java 2 Runtime +Environment and the IBM Java 2 Software Development Kit. These +vulnerabilities are summarized on the IBM Security alerts page listed in +the References section. (CVE-2009-2625, CVE-2009-2670, CVE-2009-2671, +CVE-2009-2672, CVE-2009-2673, CVE-2009-2675) + +All users of java-1.5.0-ibm are advised to upgrade to these updated +packages, containing the IBM 1.5.0 SR10 Java release. All running instances +of IBM Java must be restarted for this update to take effect. + +Note: The packages included in this update are identical to the packages +made available by RHEA-2009:1208 and RHEA-2009:1210 on the 13th of +August 2009. These packages are being reissued as a Red Hat Security +Advisory as they fixed a number of security issues that were not made +public until after those errata were released. Since the packages are +identical, there is no need to install this update if RHEA-2009:1208 or +RHEA-2009:1210 has already been installed. + +Solution: +Please note that this update is available via +Red Hat Network. To use Red Hat Network, launch the Red +Hat Update Agent with the following command: up2date + +http://rhn.redhat.com/errata/RHSA-2009-1236.html +http://www.redhat.com/security/updates/classification/#critical +http://www.ibm.com/developerworks/java/jdk/alerts/ + +Risk factor : High"; + + script_description(desc); + + script_summary("Redhat Security Advisory RHSA-2009:1236"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Red Hat Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"java-1.5.0-ibm", rpm:"java-1.5.0-ibm~1.5.0.10~1jpp.4.el4", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.5.0-ibm-demo", rpm:"java-1.5.0-ibm-demo~1.5.0.10~1jpp.4.el4", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.5.0-ibm-devel", rpm:"java-1.5.0-ibm-devel~1.5.0.10~1jpp.4.el4", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.5.0-ibm-javacomm", rpm:"java-1.5.0-ibm-javacomm~1.5.0.10~1jpp.4.el4", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.5.0-ibm-jdbc", rpm:"java-1.5.0-ibm-jdbc~1.5.0.10~1jpp.4.el4", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.5.0-ibm-plugin", rpm:"java-1.5.0-ibm-plugin~1.5.0.10~1jpp.4.el4", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.5.0-ibm-src", rpm:"java-1.5.0-ibm-src~1.5.0.10~1jpp.4.el4", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.5.0-ibm", rpm:"java-1.5.0-ibm~1.5.0.10~1jpp.4.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.5.0-ibm-accessibility", rpm:"java-1.5.0-ibm-accessibility~1.5.0.10~1jpp.4.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.5.0-ibm-demo", rpm:"java-1.5.0-ibm-demo~1.5.0.10~1jpp.4.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.5.0-ibm-devel", rpm:"java-1.5.0-ibm-devel~1.5.0.10~1jpp.4.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.5.0-ibm-javacomm", rpm:"java-1.5.0-ibm-javacomm~1.5.0.10~1jpp.4.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.5.0-ibm-jdbc", rpm:"java-1.5.0-ibm-jdbc~1.5.0.10~1jpp.4.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.5.0-ibm-plugin", rpm:"java-1.5.0-ibm-plugin~1.5.0.10~1jpp.4.el5", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.5.0-ibm-src", rpm:"java-1.5.0-ibm-src~1.5.0.10~1jpp.4.el5", rls:"RHENT_5")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/RHSA_2009_1238.nasl =================================================================== --- trunk/openvas-plugins/scripts/RHSA_2009_1238.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/RHSA_2009_1238.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,104 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory RHSA-2009:1238 () +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64673); + script_cve_id("CVE-2009-2957", "CVE-2009-2958"); + script_version ("$"); + script_name("RedHat Security Advisory RHSA-2009:1238"); + + desc = " +The remote host is missing updates announced in +advisory RHSA-2009:1238. + +Dnsmasq is a lightweight and easy to configure DNS forwarder and DHCP +server. + +Core Security Technologies discovered a heap overflow flaw in dnsmasq when +the TFTP service is enabled (the --enable-tftp command line option, or by +enabling enable-tftp in /etc/dnsmasq.conf). If the configured tftp-root +is sufficiently long, and a remote user sends a request that sends a long +file name, dnsmasq could crash or, possibly, execute arbitrary code with +the privileges of the dnsmasq service (usually the unprivileged nobody +user). (CVE-2009-2957) + +A NULL pointer dereference flaw was discovered in dnsmasq when the TFTP +service is enabled. This flaw could allow a malicious TFTP client to crash +the dnsmasq service. (CVE-2009-2958) + +Note: The default tftp-root is /var/ftpd, which is short enough to make +it difficult to exploit the CVE-2009-2957 issue; if a longer directory name +is used, arbitrary code execution may be possible. As well, the dnsmasq +package distributed by Red Hat does not have TFTP support enabled by +default. + +All users of dnsmasq should upgrade to this updated package, which contains +a backported patch to correct these issues. After installing the updated +package, the dnsmasq service must be restarted for the update to take +effect. + +Solution: +Please note that this update is available via +Red Hat Network. To use Red Hat Network, launch the Red +Hat Update Agent with the following command: up2date + +http://rhn.redhat.com/errata/RHSA-2009-1238.html +http://www.redhat.com/security/updates/classification/#important + +Risk factor : High"; + + script_description(desc); + + script_summary("Redhat Security Advisory RHSA-2009:1238"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Red Hat Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"dnsmasq", rpm:"dnsmasq~2.45~1.1.el5_3", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"dnsmasq-debuginfo", rpm:"dnsmasq-debuginfo~2.45~1.1.el5_3", rls:"RHENT_5")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1833_2.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1833_2.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/deb_1833_2.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,112 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1833-2 (dhcp3) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64756); + script_cve_id("CVE-2009-0692", "CVE-2009-1892"); + script_version ("$"); + script_name("Debian Security Advisory DSA 1833-2 (dhcp3)"); + + desc = " +The remote host is missing an update to dhcp3 +announced via advisory DSA 1833-2. + +The previous dhcp3 update (DSA-1833-1) did not properly apply the +required changes to the stable (lenny) version. The old stable (etch) +version is not affected by this problem. + +The original advisory description follows. + +Several remote vulnerabilities have been discovered in ISC's DHCP +implementation: + +It was discovered that dhclient does not properly handle overlong +subnet mask options, leading to a stack-based buffer overflow and +possible arbitrary code execution. (CVE-2009-0692) + +Christoph Biedl discovered that the DHCP server may terminate when +receiving certain well-formed DHCP requests, provided that the server +configuration mixes host definitions using dhcp-client-identifier +and hardware ethernet. This vulnerability only affects the lenny +versions of dhcp3-server and dhcp3-server-ldap. (CVE-2009-1892) + +For the stable distribution (lenny), this problem has been fixed in +version 3.1.1-6+lenny3. + +We recommend that you upgrade your dhcp3 packages. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201833-2 + +Risk factor : High"; + + script_description(desc); + + script_summary("Debian Security Advisory DSA 1833-2 (dhcp3)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Debian Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"dhcp-client", ver:"3.1.1-6+lenny3", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"dhcp3-dev", ver:"3.1.1-6+lenny3", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"dhcp3-server-ldap", ver:"3.1.1-6+lenny3", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"dhcp3-client", ver:"3.1.1-6+lenny3", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"dhcp3-server", ver:"3.1.1-6+lenny3", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"dhcp3-relay", ver:"3.1.1-6+lenny3", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"dhcp3-common", ver:"3.1.1-6+lenny3", rls:"DEB5.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1862_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1862_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/deb_1862_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,365 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1862-1 (linux-2.6) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64745); + script_cve_id("CVE-2009-2692"); + script_version ("$"); + script_name("Debian Security Advisory DSA 1862-1 (linux-2.6)"); + + desc = " +The remote host is missing an update to linux-2.6 +announced via advisory DSA 1862-1. + +A vulnerability has been discovered in the Linux kernel that may lead +to privilege escalation. The Common Vulnerabilities and Exposures project +identifies the following problem: + +CVE-2009-2692 + +Tavis Ormandy and Julien Tinnes discovered an issue with how the +sendpage function is initialized in the proto_ops structure. +Local users can exploit this vulnerability to gain elevated +privileges. + +For the stable distribution (lenny), this problem has been fixed in +version 2.6.26-17lenny2. + +For the oldstable distribution (etch), this problem will be fixed in +updates to linux-2.6 and linux-2.6.24. + +We recommend that you upgrade your linux-2.6 and user-mode-linux + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201862-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Debian Security Advisory DSA 1862-1 (linux-2.6)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Debian Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"linux-source-2.6.26", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-manual-2.6.26", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-tree-2.6.26", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-doc-2.6.26", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-patch-debian-2.6.26", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-support-2.6.26-2", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-alpha-smp", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-alpha-smp", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-alpha-legacy", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-libc-dev", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-alpha-generic", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-alpha-legacy", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-alpha-generic", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-all-alpha", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-all", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-common", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-openvz-amd64", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-amd64", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-all-amd64", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-common-xen", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"xen-linux-system-2.6.26-2-xen-amd64", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-amd64", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-common-vserver", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-xen-amd64", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-common-openvz", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-vserver-amd64", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-vserver-amd64", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-xen-amd64", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-modules-2.6.26-2-xen-amd64", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-openvz-amd64", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-orion5x", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-ixp4xx", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-all-armel", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-iop32x", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-iop32x", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-versatile", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-orion5x", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-ixp4xx", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-versatile", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-parisc", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-parisc-smp", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-parisc", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-parisc64", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-all-hppa", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-parisc64", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-parisc64-smp", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-parisc64-smp", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-parisc-smp", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-openvz-686", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-686-bigmem", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-openvz-686", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-vserver-686-bigmem", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-vserver-686", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-vserver-686", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"xen-linux-system-2.6.26-2-xen-686", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-686-bigmem", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-686", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-486", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-all-i386", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-xen-686", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-vserver-686-bigmem", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-486", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-686", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-xen-686", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-modules-2.6.26-2-xen-686", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-vserver-mckinley", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-vserver-mckinley", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-itanium", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-all-ia64", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-vserver-itanium", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-itanium", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-vserver-itanium", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-mckinley", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-mckinley", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-vserver-powerpc64", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-powerpc-smp", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-powerpc-smp", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-powerpc64", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-powerpc", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-powerpc", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-vserver-powerpc", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-vserver-powerpc", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-vserver-powerpc64", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-all-powerpc", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-powerpc64", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-s390x", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-vserver-s390x", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-s390", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-s390", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-s390x", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-s390-tape", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.26-2-vserver-s390x", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.26-2-all-s390", ver:"2.6.26-17lenny2", rls:"DEB5.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1863_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1863_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/deb_1863_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,116 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1863-1 (zope2.10/zope2.9) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64746); + script_cve_id("CVE-2009-0668", "CVE-2009-0669"); + script_version ("$"); + script_name("Debian Security Advisory DSA 1863-1 (zope2.10/zope2.9)"); + + desc = " +The remote host is missing an update to zope2.10/zope2.9 +announced via advisory DSA 1863-1. + +Several remote vulnerabilities have been discovered in the zope, +a feature-rich web application server written in python, that could +lead to arbitrary code execution in the worst case. The Common +Vulnerabilities and Exposures project identified the following problems: + +Due to a programming error an authorization method in the StorageServer +component of ZEO was not used as an internal method. This allows a +malicious client to bypass authentication when connecting to a ZEO server +by simply calling this authorization method (CVE-2009-0668). + +The ZEO server doesn't restrict the callables when unpickling data received +from a malicious client which can be used by an attacker to execute +arbitrary python code on the server by sending certain exception pickles. +This also allows an attacker to import any importable module as ZEO is +importing the module containing a callable specified in a pickle to test +for a certain flag (CVE-2009-0668). + +The update also limits the number of new object ids a client can request +to 100 as it would be possible to consume huge amounts of resources by +requesting a big batch of new object ids. No CVE id has been assigned to +this. + + +The oldstable distribution (etch), this problem has been fixed in +version 2.9.6-4etch2 of zope2.9. + +For the stable distribution (lenny), this problem has been fixed in +version 2.10.6-1+lenny1 of zope2.10. + +For the testing distribution (squeeze), this problem will be fixed soon. + +For the unstable distribution (sid), this problem has been fixed in +version 2.10.9-1 of zope2.10. + + +We recommend that you upgrade your zope2.10/zope2.9 packages. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201863-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Debian Security Advisory DSA 1863-1 (zope2.10/zope2.9)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Debian Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"zope2.9-sandbox", ver:"2.9.6-4etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"zope2.9", ver:"2.9.6-4etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"zope2.10-sandbox", ver:"2.10.6-1+lenny1", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"zope2.10", ver:"2.10.6-1+lenny1", rls:"DEB5.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1864_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1864_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/deb_1864_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,308 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1864-1 (linux-2.6.24) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64747); + script_cve_id("CVE-2009-2692"); + script_version ("$"); + script_name("Debian Security Advisory DSA 1864-1 (linux-2.6.24)"); + + desc = " +The remote host is missing an update to linux-2.6.24 +announced via advisory DSA 1864-1. + +A vulnerability has been discovered in the Linux kernel that may lead +to privilege escalation. The Common Vulnerabilities and Exposures +project identifies the following problem: + +CVE-2009-2692 + +Tavis Ormandy and Julien Tinnes discovered an issue with how the +sendpage function is initialized in the proto_ops structure. +Local users can exploit this vulnerability to gain elevated +privileges. + +For the oldstable distribution (etch), this problem has been fixed in +version 2.6.24-6~etchnhalf.8etch3. + +We recommend that you upgrade your linux-2.6.24 packages. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201864-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Debian Security Advisory DSA 1864-1 (linux-2.6.24)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Debian Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"linux-support-2.6.24-etchnhalf.1", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-patch-debian-2.6.24", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-manual-2.6.24", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-source-2.6.24", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-tree-2.6.24", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-doc-2.6.24", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-all-alpha", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-alpha-smp", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-alpha-generic", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-common", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-all", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-alpha-legacy", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-alpha-smp", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-alpha-generic", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-alpha-legacy", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-all-amd64", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-amd64", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-amd64", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-parisc", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-parisc64-smp", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-parisc-smp", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-parisc-smp", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-parisc64-smp", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-parisc64", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-parisc", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-all-hppa", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-parisc64", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-686", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-486", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-486", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-all-i386", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-686-bigmem", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-686-bigmem", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-686", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-mckinley", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-mckinley", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-itanium", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-itanium", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-all-ia64", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-r4k-ip22", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-r4k-ip22", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-5kc-malta", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-4kc-malta", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-all-mips", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-r5k-ip32", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-4kc-malta", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-r5k-ip32", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-5kc-malta", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-r5k-cobalt", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-r5k-cobalt", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-all-mipsel", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-powerpc", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-powerpc-smp", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-powerpc", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-powerpc64", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-all-powerpc", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-powerpc64", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-powerpc-smp", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-powerpc-miboot", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-powerpc-miboot", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-s390x", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-s390x", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-s390", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-s390", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-s390-tape", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-all-s390", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-all-sparc", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-sparc64", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.24-etchnhalf.1-sparc64-smp", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-sparc64", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.24-etchnhalf.1-sparc64-smp", ver:"2.6.24-6~etchnhalf.8etch3", rls:"DEB4.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1865_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1865_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/deb_1865_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,452 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1865-1 (linux-2.6) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64748); + script_cve_id("CVE-2009-1385", "CVE-2009-1389", "CVE-2009-1630", "CVE-2009-1633", "CVE-2009-2692"); + script_version ("$"); + script_name("Debian Security Advisory DSA 1865-1 (linux-2.6)"); + + desc = " +The remote host is missing an update to linux-2.6 +announced via advisory DSA 1865-1. + +Several vulnerabilities have been discovered in the Linux kernel that +may lead to denial of service or privilege escalation. The Common +Vulnerabilities and Exposures project identifies the following +problems: + +CVE-2009-1385 + +Neil Horman discovered a missing fix from the e1000 network +driver. A remote user may cause a denial of service by way of a +kernel panic triggered by specially crafted frame sizes. + +CVE-2009-1389 + +Michael Tokarev discovered an issue in the r8169 network driver. +Remote users on the same LAN may cause a denial of service by way +of a kernel panic triggered by receiving a large size frame. + +CVE-2009-1630 + +Frank Filz discovered that local users may be able to execute +files without execute permission when accessed via an nfs4 mount. + +CVE-2009-1633 + +Jeff Layton and Suresh Jayaraman fixed several buffer overflows in +the CIFS filesystem which allow remote servers to cause memory +corruption. + +CVE-2009-2692 + +Tavis Ormandy and Julien Tinnes discovered an issue with how the +sendpage function is initialized in the proto_ops structure. +Local users can exploit this vulnerability to gain elevated +privileges. + +For the oldstable distribution (etch), this problem has been fixed in +version 2.6.18.dfsg.1-24etch3. + +We recommend that you upgrade your linux-2.6, fai-kernels, and + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201865-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Debian Security Advisory DSA 1865-1 (linux-2.6)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Debian Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"linux-patch-debian-2.6.18", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-tree-2.6.18", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-doc-2.6.18", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-support-2.6.18-6", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-manual-2.6.18", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-source-2.6.18", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-alpha-legacy", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-alpha", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-alpha-legacy", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-alpha-smp", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-alpha-smp", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-alpha", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-alpha", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-alpha-generic", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-alpha-generic", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-modules-2.6.18-6-xen-vserver-amd64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-amd64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-amd64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-modules-2.6.18-6-xen-amd64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-xen-vserver-amd64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-amd64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-xen-amd64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"xen-linux-system-2.6.18-6-xen-vserver-amd64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-xen-amd64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-xen-vserver-amd64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"xen-linux-system-2.6.18-6-xen-amd64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-xen-vserver", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-amd64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-xen", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-amd64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"fai-kernels", ver:"1.17+etch.24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-hppa", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-parisc64-smp", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-parisc64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-parisc-smp", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-parisc", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-parisc", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-parisc64-smp", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-parisc64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-parisc-smp", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-k7", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-xen-686", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-xen-vserver-686", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-686", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-xen-686", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"xen-linux-system-2.6.18-6-xen-vserver-686", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-xen-vserver-686", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-i386", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-686", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-686-bigmem", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-486", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"xen-linux-system-2.6.18-6-xen-686", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-486", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-k7", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-686-bigmem", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-modules-2.6.18-6-xen-vserver-686", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-modules-2.6.18-6-xen-686", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-686", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-686", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-k7", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-k7", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"user-mode-linux", ver:"2.6.18-1um-2etch.24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-itanium", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-mckinley", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-mckinley", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-ia64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-itanium", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-r5k-cobalt", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-mipsel", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-sb1-bcm91250a", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-sb1-bcm91250a", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-r5k-cobalt", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-sb1a-bcm91480b", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-r4k-kn04", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-r4k-kn04", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-r3k-kn02", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-qemu", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-r3k-kn02", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-sb1a-bcm91480b", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-qemu", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-prep", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-powerpc64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-powerpc", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-powerpc", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-powerpc", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-powerpc-miboot", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-powerpc", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-prep", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-powerpc-smp", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-powerpc64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-powerpc", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-powerpc-miboot", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-powerpc64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-powerpc-smp", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-powerpc64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-s390", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-s390", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-s390x", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-s390x", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-s390x", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-s390x", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-s390-tape", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-s390", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-sparc32", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-sparc32", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-sparc64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-sparc", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-sparc64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-sparc64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-sparc64-smp", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-sparc64", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-sparc64-smp", ver:"2.6.18.dfsg.1-24etch3", rls:"DEB4.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1866_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1866_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/deb_1866_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,253 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1866-1 (kdegraphics) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64751); + script_cve_id("CVE-2009-0945", "CVE-2009-1709"); + script_version ("$"); + script_name("Debian Security Advisory DSA 1866-1 (kdegraphics)"); + + desc = " +The remote host is missing an update to kdegraphics +announced via advisory DSA 1866-1. + +Two security issues have been discovered in kdegraphics, the graphics +apps from the official KDE release. The Common Vulnerabilities and +Exposures project identifies the following problems: + + +CVE-2009-0945 + +It was discovered that the KSVG animation element implementation suffers +from a null pointer dereference flaw, which could lead to the execution +of arbitrary code. + +CVE-2009-1709 + +It was discovered that the KSVG animation element implementation is +prone to a use-after-free flaw, which could lead to the execution of +arbitrary code. + + +For the stable distribution (lenny), these problems have been fixed in +version 4:3.5.9-3+lenny2. + +For the oldstable distribution (etch), these problems have been fixed +in version 4:3.5.5-3etch4. + +For the testing distribution (squeeze) and the unstable distribution +(sid), these problems have been fixed in version 4:4.0. + + +We recommend that you upgrade your kdegraphics packages. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201866-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Debian Security Advisory DSA 1866-1 (kdegraphics)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Debian Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"kdegraphics", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdegraphics-doc-html", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdegraphics-dev", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kghostview", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kolourpaint", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kooka", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kmrml", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"ksvg", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kpovmodeler", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kcoloredit", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kruler", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdegraphics-kfile-plugins", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"ksnapshot", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kamera", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libkscan1", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kfaxview", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kview", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdvi", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdegraphics-dbg", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kgamma", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kpdf", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kfax", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libkscan-dev", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kviewshell", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kuickshow", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kiconedit", ver:"3.5.5-3etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdegraphics", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdegraphics-doc-html", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kcoloredit", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdegraphics-dev", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kfax", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kooka", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"ksnapshot", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdegraphics-kfile-plugins", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kviewshell", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kghostview", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kfaxview", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kview", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libkscan1", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kmrml", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kolourpaint", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libkscan-dev", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kpdf", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kamera", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdvi", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kruler", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdegraphics-dbg", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kgamma", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"ksvg", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kuickshow", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kpovmodeler", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kiconedit", ver:"3.5.9-3+lenny2", rls:"DEB5.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1867_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1867_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/deb_1867_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,139 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1867-1 (kdelibs) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64750); + script_cve_id("CVE-2009-1690", "CVE-2009-1698", "CVE-2009-1687"); + script_version ("$"); + script_name("Debian Security Advisory DSA 1867-1 (kdelibs)"); + + desc = " +The remote host is missing an update to kdelibs +announced via advisory DSA 1867-1. + +Several security issues have been discovered in kdelibs, core libraries +from the official KDE release. The Common Vulnerabilities and Exposures +project identifies the following problems: + +CVE-2009-1690 + +It was discovered that there is a use-after-free flaw in handling +certain DOM event handlers. This could lead to the execution of +arbitrary code, when visiting a malicious website. + +CVE-2009-1698 + +It was discovered that there could be an uninitialised pointer when +handling a Cascading Style Sheets (CSS) attr function call. This could +lead to the execution of arbitrary code, when visiting a malicious +website. + +CVE-2009-1687 + +It was discovered that the JavaScript garbage collector does not handle +allocation failures properly, which could lead to the execution of +arbitrary code when visiting a malicious website. + + +For the stable distribution (lenny), these problems have been fixed in +version 4:3.5.10.dfsg.1-0lenny2. + +For the oldstable distribution (etch), these problems have been fixed +in version 4:3.5.5a.dfsg.1-8etch2. + +For the testing distribution (squeeze) and the unstable distribution +(sid), these problems will be fixed soon. + + +We recommend that you upgrade your kdelibs packages. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201867-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Debian Security Advisory DSA 1867-1 (kdelibs)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Debian Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"kdelibs", ver:"3.5.5a.dfsg.1-8etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs-data", ver:"3.5.5a.dfsg.1-8etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs4-doc", ver:"3.5.5a.dfsg.1-8etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs4c2a", ver:"3.5.5a.dfsg.1-8etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs4-dev", ver:"3.5.5a.dfsg.1-8etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs-dbg", ver:"3.5.5a.dfsg.1-8etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs", ver:"3.5.10.dfsg.1-0lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs-data", ver:"3.5.10.dfsg.1-0lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs4-doc", ver:"3.5.10.dfsg.1-0lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs-dbg", ver:"3.5.10.dfsg.1-0lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs4-dev", ver:"3.5.10.dfsg.1-0lenny2", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs4c2a", ver:"3.5.10.dfsg.1-0lenny2", rls:"DEB5.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1868_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1868_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/deb_1868_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,120 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1868-1 (kde4libs) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64749); + script_cve_id("CVE-2009-1690", "CVE-2009-1698", "CVE-2009-1687"); + script_version ("$"); + script_name("Debian Security Advisory DSA 1868-1 (kde4libs)"); + + desc = " +The remote host is missing an update to kde4libs +announced via advisory DSA 1868-1. + +Several security issues have been discovered in kde4libs, core libraries +for all KDE 4 applications. The Common Vulnerabilities and Exposures +project identifies the following problems: + +CVE-2009-1690 + +It was discovered that there is a use-after-free flaw in handling +certain DOM event handlers. This could lead to the execution of +arbitrary code, when visiting a malicious website. + +CVE-2009-1698 + +It was discovered that there could be an uninitialised pointer when +handling a Cascading Style Sheets (CSS) attr function call. This could +lead to the execution of arbitrary code, when visiting a malicious +website. + +CVE-2009-1687 + +It was discovered that the JavaScript garbage collector does not handle +allocation failures properly, which could lead to the execution of +arbitrary code when visiting a malicious website. + + +For the stable distribution (lenny), these problems have been fixed in +version 4:4.1.0-3+lenny1. + +The oldstable distribution (etch) does not contain kde4libs. + +For the testing distribution (squeeze), these problems will be fixed +soon. + +For the unstable distribution (sid), these problems have been fixed in +version 4:4.3.0-1. + + +We recommend that you upgrade your kde4libs packages. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201868-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Debian Security Advisory DSA 1868-1 (kde4libs)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Debian Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"kdelibs5-data", ver:"4.1.0-3+lenny1", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs-bin", ver:"4.1.0-3+lenny1", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs5-dbg", ver:"4.1.0-3+lenny1", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs5-dev", ver:"4.1.0-3+lenny1", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs5", ver:"4.1.0-3+lenny1", rls:"DEB5.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1869_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1869_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/deb_1869_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,126 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1869-1 (curl) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64752); + script_cve_id("CVE-2009-2417"); + script_version ("$"); + script_name("Debian Security Advisory DSA 1869-1 (curl)"); + + desc = " +The remote host is missing an update to curl +announced via advisory DSA 1869-1. + +It was discovered that curl, a client and library to get files from servers +using HTTP, HTTPS or FTP, is vulnerable to the Null Prefix Attacks Against +SSL/TLS Certificates recently published at the Blackhat conference. This +allows an attacker to perform undetected man-in-the-middle attacks via a +crafted ITU-T X.509 certificate with an injected null byte in the Common +Name field. + + +For the oldstable distribution (etch), this problem has been fixed in +version 7.15.5-1etch3. + +For the stable distribution (lenny), this problem has been fixed in +version 7.18.2-8lenny3. + +For the testing (squeeze) and unstable (sid) distribution, this problem +will be fixed soon. + + +We recommend that you upgrade your curl packages. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201869-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Debian Security Advisory DSA 1869-1 (curl)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Debian Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"libcurl3-dev", ver:"7.15.5-1etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl3-openssl-dev", ver:"7.15.5-1etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl3-dbg", ver:"7.15.5-1etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl3", ver:"7.15.5-1etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl3-gnutls-dev", ver:"7.15.5-1etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"curl", ver:"7.15.5-1etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl3-gnutls", ver:"7.15.5-1etch3", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl3-dbg", ver:"7.18.2-8lenny3", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl3", ver:"7.18.2-8lenny3", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl4-gnutls-dev", ver:"7.18.2-8lenny3", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"curl", ver:"7.18.2-8lenny3", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl3-gnutls", ver:"7.18.2-8lenny3", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl4-openssl-dev", ver:"7.18.2-8lenny3", rls:"DEB5.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1870_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1870_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/deb_1870_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,120 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1870-1 (pidgin) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64753); + script_cve_id("CVE-2009-2694", "CVE-2008-2927", "CVE-2009-1376"); + script_version ("$"); + script_name("Debian Security Advisory DSA 1870-1 (pidgin)"); + + desc = " +The remote host is missing an update to pidgin +announced via advisory DSA 1870-1. + +Federico Muttis discovered that libpurple, the shared library that adds +support for various instant messaging networks to the pidgin IM client, is +vulnerable to a heap-based buffer overflow. This issue exists because of +an incomplete fix for CVE-2008-2927 and CVE-2009-1376. An attacker can +exploit this by sending two consecutive SLP packets to a victim via MSN. + +The first packet is used to create an SLP message object with an offset of +zero, the second packet then contains a crafted offset which hits the +vulnerable code originally fixed in CVE-2008-2927 and CVE-2009-1376 and +allows an attacker to execute arbitrary code. + +Note: Users with the Allow only the users below setting are not vulnerable +to this attack. If you can't install the below updates you may want to +set this via Tools->Privacy. + + +For the stable distribution (lenny), this problem has been fixed in +version 2.4.3-4lenny3. + +For the testing distribution (squeeze), this problem will be fixed soon. + +For the unstable distribution (sid), this problem has been fixed in +version 2.5.9-1. + +We recommend that you upgrade your pidgin packages. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201870-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Debian Security Advisory DSA 1870-1 (pidgin)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Debian Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"libpurple-bin", ver:"2.4.3-4lenny3", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"pidgin-data", ver:"2.4.3-4lenny3", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libpurple-dev", ver:"2.4.3-4lenny3", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"pidgin-dev", ver:"2.4.3-4lenny3", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"finch-dev", ver:"2.4.3-4lenny3", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"finch", ver:"2.4.3-4lenny3", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"pidgin", ver:"2.4.3-4lenny3", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"pidgin-dbg", ver:"2.4.3-4lenny3", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libpurple0", ver:"2.4.3-4lenny3", rls:"DEB5.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1871_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1871_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/deb_1871_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,152 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1871-1 (wordpress) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64754); + script_cve_id("CVE-2008-6762", "CVE-2008-6767", "CVE-2009-2334", "CVE-2009-2854", "CVE-2009-2851", "CVE-2009-2853", "CVE-2008-1502", "CVE-2008-4106", "CVE-2008-4769", "CVE-2008-4796", "CVE-2008-5113"); + script_version ("$"); + script_name("Debian Security Advisory DSA 1871-1 (wordpress)"); + + desc = " +The remote host is missing an update to wordpress +announced via advisory DSA 1871-1. + + +Several vulnerabilities have been discovered in wordpress, weblog +manager. The Common Vulnerabilities and Exposures project identifies the +following problems: + +CVE-2008-6762 + +It was discovered that wordpress is prone to an open redirect +vulnerability which allows remote attackers to conduct phishing atacks. + +CVE-2008-6767 + +It was discovered that remote attackers had the ability to trigger an +application upgrade, which could lead to a denial of service attack. + +CVE-2009-2334 + +It was discovered that wordpress lacks authentication checks in the +plugin configuration, which might leak sensitive information. + +CVE-2009-2854 + +It was discovered that wordpress lacks authentication checks in various +actions, thus allowing remote attackers to produce unauthorised edits or +additions. + +CVE-2009-2851 + +It was discovered that the administrator interface is prone to a +cross-site scripting attack. + +CVE-2009-2853 + +It was discovered that remote attackers can gain privileges via certain +direct requests. + +CVE-2008-1502 + +It was discovered that the _bad_protocol_once function in KSES, as used +by wordpress, allows remote attackers to perform cross-site scripting +attacks. + +CVE-2008-4106 + +It was discovered that wordpress lacks certain checks around user +information, which could be used by attackers to change the password of +a user. + +CVE-2008-4769 + +It was discovered that the get_category_template function is prone to a +directory traversal vulnerability, which could lead to the execution of +arbitrary code. + +CVE-2008-4796 + +It was discovered that the _httpsrequest function in the embedded snoopy +version is prone to the execution of arbitrary commands via shell +metacharacters in https URLs. + +CVE-2008-5113 + +It was discovered that wordpress relies on the REQUEST superglobal array +in certain dangerous situations, which makes it easier to perform +attacks via crafted cookies. + + +For the stable distribution (lenny), these problems have been fixed in +version 2.5.1-11+lenny1. + +For the oldstable distribution (etch), these problems have been fixed in +version 2.0.10-1etch4. + +For the testing distribution (squeeze) and the unstable distribution +(sid), these problems have been fixed in version 2.8.3-1. + + +We recommend that you upgrade your wordpress packages. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201871-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Debian Security Advisory DSA 1871-1 (wordpress)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Debian Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"wordpress", ver:"2.0.10-1etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"wordpress", ver:"2.5.1-11+lenny1", rls:"DEB5.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1871_2.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1871_2.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/deb_1871_2.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,155 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1871-2 (wordpress) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64759); + script_cve_id("CVE-2008-6762", "CVE-2008-6767", "CVE-2009-2334", "CVE-2009-2854", "CVE-2009-2851", "CVE-2009-2853", "CVE-2008-1502", "CVE-2008-4106", "CVE-2008-4769", "CVE-2008-4796", "CVE-2008-5113"); + script_version ("$"); + script_name("Debian Security Advisory DSA 1871-2 (wordpress)"); + + desc = " +The remote host is missing an update to wordpress +announced via advisory DSA 1871-2. + + +The previous wordpress update introduced a regression when fixing +CVE-2008-4769 due to a function that was not backported with the patch. +Please note that this regression only affects the oldstable distribution +(etch). For reference the original advisory text follows. + + +Several vulnerabilities have been discovered in wordpress, weblog +manager. The Common Vulnerabilities and Exposures project identifies the +following problems: + +CVE-2008-6762 + +It was discovered that wordpress is prone to an open redirect +vulnerability which allows remote attackers to conduct phishing atacks. + +CVE-2008-6767 + +It was discovered that remote attackers had the ability to trigger an +application upgrade, which could lead to a denial of service attack. + +CVE-2009-2334 + +It was discovered that wordpress lacks authentication checks in the +plugin configuration, which might leak sensitive information. + +CVE-2009-2854 + +It was discovered that wordpress lacks authentication checks in various +actions, thus allowing remote attackers to produce unauthorised edits or +additions. + +CVE-2009-2851 + +It was discovered that the administrator interface is prone to a +cross-site scripting attack. + +CVE-2009-2853 + +It was discovered that remote attackers can gain privileges via certain +direct requests. + +CVE-2008-1502 + +It was discovered that the _bad_protocol_once function in KSES, as used +by wordpress, allows remote attackers to perform cross-site scripting +attacks. + +CVE-2008-4106 + +It was discovered that wordpress lacks certain checks around user +information, which could be used by attackers to change the password of +a user. + +CVE-2008-4769 + +It was discovered that the get_category_template function is prone to a +directory traversal vulnerability, which could lead to the execution of +arbitrary code. + +CVE-2008-4796 + +It was discovered that the _httpsrequest function in the embedded snoopy +version is prone to the execution of arbitrary commands via shell +metacharacters in https URLs. + +CVE-2008-5113 + +It was discovered that wordpress relies on the REQUEST superglobal array +in certain dangerous situations, which makes it easier to perform +attacks via crafted cookies. + + +For the stable distribution (lenny), these problems have been fixed in +version 2.5.1-11+lenny1. + +For the oldstable distribution (etch), these problems have been fixed in +version 2.0.10-1etch5. + +For the testing distribution (squeeze) and the unstable distribution +(sid), these problems have been fixed in version 2.8.3-1. + + +We recommend that you upgrade your wordpress packages. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201871-2 + +Risk factor : High"; + + script_description(desc); + + script_summary("Debian Security Advisory DSA 1871-2 (wordpress)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Debian Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"wordpress", ver:"2.0.10-1etch5", rls:"DEB4.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1872_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1872_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/deb_1872_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,503 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1872-1 (linux-2.6) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64755); + script_cve_id("CVE-2009-2698", "CVE-2009-2846", "CVE-2009-2847", "CVE-2009-2848", "CVE-2009-2849"); + script_version ("$"); + script_name("Debian Security Advisory DSA 1872-1 (linux-2.6)"); + + desc = " +The remote host is missing an update to linux-2.6 +announced via advisory DSA 1872-1. + +Several vulnerabilities have been discovered in the Linux kernel that +may lead to denial of service, privilege escalation or a leak of +sensitive memory. The Common Vulnerabilities and Exposures project +identifies the following problems: + +CVE-2009-2698 + +Herbert Xu discovered an issue in the way UDP tracks corking +status that could allow local users to cause a denial of service +(system crash). Tavis Ormandy and Julien Tinnes discovered that +this issue could also be used by local users to gain elevated +privileges. + +CVE-2009-2846 + +Michael Buesch noticed a typing issue in the eisa-eeprom driver +for the hppa architecture. Local users could exploit this issue to +gain access to restricted memory. + +CVE-2009-2847 + +Ulrich Drepper noticed an issue in the do_sigalstack routine on +64-bit systems. This issue allows local users to gain access to +potentially sensitive memory on the kernel stack. + +CVE-2009-2848 + +Eric Dumazet discovered an issue in the execve path, where the +clear_child_tid variable was not being properly cleared. Local +users could exploit this issue to cause a denial of service +(memory corruption). + +CVE-2009-2849 + +Neil Brown discovered an issue in the sysfs interface to md +devices. When md arrays are not active, local users can exploit +this vulnerability to cause a denial of service (oops). + +For the oldstable distribution (etch), this problem has been fixed in +version 2.6.18.dfsg.1-24etch4. + +We recommend that you upgrade your linux-2.6, fai-kernels, and + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201872-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Debian Security Advisory DSA 1872-1 (linux-2.6)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Debian Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"linux-manual-2.6.18", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-source-2.6.18", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-support-2.6.18-6", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-doc-2.6.18", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-tree-2.6.18", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-patch-debian-2.6.18", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-alpha-generic", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-alpha-legacy", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-alpha-smp", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-alpha-smp", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-alpha-legacy", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-alpha-generic", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-alpha", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-alpha", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-alpha", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-amd64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-amd64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-xen-vserver", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-xen", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"xen-linux-system-2.6.18-6-xen-vserver-amd64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-amd64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-xen-vserver-amd64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-modules-2.6.18-6-xen-amd64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"xen-linux-system-2.6.18-6-xen-amd64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-amd64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-xen-amd64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-xen-amd64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-modules-2.6.18-6-xen-vserver-amd64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-amd64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-xen-vserver-amd64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"fai-kernels", ver:"1.17+etch.24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-rpc", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-ixp4xx", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-arm", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-ixp4xx", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-iop32x", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-footbridge", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-s3c2410", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-footbridge", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-s3c2410", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-rpc", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-iop32x", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-hppa", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-parisc-smp", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-parisc", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-parisc64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-parisc64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-parisc", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-parisc64-smp", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-parisc64-smp", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-parisc-smp", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-k7", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-k7", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-486", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-xen-686", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-486", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-modules-2.6.18-6-xen-686", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-686", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-xen-vserver-686", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"xen-linux-system-2.6.18-6-xen-686", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-modules-2.6.18-6-xen-vserver-686", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-k7", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-686-bigmem", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-xen-686", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-686", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-686", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-xen-vserver-686", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-i386", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"xen-linux-system-2.6.18-6-xen-vserver-686", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-k7", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-686-bigmem", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-686", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"user-mode-linux", ver:"2.6.18-1um-2etch.24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-itanium", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-mckinley", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-itanium", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-ia64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-mckinley", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-mips", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-r5k-ip32", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-sb1-bcm91250a", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-r4k-ip22", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-sb1a-bcm91480b", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-qemu", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-qemu", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-sb1-bcm91250a", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-sb1a-bcm91480b", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-r5k-ip32", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-r4k-ip22", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-r5k-cobalt", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-r4k-kn04", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-r5k-cobalt", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-r4k-kn04", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-r3k-kn02", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-mipsel", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-r3k-kn02", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-prep", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-powerpc-miboot", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-powerpc", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-powerpc64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-powerpc", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-powerpc", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-powerpc-smp", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-powerpc", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-powerpc64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-powerpc-miboot", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-powerpc64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-powerpc", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-prep", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-powerpc64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-powerpc-smp", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-s390", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-s390x", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-s390x", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-s390x", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-s390-tape", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-s390", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-s390", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-s390x", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-sparc32", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-sparc32", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-sparc64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-vserver-sparc64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-vserver-sparc64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-sparc64-smp", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-sparc64", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.18-6-sparc64-smp", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.18-6-all-sparc", ver:"2.6.18.dfsg.1-24etch4", rls:"DEB4.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1873_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1873_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/deb_1873_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,111 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1873-1 (xulrunner) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64757); + script_cve_id("CVE-2009-2654"); + script_version ("$"); + script_name("Debian Security Advisory DSA 1873-1 (xulrunner)"); + + desc = " +The remote host is missing an update to xulrunner +announced via advisory DSA 1873-1. + +Juan Pablo Lopez Yacubian discovered that incorrect handling of invalid +URLs could be used for spoofing the location bar and the SSL certificate +status of a web page. + +Xulrunner is no longer supported for the old stable distribution (etch). + +For the stable distribution (lenny), this problem has been fixed in +version 1.9.0.13-0lenny1. + +For the unstable distribution (sid), this problem has been fixed in +version 1.9.0.13-1. + +We recommend that you upgrade your xulrunner packages. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201873-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Debian Security Advisory DSA 1873-1 (xulrunner)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Debian Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"libmozillainterfaces-java", ver:"1.9.0.13-0lenny1", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"xulrunner-dev", ver:"1.9.0.13-0lenny1", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"python-xpcom", ver:"1.9.0.13-0lenny1", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"xulrunner-1.9-dbg", ver:"1.9.0.13-0lenny1", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"xulrunner-1.9-gnome-support", ver:"1.9.0.13-0lenny1", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"xulrunner-1.9", ver:"1.9.0.13-0lenny1", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmozjs1d-dbg", ver:"1.9.0.13-0lenny1", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmozjs-dev", ver:"1.9.0.13-0lenny1", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmozjs1d", ver:"1.9.0.13-0lenny1", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"spidermonkey-bin", ver:"1.9.0.13-0lenny1", rls:"DEB5.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1874_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1874_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/deb_1874_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,110 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1874-1 (nss) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64758); + script_cve_id("CVE-2009-2404", "CVE-2009-2408", "CVE-2009-2409"); + script_version ("$"); + script_name("Debian Security Advisory DSA 1874-1 (nss)"); + + desc = " +The remote host is missing an update to nss +announced via advisory DSA 1874-1. + +Several vulnerabilities have been discovered in the Network Security +Service libraries. The Common Vulnerabilities and Exposures project +identifies the following problems: + +CVE-2009-2404 + +Moxie Marlinspike discovered that a buffer overflow in the regular +expression parser could lead to the execution of arbitrary code. + +CVE-2009-2408 + +Dan Kaminsky discovered that NULL characters in certificate +names could lead to man-in-the-middle attacks by tricking the user +into accepting a rogue certificate. + +CVE-2009-2409 + +Certificates with MD2 hash signatures are no longer accepted +since they're no longer considered cryptograhically secure. + + +The old stable distribution (etch) doesn't contain nss. + +For the stable distribution (lenny), these problems have been fixed in +version 3.12.3.1-0lenny1. + +For the unstable distribution (sid), these problems have been fixed in +version 3.12.3.1-1. + +We recommend that you upgrade your nss packages. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201874-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Debian Security Advisory DSA 1874-1 (nss)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Debian Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"libnss3-1d-dbg", ver:"3.12.3.1-0lenny1", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libnss3-dev", ver:"3.12.3.1-0lenny1", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libnss3-1d", ver:"3.12.3.1-0lenny1", rls:"DEB5.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libnss3-tools", ver:"3.12.3.1-0lenny1", rls:"DEB5.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1875_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1875_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/deb_1875_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,84 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1875-1 (ikiwiki) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64760); + script_cve_id("CVE-2009-2944"); + script_version ("$"); + script_name("Debian Security Advisory DSA 1875-1 (ikiwiki)"); + + desc = " +The remote host is missing an update to ikiwiki +announced via advisory DSA 1875-1. + +Josh Triplett discovered that the blacklist for potentially harmful TeX +code of the teximg module of the Ikiwiki wiki compiler was incomplete, +resulting in information disclosure. + +The old stable distribution (etch) is not affected. + +For the stable distribution (lenny), this problem has been fixed in +version 2.53.4. + +For the unstable distribution (sid), this problem has been fixed in +version 3.1415926. + +We recommend that you upgrade your ikiwiki package. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201875-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Debian Security Advisory DSA 1875-1 (ikiwiki)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Debian Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"ikiwiki", ver:"2.53.4", rls:"DEB5.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_7004.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_7004.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_7004.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,102 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-7004 (irssi) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64740); + script_cve_id("CVE-2009-1959"); + script_version ("$"); + script_name("Fedora Core 10 FEDORA-2009-7004 (irssi)"); + + desc = " +The remote host is missing an update to irssi +announced via advisory FEDORA-2009-7004. + +Irssi is a modular IRC client with Perl scripting. Only text-mode +frontend is currently supported. The GTK/GNOME frontend is no longer +being maintained. + +ChangeLog: + +* Tue Jun 23 2009 Huzaifa Sidhpurwala - 0.8.13-3 +- Resolve CVE-2009-1959 +* Fri May 1 2009 Marek Mahut - 0.8.13-1 +- Upstream release +* Wed Feb 25 2009 Fedora Release Engineering - 0.8.12-13 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild +* Sat Jan 17 2009 Tomas Mraz - 0.8.12-12 +- rebuild with new openssl + +References: + +[ 1 ] Bug #504554 - CVE-2009-1959 irssi: off-by-one error in the event_wallops +https://bugzilla.redhat.com/show_bug.cgi?id=504554 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update irssi' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-7004 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 10 FEDORA-2009-7004 (irssi)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"irssi", rpm:"irssi~0.8.13~3.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"irssi-devel", rpm:"irssi-devel~0.8.13~3.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"irssi-debuginfo", rpm:"irssi-debuginfo~0.8.13~3.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8270.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8270.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8270.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,111 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8270 (ghostscript) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64709); + script_cve_id("CVE-2009-0583"); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8270 (ghostscript)"); + + desc = " +The remote host is missing an update to ghostscript +announced via advisory FEDORA-2009-8270. + +Update Information: + +This updates ghostscript to the latest stable release. +ChangeLog: + +* Mon Aug 3 2009 Tim Waugh 8.70-1 +- 8.70. +- License has changed to GPLv3+. Packages containing programs that +link to libgs/libijs are: +- foomatic (GPLv2+) +- libspectre (GPLv2+) +- ImageMagick (ImageMagick, listed on Licensing wiki page under +Good Licenses and marked as GPLv3 compat) +- gutenprint (GPLv2+) +* Mon Aug 3 2009 Tim Waugh 8.64-12 +- Moved examples to doc subpackage (bug #515167). +- Converted spec file to UTF-8. + +References: + +[ 1 ] Bug #503992 - Ghostscript: Multiple NULL pointer dereferences in JBIG2 decoder [F11] +https://bugzilla.redhat.com/show_bug.cgi?id=503992 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update ghostscript' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8270 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8270 (ghostscript)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"ghostscript", rpm:"ghostscript~8.70~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ghostscript-devel", rpm:"ghostscript-devel~8.70~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ghostscript-doc", rpm:"ghostscript-doc~8.70~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ghostscript-gtk", rpm:"ghostscript-gtk~8.70~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ghostscript-debuginfo", rpm:"ghostscript-debuginfo~8.70~1.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8305.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8305.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8305.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,101 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8305 (xerces-c27) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64729); + script_cve_id("CVE-2009-1885"); + script_version ("$"); + script_name("Fedora Core 10 FEDORA-2009-8305 (xerces-c27)"); + + desc = " +The remote host is missing an update to xerces-c27 +announced via advisory FEDORA-2009-8305. + +Update Information: + +CVE-2009-1885 + +ChangeLog: + +* Thu Aug 6 2009 Peter Lemenkov 2.7.0-8 +- Fix CVE-2009-1885 +* Mon Jul 27 2009 Fedora Release Engineering - 2.7.0-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +References: + +[ 1 ] Bug #515515 - CVE-2009-1885 xerces-c, xerces-c27: Stack overflow when parsing recursive XML structures +https://bugzilla.redhat.com/show_bug.cgi?id=515515 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update xerces-c27' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8305 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 10 FEDORA-2009-8305 (xerces-c27)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"xerces-c27", rpm:"xerces-c27~2.7.0~8.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"xerces-c27-devel", rpm:"xerces-c27-devel~2.7.0~8.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"xerces-c27-doc", rpm:"xerces-c27-doc~2.7.0~8.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"xerces-c27-debuginfo", rpm:"xerces-c27-debuginfo~2.7.0~8.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8317.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8317.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8317.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,125 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8317 (firebird) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64739); + script_cve_id("CVE-2009-2620"); + script_version ("$"); + script_name("Fedora Core 10 FEDORA-2009-8317 (firebird)"); + + desc = " +The remote host is missing an update to firebird +announced via advisory FEDORA-2009-8317. + +Update Information: + +Upgrade from previous package version may be a problem since previous +version remove /var/run/firebird and it shouldn't. +This release fix this problem for future updates If you are in that +case (no longer /var/run/firebird directory after upgrade), just +reinstall firebird-2.1.3.18185.0-2 package or create +/var/run/firebird owned by user firebird + +ChangeLog: + +* Wed Aug 5 2009 Philippe Makowski 2.1.3.18185.0-2 +- rename /usr/bin/gstat to /usr/bin/gstat-fb to avoid conflict with ganglia-gmond (rh #515510) +- remove stupid rm -rf in postun +* Thu Jul 30 2009 Philippe Makowski 2.1.3.18185.0-1 +- Update to 2.1.3.18185 +- Fix rh #514463 +- Remove doc patch +- Apply backport initscript patch + +References: + +[ 1 ] Bug #514463 - CVE-2009-2620 firebird-superserver: NULL ptr dereference (DoS) by handling auxiliary connection(s) +https://bugzilla.redhat.com/show_bug.cgi?id=514463 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update firebird' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8317 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 10 FEDORA-2009-8317 (firebird)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"firebird", rpm:"firebird~2.1.3.18185.0~2.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"firebird-classic", rpm:"firebird-classic~2.1.3.18185.0~2.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"firebird-devel", rpm:"firebird-devel~2.1.3.18185.0~2.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"firebird-doc", rpm:"firebird-doc~2.1.3.18185.0~2.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"firebird-filesystem", rpm:"firebird-filesystem~2.1.3.18185.0~2.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"firebird-libfbclient", rpm:"firebird-libfbclient~2.1.3.18185.0~2.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"firebird-libfbembed", rpm:"firebird-libfbembed~2.1.3.18185.0~2.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"firebird-superserver", rpm:"firebird-superserver~2.1.3.18185.0~2.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"firebird-debuginfo", rpm:"firebird-debuginfo~2.1.3.18185.0~2.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8324.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8324.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8324.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,99 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8324 (squid) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64705); + script_cve_id("CVE-2009-2621", "CVE-2009-2622"); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8324 (squid)"); + + desc = " +The remote host is missing an update to squid +announced via advisory FEDORA-2009-8324. + +Update Information: + +Fixes several denial of service issues which could allow an attacker +to stop the Squid service. CVE-2009-2621, CVE-2009-2622 + +ChangeLog: + +* Tue Aug 4 2009 Henrik Nordstrom - 7:3.0.STABLE18-1 +- Update to 3.0.STABLE18 +* Sat Aug 1 2009 Henrik Nordstrom - 7:3.0.STABLE17-3 +- Squid Bug #2728: regression: assertion failed: http.cc:705: !eof +* Mon Jul 27 2009 Henrik Nordstrom - 7:3.0.STABLE17-1 +- Bug #514014, update to 3.0.STABLE17 fixing the denial of service issues +mentioned in Squid security advisory SQUID-2009_2. + +References: + +[ 1 ] Bug #514013 - CVE-2009-2621, CVE-2009-2622 squid: multiple vulnerabilities fixed in squid 3.0.STABLE17 +https://bugzilla.redhat.com/show_bug.cgi?id=514013 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update squid' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8324 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8324 (squid)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"squid", rpm:"squid~3.0.STABLE18~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squid-debuginfo", rpm:"squid-debuginfo~3.0.STABLE18~1.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8327.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8327.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8327.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,101 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8327 (squid) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64706); + script_cve_id("CVE-2009-2621", "CVE-2009-2622"); + script_version ("$"); + script_name("Fedora Core 10 FEDORA-2009-8327 (squid)"); + + desc = " +The remote host is missing an update to squid +announced via advisory FEDORA-2009-8327. + +Update Information: + +Fixes several denial of service issues which could allow an attacker to +stop the Squid service. CVE-2009-2621, CVE-2009-2622 + +ChangeLog: + +* Tue Aug 4 2009 Henrik Nordstrom - 7:3.0.STABLE18-1 +- Update to 3.0.STABLE18 +* Sat Aug 1 2009 Henrik Nordstrom - 7:3.0.STABLE17-3 +- Squid Bug #2728: regression: assertion failed: http.cc:705: !eof +* Mon Jul 27 2009 Henrik Nordstrom - 7:3.0.STABLE17-1 +- Bug #514014, update to 3.0.STABLE17 fixing the denial of service issues +mentioned in Squid security advisory SQUID-2009_2. +* Mon Jul 13 2009 Henrik Nordstrom - 7:3.0.STABLE16-2 +- Upgrade to latest upstream + +References: + +[ 1 ] Bug #514013 - CVE-2009-2621, CVE-2009-2622 squid: multiple vulnerabilities fixed in squid 3.0.STABLE17 +https://bugzilla.redhat.com/show_bug.cgi?id=514013 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update squid' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8327 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 10 FEDORA-2009-8327 (squid)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"squid", rpm:"squid~3.0.STABLE18~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squid-debuginfo", rpm:"squid-debuginfo~3.0.STABLE18~1.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8332.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8332.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8332.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,101 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8332 (xerces-c27) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64734); + script_cve_id("CVE-2009-1885"); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8332 (xerces-c27)"); + + desc = " +The remote host is missing an update to xerces-c27 +announced via advisory FEDORA-2009-8332. + +Update Information: + +CVE-2009-1885 + +ChangeLog: + +* Thu Aug 6 2009 Peter Lemenkov 2.7.0-8 +- Fix CVE-2009-1885 +* Mon Jul 27 2009 Fedora Release Engineering - 2.7.0-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +References: + +[ 1 ] Bug #515515 - CVE-2009-1885 xerces-c, xerces-c27: Stack overflow when parsing recursive XML structures +https://bugzilla.redhat.com/show_bug.cgi?id=515515 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update xerces-c27' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8332 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8332 (xerces-c27)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"xerces-c27", rpm:"xerces-c27~2.7.0~8.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"xerces-c27-devel", rpm:"xerces-c27-devel~2.7.0~8.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"xerces-c27-doc", rpm:"xerces-c27-doc~2.7.0~8.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"xerces-c27-debuginfo", rpm:"xerces-c27-debuginfo~2.7.0~8.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8340.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8340.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8340.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,117 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8340 (firebird) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64742); + script_cve_id("CVE-2009-2620"); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8340 (firebird)"); + + desc = " +The remote host is missing an update to firebird +announced via advisory FEDORA-2009-8340. + +Update Information: + +Upgrade from previous package version may be a problem since previous version +remove /var/run/firebird and it shouldn't + +This release fix this problem for future updates +If you are in that case (no longer /var/run/firebird directory +after upgrade), just reinstall firebird-2.1.3.18185.0-2 package +or create /var/run/firebird owned by user firebird + +ChangeLog: + +References: + +[ 1 ] Bug #514463 - CVE-2009-2620 firebird-superserver: NULL ptr dereference (DoS) by handling auxiliary connection(s) +https://bugzilla.redhat.com/show_bug.cgi?id=514463 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update firebird' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8340 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8340 (firebird)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"firebird", rpm:"firebird~2.1.3.18185.0~2.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"firebird-classic", rpm:"firebird-classic~2.1.3.18185.0~2.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"firebird-devel", rpm:"firebird-devel~2.1.3.18185.0~2.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"firebird-doc", rpm:"firebird-doc~2.1.3.18185.0~2.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"firebird-filesystem", rpm:"firebird-filesystem~2.1.3.18185.0~2.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"firebird-libfbclient", rpm:"firebird-libfbclient~2.1.3.18185.0~2.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"firebird-libfbembed", rpm:"firebird-libfbembed~2.1.3.18185.0~2.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"firebird-superserver", rpm:"firebird-superserver~2.1.3.18185.0~2.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"firebird-debuginfo", rpm:"firebird-debuginfo~2.1.3.18185.0~2.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8344.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8344.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8344.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,112 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8344 (dhcp) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64735); + script_cve_id("CVE-2009-0692", "CVE-2009-1892"); + script_version ("$"); + script_name("Fedora Core 10 FEDORA-2009-8344 (dhcp)"); + + desc = " +The remote host is missing an update to dhcp +announced via advisory FEDORA-2009-8344. + +Update Information: + +This update to the dhcp package includes fixes for CVE-2009-0692 and +CVE-2009-1892. More information on these issues are available here: +http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692 +http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1892 + +Note: CVE-2009-0692 had no security consequences on Fedora, thanks +to the use of FORTIFY_SOURCE + +ChangeLog: + +* Wed Aug 5 2009 David Cantrell - 12:4.0.0-37 +- Fix for CVE-2009-0692 +- Fix for CVE-2009-1892 (#511834) + +References: + +[ 1 ] Bug #511834 - CVE-2009-1892 dhcp: DoS/abort in some configs with client-identifier and hardware address host specifications +https://bugzilla.redhat.com/show_bug.cgi?id=511834 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update dhcp' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8344 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 10 FEDORA-2009-8344 (dhcp)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"dhclient", rpm:"dhclient~4.0.0~37.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"dhcp", rpm:"dhcp~4.0.0~37.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"dhcp-devel", rpm:"dhcp-devel~4.0.0~37.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libdhcp4client", rpm:"libdhcp4client~4.0.0~37.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libdhcp4client-devel", rpm:"libdhcp4client-devel~4.0.0~37.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"dhcp-debuginfo", rpm:"dhcp-debuginfo~4.0.0~37.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8345.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8345.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8345.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,101 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8345 (xerces-c) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64733); + script_cve_id("CVE-2009-1885"); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8345 (xerces-c)"); + + desc = " +The remote host is missing an update to xerces-c +announced via advisory FEDORA-2009-8345. + +Update Information: + +CVE-2009-1885 + +ChangeLog: + +* Thu Aug 6 2009 Peter Lemenkov 2.8.0-5 +- Fix CVE-2009-1885 +* Mon Jul 27 2009 Fedora Release Engineering - 2.8.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +References: + +[ 1 ] Bug #515515 - CVE-2009-1885 xerces-c, xerces-c27: Stack overflow when parsing recursive XML structures +https://bugzilla.redhat.com/show_bug.cgi?id=515515 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update xerces-c' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8345 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8345 (xerces-c)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"xerces-c", rpm:"xerces-c~2.8.0~5.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"xerces-c-devel", rpm:"xerces-c-devel~2.8.0~5.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"xerces-c-doc", rpm:"xerces-c-doc~2.8.0~5.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"xerces-c-debuginfo", rpm:"xerces-c-debuginfo~2.8.0~5.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8350.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8350.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8350.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,102 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8350 (xerces-c) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64731); + script_cve_id("CVE-2009-1885"); + script_version ("$"); + script_name("Fedora Core 10 FEDORA-2009-8350 (xerces-c)"); + + desc = " +The remote host is missing an update to xerces-c +announced via advisory FEDORA-2009-8350. + +Update Information: + +CVE-2009-1885 +ChangeLog: + +* Thu Aug 6 2009 Peter Lemenkov 2.8.0-5 +- Fix CVE-2009-1885 +* Mon Jul 27 2009 Fedora Release Engineering - 2.8.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild +* Thu Feb 26 2009 Fedora Release Engineering - 2.8.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +References: + +[ 1 ] Bug #515515 - CVE-2009-1885 xerces-c, xerces-c27: Stack overflow when parsing recursive XML structures +https://bugzilla.redhat.com/show_bug.cgi?id=515515 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update xerces-c' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8350 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 10 FEDORA-2009-8350 (xerces-c)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"xerces-c", rpm:"xerces-c~2.8.0~5.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"xerces-c-devel", rpm:"xerces-c-devel~2.8.0~5.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"xerces-c-doc", rpm:"xerces-c-doc~2.8.0~5.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"xerces-c-debuginfo", rpm:"xerces-c-debuginfo~2.8.0~5.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8516.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8516.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8516.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,91 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8516 (buildbot) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64724); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8516 (buildbot)"); + + desc = " +The remote host is missing an update to buildbot +announced via advisory FEDORA-2009-8516. + +Update Information: + +Update to new upstream version 0.7.11p3: +http://pypi.python.org/pypi/buildbot/0.7.11p3 +fixing XSS issue detailed in upstream security alert: +http://buildbot.net/trac#SecurityAlert + +ChangeLog: + +* Mon Aug 17 2009 Steve 'Ashcrow' Milner - 0.7.11p3-2 +- turning off tests in builds +* Mon Aug 17 2009 Steve 'Ashcrow' Milner - 0.7.11p3-1 +- Update for another XSS vuln from upstream +* Thu Aug 13 2009 Steve 'Ashcrow' Milner - 0.7.11p2-1 +- Update for XSS vuln from upstream + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update buildbot' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8516 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8516 (buildbot)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"buildbot", rpm:"buildbot~0.7.11p3~2.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8529.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8529.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8529.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,96 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8529 (wordpress-mu) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64697); + script_cve_id("CVE-2009-2334", "CVE-2009-2335", "CVE-2009-2336"); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8529 (wordpress-mu)"); + + desc = " +The remote host is missing an update to wordpress-mu +announced via advisory FEDORA-2009-8529. + +Update spans MU-versions for the following security releases from upstream: + +http://wordpress.org/development/2009/08/2-8-4-security-release/ +http://wordpress.org/development/2009/08/wordpress-2-8-3-security-release/ + +* Backport of XSS fixes from WordPress 2.8.2 +* Backport of security fixes for admin.php?page= bugs (CVE-2009-2334) + +ChangeLog: + +* Wed Aug 12 2009 Bret McMillan - 2.8.4a-1 +- Update to version 2.8.4a for security fixes +* Fri Jul 10 2009 Bret McMillan - 2.7-6 +- Patch for CVE-2009-2334 + +References: + +[ 1 ] Bug #510745 - CVE-2009-2334, CVE-2009-2335, CVE-2009-2336 wordpress: multiple vulnerabilities +https://bugzilla.redhat.com/show_bug.cgi?id=510745 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update wordpress-mu' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8529 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8529 (wordpress-mu)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"wordpress-mu", rpm:"wordpress-mu~2.8.4a~1.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8535.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8535.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8535.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,93 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8535 (thunderbird) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64698); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8535 (thunderbird)"); + + desc = " +The remote host is missing an update to thunderbird +announced via advisory FEDORA-2009-8535. + +Update Information: + +Update to upstream version 3.0 Beta3. It includes security fixes +recently fixed in stable Thunderbird 2.x and Firefox/Gecko security fixes: + +http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html +http://www.mozilla.org/security/known-vulnerabilities/firefox30.html + +ChangeLog: + +* Thu Jul 16 2009 Jan Horak - 3.0-2.6 +- Rebuild for update +* Thu Jul 16 2009 Jan Horak - 3.0-2.5 +- Update to 3.0 beta3 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update thunderbird' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8535 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8535 (thunderbird)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"thunderbird", rpm:"thunderbird~3.0~2.6.b3.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"thunderbird-debuginfo", rpm:"thunderbird-debuginfo~3.0~2.6.b3.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8538.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8538.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8538.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,100 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8538 (wordpress-mu) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64699); + script_cve_id("CVE-2009-2334", "CVE-2009-1030", "CVE-2009-2335", "CVE-2009-2336"); + script_version ("$"); + script_name("Fedora Core 10 FEDORA-2009-8538 (wordpress-mu)"); + + desc = " +The remote host is missing an update to wordpress-mu +announced via advisory FEDORA-2009-8538. + +Update Information: + +Update spans MU-versions for the following security releases from upstream: + +http://wordpress.org/development/2009/08/2-8-4-security-release/ +http://wordpress.org/development/2009/08/wordpress-2-8-3-security-release/ +* Backport of XSS fixes from WordPress 2.8.2 +* Backport of security fixes for admin.php?page=bugs (CVE-2009-2334) + +ChangeLog: + +* Wed Aug 12 2009 Bret McMillan - 2.8.4a-1 +- Update to version 2.8.4a for security fixes +* Fri Jul 10 2009 Bret McMillan - 2.7-6 +- Patch for CVE-2009-2334 +- Update to version 2.7 +- Alter source prep so I can still use upstream's tarball +- favicon.ico removed from manifest + +References: + +[ 1 ] Bug #510745 - CVE-2009-2334, CVE-2009-2335, CVE-2009-2336 wordpress: multiple vulnerabilities +https://bugzilla.redhat.com/show_bug.cgi?id=510745 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update wordpress-mu' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8538 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 10 FEDORA-2009-8538 (wordpress-mu)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"wordpress-mu", rpm:"wordpress-mu~2.8.4a~1.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8577.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8577.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8577.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,90 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8577 (buildbot) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64726); + script_version ("$"); + script_name("Fedora Core 10 FEDORA-2009-8577 (buildbot)"); + + desc = " +The remote host is missing an update to buildbot +announced via advisory FEDORA-2009-8577. + +Update Information: + +Update to new upstream version 0.7.11p3: +http://pypi.python.org/pypi/buildbot/0.7.11p3 + +fixing XSS issue detailed in upstream security alert: +http://buildbot.net/trac#SecurityAlert + +ChangeLog: + +* Mon Aug 17 2009 Steve 'Ashcrow' Milner - 0.7.11p3-1 +- Update for another XSS vuln from upstream +* Thu Aug 13 2009 Steve 'Ashcrow' Milner - 0.7.11p2-1 +- Update for XSS vuln from upstream + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update buildbot' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8577 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 10 FEDORA-2009-8577 (buildbot)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"buildbot", rpm:"buildbot~0.7.11p3~1.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8580.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8580.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8580.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,95 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8580 (mingw32-libxml2) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64700); + script_cve_id("CVE-2009-2414", "CVE-2009-2416"); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8580 (mingw32-libxml2)"); + + desc = " +The remote host is missing an update to mingw32-libxml2 +announced via advisory FEDORA-2009-8580. + +Update Information: + +Two patches for parsing problems raised by Ficora + +ChangeLog: + +* Mon Aug 10 2009 Daniel Veillard - 2.7.3-2 +- two patches for parsing problems CVE-2009-2414 and CVE-2009-2416 + +References: + +[ 1 ] Bug #515195 - CVE-2009-2414 libxml, libxml2: Stack overflow by parsing root XML element DTD definition +https://bugzilla.redhat.com/show_bug.cgi?id=515195 +[ 2 ] Bug #515205 - CVE-2009-2416 libxml, libxml2: Pointer use-after-free flaws by parsing Notation and Enumeration attribute types +https://bugzilla.redhat.com/show_bug.cgi?id=515205 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update mingw32-libxml2' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8580 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8580 (mingw32-libxml2)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"mingw32-libxml2", rpm:"mingw32-libxml2~2.7.3~2.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mingw32-libxml2-static", rpm:"mingw32-libxml2-static~2.7.3~2.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8582.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8582.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8582.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,116 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8582 (libxml) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64701); + script_cve_id("CVE-2004-0110", "CVE-2004-0989", "CVE-2009-2414", "CVE-2009-2416", "CAN-2004-0110", "CAN-2004-0989"); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8582 (libxml)"); + + desc = " +The remote host is missing an update to libxml +announced via advisory FEDORA-2009-8582. + +This library allows old Gnome-1 applications to manipulate XML files. + +Update Information: + +This update includes patches from RHEL-3 addressing a number of security +vulnerabilities: + +- CVE-2004-0110 (arbitrary code execution via a long URL) +- CVE-2004-0989 (arbitrary code execution via a long URL) +- CVE-2009-2414 (stack consumption DoS vulnerabilities) +- CVE-2009-2416 (use-after-free DoS vulnerabilities) + +ChangeLog: + +* Wed Aug 12 2009 Paul Howarth 1:1.8.17-24 +- renumber existing patches to free up low-numbered patches for EL-3 patches +- add patch for CAN-2004-0110 and CAN-2004-0989 (#139090) +- add patch for CVE-2009-2414 and CVE-2009-2416 (#515195, #515205) +* Sat Jul 25 2009 Fedora Release Engineering 1:1.8.17-23 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild +* Mon Apr 20 2009 Paul Howarth 1:1.8.17-22 +- rebuild for %{_isa} provides/requires + +References: + +[ 1 ] Bug #430644 - CVE-2004-0110 libxml2 long URL causes SEGV +https://bugzilla.redhat.com/show_bug.cgi?id=430644 +[ 2 ] Bug #430645 - CVE-2004-0989 libxml2 various overflows +https://bugzilla.redhat.com/show_bug.cgi?id=430645 +[ 3 ] Bug #515195 - CVE-2009-2414 libxml, libxml2: Stack overflow by parsing root XML element DTD definition +https://bugzilla.redhat.com/show_bug.cgi?id=515195 +[ 4 ] Bug #515205 - CVE-2009-2416 libxml, libxml2: Pointer use-after-free flaws by parsing Notation and Enumeration attribute types +https://bugzilla.redhat.com/show_bug.cgi?id=515205 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update libxml' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8582 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8582 (libxml)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"libxml", rpm:"libxml~1.8.17~24.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libxml-devel", rpm:"libxml-devel~1.8.17~24.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libxml-debuginfo", rpm:"libxml-debuginfo~1.8.17~24.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8594.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8594.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8594.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,117 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8594 (libxml) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64702); + script_cve_id("CVE-2004-0110", "CVE-2004-0989", "CVE-2009-2414", "CVE-2009-2416", "CAN-2004-0110", "CAN-2004-0989"); + script_version ("$"); + script_name("Fedora Core 10 FEDORA-2009-8594 (libxml)"); + + desc = " +The remote host is missing an update to libxml +announced via advisory FEDORA-2009-8594. + +This library allows old Gnome-1 applications to manipulate XML files. + +Update Information: + +This update includes patches from RHEL-3 addressing a number of security +vulnerabilities: +- CVE-2004-0110 (arbitrary code execution via a long URL) +- CVE-2004-0989 (arbitrary code execution via a long URL) +- CVE-2009-2414 (stack consumption DoS vulnerabilities) +- CVE-2009-2416 (use-after-free DoS vulnerabilities) + +ChangeLog: + +* Wed Aug 12 2009 Paul Howarth 1:1.8.17-24 +- renumber existing patches to free up low-numbered patches for EL-3 patches +- add patch for CAN-2004-0110 and CAN-2004-0989 (#139090) +- add patch for CVE-2009-2414 and CVE-2009-2416 (#515195, #515205) +* Sat Jul 25 2009 Fedora Release Engineering 1:1.8.17-23 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild +* Mon Apr 20 2009 Paul Howarth 1:1.8.17-22 +- rebuild for %{_isa} provides/requires +* Wed Feb 25 2009 Fedora Release Engineering 1:1.8.17-21 +- rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +References: + +[ 1 ] Bug #430644 - CVE-2004-0110 libxml2 long URL causes SEGV +https://bugzilla.redhat.com/show_bug.cgi?id=430644 +[ 2 ] Bug #430645 - CVE-2004-0989 libxml2 various overflows +https://bugzilla.redhat.com/show_bug.cgi?id=430645 +[ 3 ] Bug #515195 - CVE-2009-2414 libxml, libxml2: Stack overflow by parsing root XML element DTD definition +https://bugzilla.redhat.com/show_bug.cgi?id=515195 +[ 4 ] Bug #515205 - CVE-2009-2416 libxml, libxml2: Pointer use-after-free flaws by parsing Notation and Enumeration attribute types +https://bugzilla.redhat.com/show_bug.cgi?id=515205 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update libxml' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8594 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 10 FEDORA-2009-8594 (libxml)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"libxml", rpm:"libxml~1.8.17~24.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libxml-devel", rpm:"libxml-devel~1.8.17~24.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libxml-debuginfo", rpm:"libxml-debuginfo~1.8.17~24.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8595.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8595.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8595.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,93 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8595 (htmldoc) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64744); + script_version ("$"); + script_name("Fedora Core 10 FEDORA-2009-8595 (htmldoc)"); + + desc = " +The remote host is missing an update to htmldoc +announced via advisory FEDORA-2009-8595. + +Update Information: + +Fix scanf issues found by Gentoo. Fix FTBFS on Fedora 12. + +ChangeLog: + +* Thu Aug 13 2009 Adam Goode - 1.8.27-8 +- Fix limitation of -D_FORTIFY_SOURCE=2 (#511520) +- Fix scanf overflows (#512513) + +References: + +[ 1 ] Bug #512513 - HTMLDOC: Stack-based buffer overflow when setting custom page output size +https://bugzilla.redhat.com/show_bug.cgi?id=512513 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update htmldoc' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8595 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 10 FEDORA-2009-8595 (htmldoc)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"htmldoc", rpm:"htmldoc~1.8.27~8.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"htmldoc-debuginfo", rpm:"htmldoc-debuginfo~1.8.27~8.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8611.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8611.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8611.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,95 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8611 (htmldoc) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64743); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8611 (htmldoc)"); + + desc = " +The remote host is missing an update to htmldoc +announced via advisory FEDORA-2009-8611. + +Update Information: + +Fix scanf issues found by Gentoo. Fix FTBFS on Fedora 12. + +ChangeLog: + +* Thu Aug 13 2009 Adam Goode - 1.8.27-12 +- Fix limitation of -D_FORTIFY_SOURCE=2 (#511520) +- Fix scanf overflows (#512513) +* Fri Jul 24 2009 Fedora Release Engineering - 1.8.27-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +References: + +[ 1 ] Bug #512513 - HTMLDOC: Stack-based buffer overflow when setting custom page output size +https://bugzilla.redhat.com/show_bug.cgi?id=512513 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update htmldoc' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8611 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8611 (htmldoc)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"htmldoc", rpm:"htmldoc~1.8.27~12.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"htmldoc-debuginfo", rpm:"htmldoc-debuginfo~1.8.27~12.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8647.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8647.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8647.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,156 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8647 (kernel) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64703); + script_cve_id("CVE-2009-2692", "CVE-2009-2406", "CVE-2009-2407", "CVE-2009-1895", "CVE-2009-1897", "CVE-2009-0065", "CVE-2008-5079"); + script_version ("$"); + script_name("Fedora Core 10 FEDORA-2009-8647 (kernel)"); + + desc = " +The remote host is missing an update to kernel +announced via advisory FEDORA-2009-8647. + +Update Information: + +Fix sock_sendpage null pointer dereference. CVE-2009-2692. + +ChangeLog: + +* Fri Aug 14 2009 Kyle McMartin 2.6.27.29-170.2.79 +- CVE-2009-2692: Fix sock sendpage NULL ptr deref. +* Fri Jul 31 2009 Chuck Ebbert 2.6.27.29-170.2.78 +- The kernel package needs to override the new rpm %install behavior. +* Thu Jul 30 2009 Chuck Ebbert 2.6.27.29-170.2.77 +- Linux 2.6.27.29 +* Wed Jul 29 2009 Chuck Ebbert 2.6.27.29-170.2.75.rc1 +- Linux 2.6.27.29-rc1 (CVE-2009-2406, CVE-2009-2407) +- Drop linux-2.6-netdev-r8169-avoid-losing-msi-interrupts.patch, now in -stable. +* Wed Jul 29 2009 Chuck Ebbert 2.6.27.28-170.2.74 +- Don't bounce virtio_blk requests (#510304) + +References: + +[ 1 ] Bug #516949 - CVE-2009-2692 kernel: uninit op in SOCKOPS_WRAP() leads to privesc +https://bugzilla.redhat.com/show_bug.cgi?id=516949 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update kernel' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8647 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 10 FEDORA-2009-8647 (kernel)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.27.29~170.2.79.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.27.29~170.2.79.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.27.29~170.2.79.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.6.27.29~170.2.79.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~2.6.27.29~170.2.79.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE", rpm:"kernel-PAE~2.6.27.29~170.2.79.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE-devel", rpm:"kernel-PAE-devel~2.6.27.29~170.2.79.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAEdebug", rpm:"kernel-PAEdebug~2.6.27.29~170.2.79.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAEdebug-devel", rpm:"kernel-PAEdebug-devel~2.6.27.29~170.2.79.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.27.29~170.2.79.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.27.29~170.2.79.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE-debuginfo", rpm:"kernel-PAE-debuginfo~2.6.27.29~170.2.79.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAEdebug-debuginfo", rpm:"kernel-PAEdebug-debuginfo~2.6.27.29~170.2.79.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.27.29~170.2.79.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.27.29~170.2.79.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-firmware", rpm:"kernel-firmware~2.6.27.29~170.2.79.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-bootwrapper", rpm:"kernel-bootwrapper~2.6.27.29~170.2.79.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.6.27.29~170.2.79.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp-devel", rpm:"kernel-smp-devel~2.6.27.29~170.2.79.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp-debuginfo", rpm:"kernel-smp-debuginfo~2.6.27.29~170.2.79.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8649.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8649.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8649.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,164 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8649 (kernel) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64704); + script_cve_id("CVE-2009-2692", "CVE-2009-1897", "CVE-2009-1895", "CVE-2009-2406", "CVE-2009-2407"); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8649 (kernel)"); + + desc = " +The remote host is missing an update to kernel +announced via advisory FEDORA-2009-8649. + +Update Information: + +Fix sock_sendpage null pointer dereference. CVE-2009-2692. + +ChangeLog: + +* Fri Aug 14 2009 Kyle McMartin 2.6.29.6-217.2.7 +- CVE-2009-2692: Fix sock sendpage NULL ptr deref. +* Thu Aug 13 2009 Kristian H?gsberg - 2.6.29.6-217.2.6 +- Backport 0e7ddf7e to fix bad BUG_ON() in i915 gem fence management +code. Adds drm-i915-gem-bad-bug-on.patch, fixes #514091. +* Wed Aug 12 2009 John W. Linville 2.6.29.6-217.2.5 +- iwlwifi: fix TX queue race +* Mon Aug 10 2009 Jarod Wilson 2.6.29.6-217.2.4 +- Add tunable pad threshold support to lirc_imon +- Blacklist all iMON devices in usbhid driver so lirc_imon can bind +- Add new device ID to lirc_mceusb (#512483) +- Enable IR transceiver on the HD PVR +* Wed Jul 29 2009 Chuck Ebbert 2.6.29.6-217.2.3 +- Don't optimize away NULL pointer tests where pointer is used before the test. +(CVE-2009-1897) +* Wed Jul 29 2009 Chuck Ebbert 2.6.29.6-217.2.2 +- Fix mmap_min_addr security bugs (CVE-2009-1895) +* Wed Jul 29 2009 Chuck Ebbert 2.6.29.6-217.2.1 +- Fix eCryptfs overflow issues (CVE-2009-2406, CVE-2009-2407) + +References: + +[ 1 ] Bug #516949 - CVE-2009-2692 kernel: uninit op in SOCKOPS_WRAP() leads to privesc +https://bugzilla.redhat.com/show_bug.cgi?id=516949 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update kernel' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8649 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8649 (kernel)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.29.6~217.2.7.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.29.6~217.2.7.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.29.6~217.2.7.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.6.29.6~217.2.7.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~2.6.29.6~217.2.7.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE", rpm:"kernel-PAE~2.6.29.6~217.2.7.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE-devel", rpm:"kernel-PAE-devel~2.6.29.6~217.2.7.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAEdebug", rpm:"kernel-PAEdebug~2.6.29.6~217.2.7.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAEdebug-devel", rpm:"kernel-PAEdebug-devel~2.6.29.6~217.2.7.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE-debuginfo", rpm:"kernel-PAE-debuginfo~2.6.29.6~217.2.7.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAEdebug-debuginfo", rpm:"kernel-PAEdebug-debuginfo~2.6.29.6~217.2.7.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.29.6~217.2.7.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-firmware", rpm:"kernel-firmware~2.6.29.6~217.2.7.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-bootwrapper", rpm:"kernel-bootwrapper~2.6.29.6~217.2.7.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.6.29.6~217.2.7.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp-devel", rpm:"kernel-smp-devel~2.6.29.6~217.2.7.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp-debuginfo", rpm:"kernel-smp-debuginfo~2.6.29.6~217.2.7.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.29.6~217.2.7.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.29.6~217.2.7.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.29.6~217.2.7.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8684.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8684.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8684.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,161 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8684 (kernel) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64707); + script_cve_id("CVE-2009-2767", "CVE-2009-2692", "CVE-2009-1897", "CVE-2009-1895", "CVE-2009-2406", "CVE-2009-2407"); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8684 (kernel)"); + + desc = " +The remote host is missing an update to kernel +announced via advisory FEDORA-2009-8684. + +Update Information: + +Fix oops in clock_nanosleep syscall which allows an ordinary user to cause a +null ptr dereference in the kernel. CVE-2009-2767. Fixes BUG_ON() in the intel +gem page fault code breaking GNOME Shell. + +ChangeLog: + +* Sat Aug 15 2009 Kyle McMartin 2.6.29.6-217.2.8 +- CVE-2009-2767: Fix clock_nanosleep NULL ptr deref. +* Fri Aug 14 2009 Kyle McMartin 2.6.29.6-217.2.7 +- CVE-2009-2692: Fix sock sendpage NULL ptr deref. +* Thu Aug 13 2009 Kristian H?gsberg - 2.6.29.6-217.2.6 +- Backport 0e7ddf7e to fix bad BUG_ON() in i915 gem fence management +code. Adds drm-i915-gem-bad-bug-on.patch, fixes #514091. +* Wed Aug 12 2009 John W. Linville 2.6.29.6-217.2.5 +- iwlwifi: fix TX queue race +* Mon Aug 10 2009 Jarod Wilson 2.6.29.6-217.2.4 +- Add tunable pad threshold support to lirc_imon +- Blacklist all iMON devices in usbhid driver so lirc_imon can bind +- Add new device ID to lirc_mceusb (#512483) +- Enable IR transceiver on the HD PVR + +References: + +[ 1 ] Bug #515867 - CVE-2009-2767 kernel: clock_nanosleep() with CLOCK_MONOTONIC_RAW NULL pointer dereference +https://bugzilla.redhat.com/show_bug.cgi?id=515867 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update kernel' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8684 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8684 (kernel)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.29.6~217.2.8.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.29.6~217.2.8.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.29.6~217.2.8.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.6.29.6~217.2.8.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~2.6.29.6~217.2.8.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE", rpm:"kernel-PAE~2.6.29.6~217.2.8.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE-devel", rpm:"kernel-PAE-devel~2.6.29.6~217.2.8.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAEdebug", rpm:"kernel-PAEdebug~2.6.29.6~217.2.8.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAEdebug-devel", rpm:"kernel-PAEdebug-devel~2.6.29.6~217.2.8.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE-debuginfo", rpm:"kernel-PAE-debuginfo~2.6.29.6~217.2.8.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAEdebug-debuginfo", rpm:"kernel-PAEdebug-debuginfo~2.6.29.6~217.2.8.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.29.6~217.2.8.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-firmware", rpm:"kernel-firmware~2.6.29.6~217.2.8.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-bootwrapper", rpm:"kernel-bootwrapper~2.6.29.6~217.2.8.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.6.29.6~217.2.8.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp-devel", rpm:"kernel-smp-devel~2.6.29.6~217.2.8.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp-debuginfo", rpm:"kernel-smp-debuginfo~2.6.29.6~217.2.8.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.29.6~217.2.8.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.29.6~217.2.8.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.29.6~217.2.8.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8779.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8779.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8779.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,103 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8779 (nagios) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64708); + script_version ("$"); + script_name("Fedora Core 10 FEDORA-2009-8779 (nagios)"); + + desc = " +The remote host is missing an update to nagios +announced via advisory FEDORA-2009-8779. + +Update Information: + +Upstream released new version +ChangeLog: + +* Mon Aug 17 2009 Mike McGrath - 3.2.0-2 +- s/datarootdir/datadir/ +* Sun Aug 16 2009 Jose Pedro Oliveira - 3.2.0-1 +- Upgrade to 3.2.0 (#517210). +* Fri Jul 24 2009 Jose Pedro Oliveira - 3.1.2-3 +- Corrected the package version in the last two changelog entries (#499853) +- Using configure --datarootdir option instead of --datadir (#499853) +(fixes the physical_html_path value in cgi.cfg) +- Fixes permissions to the new php configuration file config.inc.php (#499853) +- Re-enables the httpd requirement as its removal caused several problems +(see #487411 for more information) + +References: + +[ 1 ] Bug #476635 - nagios: update to version 3.0.6 +https://bugzilla.redhat.com/show_bug.cgi?id=476635 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update nagios' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8779 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 10 FEDORA-2009-8779 (nagios)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"nagios", rpm:"nagios~3.2.0~2.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nagios-devel", rpm:"nagios-devel~3.2.0~2.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nagios-debuginfo", rpm:"nagios-debuginfo~3.2.0~2.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8789.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8789.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8789.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,87 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8789 (kobo) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64710); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8789 (kobo)"); + + desc = " +The remote host is missing an update to kobo +announced via advisory FEDORA-2009-8789. + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update kobo' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8789 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8789 (kobo)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"kobo", rpm:"kobo~0.1.2~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kobo-client", rpm:"kobo-client~0.1.2~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kobo-django", rpm:"kobo-django~0.1.2~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kobo-hub", rpm:"kobo-hub~0.1.2~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kobo-worker", rpm:"kobo-worker~0.1.2~1.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8791.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8791.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8791.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,126 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8791 (pidgin) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64711); + script_cve_id("CVE-2009-2694"); + script_version ("$"); + script_name("Fedora Core 10 FEDORA-2009-8791 (pidgin)"); + + desc = " +The remote host is missing an update to pidgin +announced via advisory FEDORA-2009-8791. + +Update Information: + +pidgin upgrade to 2.6.0 for the CVE-2009-2694, insufficient input validation in +msn_slplink_process_msg() and numerous other bug fixes. Fedora 10 does not +support voice and video with pidgin-2.6.0. Upgrade to Fedora 11 for this +capability. + +ChangeLog: + +* Tue Aug 18 2009 Warren Togami 2.6.0-1 +- CVE-2009-2694 +- Voice and Video support via farsight2 (Fedora 11+) +- Numerous other bug fixes +* Thu Aug 6 2009 Warren Togami 2.6.0-0.11.20090812 +- new snapshot at the request of maiku +* Thu Aug 6 2009 Warren Togami 2.6.0-0.10.20090806 +- new snapshot - theoretically better sound quality in voice chat +* Tue Aug 4 2009 Warren Togami 2.6.0-0.9.20090804 +- new snapshot + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update pidgin' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8791 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 10 FEDORA-2009-8791 (pidgin)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"finch", rpm:"finch~2.6.0~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"finch-devel", rpm:"finch-devel~2.6.0~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple", rpm:"libpurple~2.6.0~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple-devel", rpm:"libpurple-devel~2.6.0~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple-perl", rpm:"libpurple-perl~2.6.0~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple-tcl", rpm:"libpurple-tcl~2.6.0~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin", rpm:"pidgin~2.6.0~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin-devel", rpm:"pidgin-devel~2.6.0~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin-docs", rpm:"pidgin-docs~2.6.0~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin-perl", rpm:"pidgin-perl~2.6.0~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin-debuginfo", rpm:"pidgin-debuginfo~2.6.0~1.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8792.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8792.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8792.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,84 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8792 (afuse) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64712); + script_cve_id("CVE-2008-2232"); + script_version ("$"); + script_name("Fedora Core 10 FEDORA-2009-8792 (afuse)"); + + desc = " +The remote host is missing an update to afuse +announced via advisory FEDORA-2009-8792. + +Update Information: + +Fixes CVE-2008-2232: +http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2232 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update afuse' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8792 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 10 FEDORA-2009-8792 (afuse)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"afuse", rpm:"afuse~0.2~4.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"afuse-debuginfo", rpm:"afuse-debuginfo~0.2~4.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8794.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8794.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8794.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,114 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8794 (neon) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64713); + script_cve_id("CVE-2009-2473"); + script_version ("$"); + script_name("Fedora Core 10 FEDORA-2009-8794 (neon)"); + + desc = " +The remote host is missing an update to neon +announced via advisory FEDORA-2009-8794. + +Update Information: + +This update includes the latest release of neon, version 0.28.6. +This fixes two security issues: + +* the billion laughs attack against expat could allow a Denial + of Service attack by a malicious server. (CVE-2009-2473) +* an embedded NUL byte in a certificate subject name could allow + an undetected MITM attack against an SSL server if a trusted CA + issues such a cert. + +Several bug fixes are also included, notably: + +* X.509v1 CA certificates are trusted by default +* Fix handling of some PKCS#12 certificates + +ChangeLog: + +* Wed Aug 19 2009 Joe Orton 0.28.6-1 +- update to 0.28.6 +* Fri May 29 2009 Joe Orton 0.28.4-1.1 +- trust V1 CA certs by default (#502451) +* Fri Mar 6 2009 Joe Orton 0.28.4-1 +- update to 0.28.4 +* Mon Jan 19 2009 Joe Orton 0.28.3-3 +- use install-p in make install (Robert Scheck, #226189) + +References: + +[ 1 ] Bug #502451 - X509v1 CA certificate is not trusted +https://bugzilla.redhat.com/show_bug.cgi?id=502451 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update neon' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8794 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 10 FEDORA-2009-8794 (neon)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"neon", rpm:"neon~0.28.6~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"neon-devel", rpm:"neon-devel~0.28.6~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"neon-debuginfo", rpm:"neon-debuginfo~0.28.6~1.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8797.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8797.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8797.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,91 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8797 (squirrelmail) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64714); + script_cve_id("CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581", "CVE-2008-2379"); + script_version ("$"); + script_name("Fedora Core 10 FEDORA-2009-8797 (squirrelmail)"); + + desc = " +The remote host is missing an update to squirrelmail +announced via advisory FEDORA-2009-8797. + +Update Information: + +- Implemented page referal verification mechanism. (Secunia Advisory SA34627) +- Implemented security token system. (Secunia Advisory SA34627) + +ChangeLog: + +* Mon Aug 17 2009 Michal Hlavinka - 1.4.19-2 +- fix #517312 - CSRF issues in all forms (SA34627) + +References: + +[ 1 ] Bug #517312 - squirrelmail: CSRF issues in all forms +https://bugzilla.redhat.com/show_bug.cgi?id=517312 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update squirrelmail' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8797 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 10 FEDORA-2009-8797 (squirrelmail)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"squirrelmail", rpm:"squirrelmail~1.4.19~2.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8799.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8799.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8799.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,97 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8799 (ocsinventory) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64715); + script_version ("$"); + script_name("Fedora Core 10 FEDORA-2009-8799 (ocsinventory)"); + + desc = " +The remote host is missing an update to ocsinventory +announced via advisory FEDORA-2009-8799. + +Update Information: + +A security issue has been found in GUI +http://seclists.org/fulldisclosure/2009/Aug/0143.html + +ChangeLog: + +* Mon Aug 17 2009 Remi Collet 1.02.1-3 +- add ChangeLog +- Security Fixes (internal version 5003) Bug #517837 + +References: + +[ 1 ] Bug #517837 - OCS Inventory NG: SQL injection in machine blacklisting +https://bugzilla.redhat.com/show_bug.cgi?id=517837 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update ocsinventory' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8799 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 10 FEDORA-2009-8799 (ocsinventory)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"ocsinventory", rpm:"ocsinventory~1.02.1~3.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ocsinventory-reports", rpm:"ocsinventory-reports~1.02.1~3.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ocsinventory-server", rpm:"ocsinventory-server~1.02.1~3.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8800.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8800.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8800.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,134 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8800 (qt) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64716); + script_cve_id("CVE-2009-1725"); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8800 (qt)"); + + desc = " +The remote host is missing an update to qt +announced via advisory FEDORA-2009-8800. + +Update Information: + +Qt's WebKit code did not properly handle numeric character +references, which could allow remote attackers to cause a +denial of service (memory corruption and application crash) +via a crafted HTML document. + +Also included is: + +* a fix for lib symlinks changing erroneously on upgrades +* a fix for Copy and paste issues +* added support for more x keycodes + +ChangeLog: + +* Tue Aug 18 2009 Than Ngo - 4.5.2-2 +- security fix for CVE-2009-1725 +* Tue Aug 18 2009 Rex Dieter 4.5.2-1.2 +- kde-qt: 287-qmenu-respect-minwidth +- kde-qt: 0288-more-x-keycodes (#475247) +* Wed Aug 5 2009 Rex Dieter 4.5.2-1.1 +- use linker scripts for _debug targets (#510246) +- apply upstream patch to fix issue in Copy and paste +- optimize (icon-mostly) scriptlets +- -x11: Requires(post,postun): /sbin/ldconfig + +References: + +[ 1 ] Bug #513813 - CVE-2009-1725: KHTML: improper handling of numeric character references (ACE, DoS) +https://bugzilla.redhat.com/show_bug.cgi?id=513813 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update qt' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8800 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8800 (qt)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"qt", rpm:"qt~4.5.2~2.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qt-demos", rpm:"qt-demos~4.5.2~2.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qt-devel", rpm:"qt-devel~4.5.2~2.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qt-examples", rpm:"qt-examples~4.5.2~2.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qt-mysql", rpm:"qt-mysql~4.5.2~2.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qt-odbc", rpm:"qt-odbc~4.5.2~2.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qt-postgresql", rpm:"qt-postgresql~4.5.2~2.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qt-x11", rpm:"qt-x11~4.5.2~2.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qt-debuginfo", rpm:"qt-debuginfo~4.5.2~2.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qt-doc", rpm:"qt-doc~4.5.2~2.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8802.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8802.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8802.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,134 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8802 (qt) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64717); + script_cve_id("CVE-2009-1725"); + script_version ("$"); + script_name("Fedora Core 10 FEDORA-2009-8802 (qt)"); + + desc = " +The remote host is missing an update to qt +announced via advisory FEDORA-2009-8802. + +Update Information: + +Qt's WebKit code did not properly handle numeric character +references, which could allow remote attackers to cause a +denial of service (memory corruption and application crash) +via a crafted HTML document. + +Also included is: + +* a fix for lib symlinks changing erroneously on upgrades +* a fix for Copy and paste issues +* added support for more x keycodes + +ChangeLog: + +* Tue Aug 18 2009 Than Ngo - 4.5.2-2 +- security fix for CVE-2009-1725 +* Tue Aug 18 2009 Rex Dieter 4.5.2-1.2 +- kde-qt: 287-qmenu-respect-minwidth +- kde-qt: 0288-more-x-keycodes (#475247) +* Wed Aug 5 2009 Rex Dieter 4.5.2-1.1 +- use linker scripts for _debug targets (#510246) +- apply upstream patch to fix issue in Copy and paste +- optimize (icon-mostly) scriptlets +- -x11: Requires(post,postun): /sbin/ldconfig + +References: + +[ 1 ] Bug #513813 - CVE-2009-1725: KHTML: improper handling of numeric character references (ACE, DoS) +https://bugzilla.redhat.com/show_bug.cgi?id=513813 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update qt' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8802 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 10 FEDORA-2009-8802 (qt)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"qt", rpm:"qt~4.5.2~2.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qt-demos", rpm:"qt-demos~4.5.2~2.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qt-devel", rpm:"qt-devel~4.5.2~2.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qt-examples", rpm:"qt-examples~4.5.2~2.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qt-mysql", rpm:"qt-mysql~4.5.2~2.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qt-odbc", rpm:"qt-odbc~4.5.2~2.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qt-postgresql", rpm:"qt-postgresql~4.5.2~2.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qt-x11", rpm:"qt-x11~4.5.2~2.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qt-debuginfo", rpm:"qt-debuginfo~4.5.2~2.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qt-doc", rpm:"qt-doc~4.5.2~2.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8804.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8804.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8804.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,98 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8804 (gupnp-igd) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64718); + script_cve_id("CVE-2009-2694"); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8804 (gupnp-igd)"); + + desc = " +The remote host is missing an update to gupnp-igd +announced via advisory FEDORA-2009-8804. + +Update Information: + +pidgin upgrade to 2.6.0 for the CVE-2009-2694, insufficient input validation in +msn_slplink_process_msg(). 2.6.0 has Voice and Video support via farsight2 +(Fedora 11+ only) and numerous other bug fixes. + +farsight2, libnice and gupnp-igd are version upgrades to make voice and +video actually work on Fedora 11. + +ChangeLog: + +* Thu Aug 6 2009 Warren Togami - 0.1.3-3 +- Fix macros that were there for no good reason. +* Fri Jul 24 2009 Fedora Release Engineering - 0.1.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update gupnp-igd' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8804 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8804 (gupnp-igd)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"gupnp-igd", rpm:"gupnp-igd~0.1.3~3.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gupnp-igd-devel", rpm:"gupnp-igd-devel~0.1.3~3.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gupnp-igd-debuginfo", rpm:"gupnp-igd-debuginfo~0.1.3~3.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8812.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8812.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8812.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,130 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8812 (httpd) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64741); + script_cve_id("CVE-2009-1891", "CVE-2009-1195", "CVE-2009-1890", "CVE-2009-1191"); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8812 (httpd)"); + + desc = " +The remote host is missing an update to httpd +announced via advisory FEDORA-2009-8812. + +The Apache HTTP Server is a powerful, efficient, and extensible +web server. + +Update Information: + +This update includes the latest release of the Apache HTTP Server, version +2.2.13, fixing several security issues: + +* Fix a potential Denial-of-Service attack against mod_deflate or + other modules, by forcing the server to consume CPU time in compressing + a large file after a client disconnects. (CVE-2009-1891) +* Prevent the Includes Option from being enabled in an + .htaccess file if the AllowOverride restrictions do not permit it. + (CVE-2009-1195) +* Fix a potential Denial-of-Service attack against mod_proxy + in a reverse proxy configuration, where a remote attacker can force a proxy + process to consume CPU time indefinitely. (CVE-2009-1890) +* mod_proxy_ajp: Avoid delivering content from a previous request + which failed to send a request body. (CVE-2009-1191) + +Many bug fixes are also included; see the upstream +changelog for further details: + +http://www.apache.org/dist/httpd/CHANGES_2.2.13 + +ChangeLog: + +* Tue Aug 18 2009 Joe Orton 2.2.13-1 +- update to 2.2.13 + +References: + +[ 1 ] Bug #509375 - CVE-2009-1890 httpd: mod_proxy reverse proxy DoS (infinite loop) +https://bugzilla.redhat.com/show_bug.cgi?id=509375 +[ 2 ] Bug #509125 - CVE-2009-1891 httpd: possible temporary DoS (CPU consumption) in mod_deflate +https://bugzilla.redhat.com/show_bug.cgi?id=509125 +[ 3 ] Bug #489436 - CVE-2009-1195 AllowOverride Options=IncludesNoExec allows Options Includes +https://bugzilla.redhat.com/show_bug.cgi?id=489436 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update httpd' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8812 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8812 (httpd)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"httpd", rpm:"httpd~2.2.13~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"httpd-devel", rpm:"httpd-devel~2.2.13~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"httpd-manual", rpm:"httpd-manual~2.2.13~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"httpd-tools", rpm:"httpd-tools~2.2.13~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mod_ssl", rpm:"mod_ssl~2.2.13~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"httpd-debuginfo", rpm:"httpd-debuginfo~2.2.13~1.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8815.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8815.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8815.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,100 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8815 (neon) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64719); + script_cve_id("CVE-2009-2473"); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8815 (neon)"); + + desc = " +The remote host is missing an update to neon +announced via advisory FEDORA-2009-8815. + +Update Information: + +This update includes the latest release of neon, version 0.28.6. +This fixes two security issues: + +* the billion laughs attack against expat could allow + a Denial of Service attack by a malicious server. (CVE-2009-2473) +* an embedded NUL byte in a certificate subject name could allow an + undetected MITM attack against an SSL server if a trusted CA + issues such a cert. + +ChangeLog: + +* Wed Aug 19 2009 Joe Orton 0.28.6-1 +- update to 0.26.1 +* Thu Jul 9 2009 Joe Orton 0.28.5-1 +- update to 0.28.5 (#502451, #491839) + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update neon' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8815 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8815 (neon)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"neon", rpm:"neon~0.28.6~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"neon-devel", rpm:"neon-devel~0.28.6~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"neon-debuginfo", rpm:"neon-debuginfo~0.28.6~1.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8816.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8816.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8816.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,91 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8816 (afuse) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64720); + script_cve_id("CVE-2008-2232"); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8816 (afuse)"); + + desc = " +The remote host is missing an update to afuse +announced via advisory FEDORA-2009-8816. + +Update Information: + +Fixes CVE-2008-2232: +http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2232 + +ChangeLog: + +* Mon Aug 17 2009 Tom spot Callaway - 0.2-4 +- fix CVS-2008-2232 +* Fri Jul 24 2009 Fedora Release Engineering - 0.2-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update afuse' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8816 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8816 (afuse)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"afuse", rpm:"afuse~0.2~4.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"afuse-debuginfo", rpm:"afuse-debuginfo~0.2~4.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8819.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8819.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8819.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,97 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8819 (ocsinventory) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64721); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8819 (ocsinventory)"); + + desc = " +The remote host is missing an update to ocsinventory +announced via advisory FEDORA-2009-8819. + +Update Information: + +A security issue has been found in GUI +http://seclists.org/fulldisclosure/2009/Aug/0143.html + +ChangeLog: + +* Mon Aug 17 2009 Remi Collet 1.02.1-3 +- add ChangeLog +- Security Fixes (internal version 5003) Bug #517837 + +References: + +[ 1 ] Bug #517837 - OCS Inventory NG: SQL injection in machine blacklisting +https://bugzilla.redhat.com/show_bug.cgi?id=517837 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update ocsinventory' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8819 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8819 (ocsinventory)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"ocsinventory", rpm:"ocsinventory~1.02.1~3.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ocsinventory-reports", rpm:"ocsinventory-reports~1.02.1~3.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ocsinventory-server", rpm:"ocsinventory-server~1.02.1~3.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8822.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8822.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8822.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,90 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8822 (squirrelmail) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64722); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8822 (squirrelmail)"); + + desc = " +The remote host is missing an update to squirrelmail +announced via advisory FEDORA-2009-8822. + +Update Information: + +- Implemented page referal verification mechanism. (Secunia Advisory SA34627) +- Implemented security token system. (Secunia Advisory SA34627) + +ChangeLog: + +* Mon Aug 17 2009 Michal Hlavinka - 1.4.19-2 +- fix #517312 - CSRF issues in all forms (SA34627) + +References: + +[ 1 ] Bug #517312 - squirrelmail: CSRF issues in all forms +https://bugzilla.redhat.com/show_bug.cgi?id=517312 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update squirrelmail' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8822 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8822 (squirrelmail)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"squirrelmail", rpm:"squirrelmail~1.4.19~2.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8826.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8826.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8826.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,126 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8826 (pidgin) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64723); + script_cve_id("CVE-2009-2694"); + script_version ("$"); + script_name("Fedora Core 10 FEDORA-2009-8826 (pidgin)"); + + desc = " +The remote host is missing an update to pidgin +announced via advisory FEDORA-2009-8826. + +Update Information: + +2.6.1 fixes an issue where pidgin can crash if you are sent a certain type of +URL over Yahoo. + +ChangeLog: + +* Wed Aug 19 2009 Warren Togami 2.6.1-1 +- 2.6.1: Fix a crash when some users send you a link in a Yahoo IM +* Tue Aug 18 2009 Warren Togami 2.6.0-1 +- CVE-2009-2694 +- Voice and Video support via farsight2 (Fedora 11+) +- Numerous other bug fixes +* Thu Aug 6 2009 Warren Togami 2.6.0-0.11.20090812 +- new snapshot at the request of maiku +* Thu Aug 6 2009 Warren Togami 2.6.0-0.10.20090806 +- new snapshot - theoretically better sound quality in voice chat +* Tue Aug 4 2009 Warren Togami 2.6.0-0.9.20090804 +- new snapshot + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update pidgin' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8826 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 10 FEDORA-2009-8826 (pidgin)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"finch", rpm:"finch~2.6.1~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"finch-devel", rpm:"finch-devel~2.6.1~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple", rpm:"libpurple~2.6.1~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple-devel", rpm:"libpurple-devel~2.6.1~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple-perl", rpm:"libpurple-perl~2.6.1~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple-tcl", rpm:"libpurple-tcl~2.6.1~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin", rpm:"pidgin~2.6.1~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin-devel", rpm:"pidgin-devel~2.6.1~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin-docs", rpm:"pidgin-docs~2.6.1~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin-perl", rpm:"pidgin-perl~2.6.1~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin-debuginfo", rpm:"pidgin-debuginfo~2.6.1~1.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8868.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8868.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8868.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,97 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8868 (perl-Compress-Raw-Bzip2) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64725); + script_cve_id("CVE-2009-1391", "CVE-2009-1884"); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8868 (perl-Compress-Raw-Bzip2)"); + + desc = " +The remote host is missing an update to perl-Compress-Raw-Bzip2 +announced via advisory FEDORA-2009-8868. + +Update Information: + +Off-by-one error in the bzinflate function in Bzip2.xs in the +Compress-Raw-Bzip2 module before 2.018 for Perl allows +context-dependent attackers to cause a denial of service +(application hang or crash) via a crafted bzip2 compressed +stream that triggers a buffer overflow, a related issue to CVE-2009-1391. + +ChangeLog: + +* Thu Aug 20 2009 Marcela Ma?l??ov? - 2.020-1 +- 518278 CVE-2009-1884, update to the latest release + +References: + +[ 1 ] Bug #518278 - CVE-2009-1884 perl-Compress-Raw-Bzip2: Off-by-one error in the bzinflate function - DoS (crash) +https://bugzilla.redhat.com/show_bug.cgi?id=518278 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update perl-Compress-Raw-Bzip2' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8868 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8868 (perl-Compress-Raw-Bzip2)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"perl-Compress-Raw", rpm:"perl-Compress-Raw~Bzip2~2.020", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"perl-Compress-Raw", rpm:"perl-Compress-Raw~Bzip2~debuginfo", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8874.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8874.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8874.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,126 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8874 (pidgin) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64727); + script_cve_id("CVE-2009-2694"); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8874 (pidgin)"); + + desc = " +The remote host is missing an update to pidgin +announced via advisory FEDORA-2009-8874. + +Update Information: + +2.6.1 fixes an issue where pidgin can crash if you are sent a certain type of +URL over Yahoo. + +ChangeLog: + +* Wed Aug 19 2009 Warren Togami 2.6.1-1 +- 2.6.1: Fix a crash when some users send you a link in a Yahoo IM +* Tue Aug 18 2009 Warren Togami 2.6.0-1 +- CVE-2009-2694 +- Voice and Video support via farsight2 (Fedora 11+) +- Numerous other bug fixes +* Thu Aug 6 2009 Warren Togami 2.6.0-0.11.20090812 +- new snapshot at the request of maiku +* Thu Aug 6 2009 Warren Togami 2.6.0-0.10.20090806 +- new snapshot - theoretically better sound quality in voice chat +* Tue Aug 4 2009 Warren Togami 2.6.0-0.9.20090804 +- new snapshot + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update pidgin' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8874 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8874 (pidgin)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"finch", rpm:"finch~2.6.1~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"finch-devel", rpm:"finch-devel~2.6.1~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple", rpm:"libpurple~2.6.1~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple-devel", rpm:"libpurple-devel~2.6.1~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple-perl", rpm:"libpurple-perl~2.6.1~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple-tcl", rpm:"libpurple-tcl~2.6.1~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin", rpm:"pidgin~2.6.1~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin-devel", rpm:"pidgin-devel~2.6.1~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin-docs", rpm:"pidgin-docs~2.6.1~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin-perl", rpm:"pidgin-perl~2.6.1~1.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin-debuginfo", rpm:"pidgin-debuginfo~2.6.1~1.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8888.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8888.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8888.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,97 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8888 (perl-Compress-Raw-Bzip2) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64728); + script_cve_id("CVE-2009-1391", "CVE-2009-1884"); + script_version ("$"); + script_name("Fedora Core 10 FEDORA-2009-8888 (perl-Compress-Raw-Bzip2)"); + + desc = " +The remote host is missing an update to perl-Compress-Raw-Bzip2 +announced via advisory FEDORA-2009-8888. + +Update Information: + +Off-by-one error in the bzinflate function in Bzip2.xs in the +Compress-Raw-Bzip2 module before 2.018 for Perl allows +context-dependent attackers to cause a denial of service +(application hang or crash) via a crafted bzip2 compressed +stream that triggers a buffer overflow, a related issue to CVE-2009-1391. + +ChangeLog: + +* Thu Aug 20 2009 Marcela Ma?l??ov? - 2.020-1 +- 518278 CVE-2009-1884, update to the latest release + +References: + +[ 1 ] Bug #518278 - CVE-2009-1884 perl-Compress-Raw-Bzip2: Off-by-one error in the bzinflate function - DoS (crash) +https://bugzilla.redhat.com/show_bug.cgi?id=518278 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update perl-Compress-Raw-Bzip2' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8888 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 10 FEDORA-2009-8888 (perl-Compress-Raw-Bzip2)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"perl-Compress-Raw", rpm:"perl-Compress-Raw~Bzip2~2.020", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"perl-Compress-Raw", rpm:"perl-Compress-Raw~Bzip2~debuginfo", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8897.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8897.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8897.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,93 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8897 (ctorrent) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64730); + script_cve_id("CVE-2009-1759"); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-8897 (ctorrent)"); + + desc = " +The remote host is missing an update to ctorrent +announced via advisory FEDORA-2009-8897. + +Update Information: + +Security update, fixes a stack-based buffer overflow (CVE-2009-1759). + +ChangeLog: + +* Fri Aug 21 2009 Dominik 'Rathann' Mierzejewski 1.3.4-10.dnh3.3.2 +- fixed stack-based buffer overflow (CVE-2009-1759, RHBZ #501813) + +References: + +[ 1 ] Bug #501813 - CVE-2009-1759 ctorrent: stack-based buffer overflow vulnerability +https://bugzilla.redhat.com/show_bug.cgi?id=501813 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update ctorrent' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8897 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-8897 (ctorrent)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"ctorrent", rpm:"ctorrent~1.3.4~10.dnh3.3.2.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ctorrent-debuginfo", rpm:"ctorrent-debuginfo~1.3.4~10.dnh3.3.2.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_8969.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_8969.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_8969.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,95 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-8969 (ctorrent) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64732); + script_cve_id("CVE-2009-1759"); + script_version ("$"); + script_name("Fedora Core 10 FEDORA-2009-8969 (ctorrent)"); + + desc = " +The remote host is missing an update to ctorrent +announced via advisory FEDORA-2009-8969. + +Update Information: + +Security update, fixes a stack-based buffer overflow (CVE-2009-1759) + +ChangeLog: + +* Fri Aug 21 2009 Dominik 'Rathann' Mierzejewski 1.3.4-7.dnh3.3.2 +- fixed stack-based buffer overflow (CVE-2009-1759, RHBZ #501813) +- update to 3.3.2 patch +- improve summary: and description + +References: + +[ 1 ] Bug #501813 - CVE-2009-1759 ctorrent: stack-based buffer overflow vulnerability +https://bugzilla.redhat.com/show_bug.cgi?id=501813 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update ctorrent' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8969 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 10 FEDORA-2009-8969 (ctorrent)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"ctorrent", rpm:"ctorrent~1.3.4~7.dnh3.3.2.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ctorrent-debuginfo", rpm:"ctorrent-debuginfo~1.3.4~7.dnh3.3.2.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_9044.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_9044.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_9044.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,174 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-9044 (kernel) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64736); + script_cve_id("CVE-2009-2691", "CVE-2009-2848", "CVE-2009-2849", "CVE-2009-2847", "CVE-2009-2695", "CVE-2009-2767", "CVE-2009-2692", "CVE-2009-1897", "CVE-2009-1895", "CVE-2009-2406", "CVE-2009-2407"); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-9044 (kernel)"); + + desc = " +The remote host is missing an update to kernel +announced via advisory FEDORA-2009-9044. + +Update Information: + +Security fixes: + +- CVE-2009-2691: Information disclosure in proc filesystem +- CVE-2009-2848: execve: must clear current->child_tid +- CVE-2009-2849: md: null pointer dereference +- CVE-2009-2847: Information leak in do_sigaltstack + +Restore missing LIRC drivers, dropped in previous release. +Backport upstream fixes that further improve the security of +mmap of low addresses. (CVE-2009-2695) + +ChangeLog: + +* Thu Sep 24(??!!) 2009 Chuck Ebbert 2.6.29.6-217.2.16 +- Fix CVE-2009-2691: local information disclosure in /proc +* Fri Aug 21 2009 David Woodhouse +- Fix b43 on iMac G5 (#514787) +* Tue Aug 18 2009 Kyle McMartin +- CVE-2009-2848: execve: must clear current->clear_child_tid +- Cherry pick upstream commits 52dec22e739eec8f3a0154f768a599f5489048bd +which improve mmap_min_addr. +- CVE-2009-2849: md: avoid dereferencing null ptr when accessing suspend +sysfs attributes. +- CVE-2009-2847: do_sigaltstack: avoid copying 'stack_t' as a structure +to userspace + +References: + +[ 1 ] Bug #516171 - CVE-2009-2691 kernel: /proc/$pid/maps visible during initial setuid ELF loading +https://bugzilla.redhat.com/show_bug.cgi?id=516171 +[ 2 ] Bug #515423 - CVE-2009-2848 kernel: execve: must clear current->clear_child_tid +https://bugzilla.redhat.com/show_bug.cgi?id=515423 +[ 3 ] Bug #518132 - CVE-2009-2849 kernel: md: NULL pointer deref when accessing suspend_* sysfs attributes +https://bugzilla.redhat.com/show_bug.cgi?id=518132 +[ 4 ] Bug #515392 - CVE-2009-2847 kernel: information leak in sigaltstack +https://bugzilla.redhat.com/show_bug.cgi?id=515392 +[ 5 ] Bug #517830 - CVE-2009-2695 SELinux and mmap_min_addr +https://bugzilla.redhat.com/show_bug.cgi?id=517830 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update kernel' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-9044 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-9044 (kernel)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.29.6~217.2.16.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.29.6~217.2.16.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.29.6~217.2.16.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.6.29.6~217.2.16.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~2.6.29.6~217.2.16.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE", rpm:"kernel-PAE~2.6.29.6~217.2.16.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE-devel", rpm:"kernel-PAE-devel~2.6.29.6~217.2.16.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAEdebug", rpm:"kernel-PAEdebug~2.6.29.6~217.2.16.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAEdebug-devel", rpm:"kernel-PAEdebug-devel~2.6.29.6~217.2.16.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE-debuginfo", rpm:"kernel-PAE-debuginfo~2.6.29.6~217.2.16.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAEdebug-debuginfo", rpm:"kernel-PAEdebug-debuginfo~2.6.29.6~217.2.16.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.29.6~217.2.16.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-firmware", rpm:"kernel-firmware~2.6.29.6~217.2.16.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-bootwrapper", rpm:"kernel-bootwrapper~2.6.29.6~217.2.16.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.6.29.6~217.2.16.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp-devel", rpm:"kernel-smp-devel~2.6.29.6~217.2.16.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp-debuginfo", rpm:"kernel-smp-debuginfo~2.6.29.6~217.2.16.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.29.6~217.2.16.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.29.6~217.2.16.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.29.6~217.2.16.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_9095.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_9095.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_9095.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,95 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-9095 (libmikmod) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64737); + script_cve_id("CVE-2007-6720", "CVE-2009-0179"); + script_version ("$"); + script_name("Fedora Core 10 FEDORA-2009-9095 (libmikmod)"); + + desc = " +The remote host is missing an update to libmikmod +announced via advisory FEDORA-2009-9095. + +ChangeLog: + +* Fri Aug 28 2009 Jindrich Novy 3.2.0-4.beta2 +- fix CVE-2007-6720 (#479829) +- fix CVE-2009-0179 (#479833) + +References: + +[ 1 ] Bug #479833 - CVE-2009-0179 mikmod: crash when loading XM files +https://bugzilla.redhat.com/show_bug.cgi?id=479833 +[ 2 ] Bug #479829 - CVE-2007-6720 mikmod: crash or abort when loading/playing multiple files with different number of channels +https://bugzilla.redhat.com/show_bug.cgi?id=479829 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update libmikmod' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-9095 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 10 FEDORA-2009-9095 (libmikmod)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"libmikmod", rpm:"libmikmod~3.2.0~4.beta2.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libmikmod-devel", rpm:"libmikmod-devel~3.2.0~4.beta2.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libmikmod-debuginfo", rpm:"libmikmod-debuginfo~3.2.0~4.beta2.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_9112.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_9112.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/fcore_2009_9112.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,95 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-9112 (libmikmod) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64738); + script_cve_id("CVE-2007-6720", "CVE-2009-0179"); + script_version ("$"); + script_name("Fedora Core 11 FEDORA-2009-9112 (libmikmod)"); + + desc = " +The remote host is missing an update to libmikmod +announced via advisory FEDORA-2009-9112. + +ChangeLog: + +* Fri Aug 28 2009 Jindrich Novy 3.2.0-5.beta2 +- fix CVE-2007-6720 (#479829) +- fix CVE-2009-0179 (#479833) + +References: + +[ 1 ] Bug #479829 - CVE-2007-6720 mikmod: crash or abort when loading/playing multiple files with different number of channels +https://bugzilla.redhat.com/show_bug.cgi?id=479829 +[ 2 ] Bug #479833 - CVE-2009-0179 mikmod: crash when loading XM files +https://bugzilla.redhat.com/show_bug.cgi?id=479833 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update libmikmod' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-9112 + +Risk factor : High"; + + script_description(desc); + + script_summary("Fedora Core 11 FEDORA-2009-9112 (libmikmod)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Fedora Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"libmikmod", rpm:"libmikmod~3.2.0~5.beta2.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libmikmod-devel", rpm:"libmikmod-devel~3.2.0~5.beta2.fc11", rls:"FC11")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libmikmod-debuginfo", rpm:"libmikmod-debuginfo~3.2.0~5.beta2.fc11", rls:"FC11")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_apache15.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_apache15.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/freebsd_apache15.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,127 @@ +# +#VID e15f2356-9139-11de-8f42-001aa0166822 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from VID e15f2356-9139-11de-8f42-001aa0166822 +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64783); + script_cve_id("CVE-2009-1891", "CVE-2009-1195", "CVE-2009-1890", "CVE-2009-1191", "CVE-2009-0023", "CVE-2009-1955", "CVE-2009-1956"); + script_version ("$"); + script_name("FreeBSD Ports: apache"); + + desc = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: apache + +CVE-2009-1891 +The mod_deflate module in Apache httpd 2.2.11 and earlier compresses +large files until completion even after the associated network +connection is closed, which allows remote attackers to cause a denial +of service (CPU consumption). + +CVE-2009-1195 +The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not +properly handle Options=IncludesNOEXEC in the AllowOverride directive, +which allows local users to gain privileges by configuring (1) Options +Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a +.htaccess file, and then inserting an exec element in a .shtml file. + +CVE-2009-1890 +The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy +module in the Apache HTTP Server before 2.3.3, when a reverse proxy is +configured, does not properly handle an amount of streamed data that +exceeds the Content-Length value, which allows remote attackers to +cause a denial of service (CPU consumption) via crafted requests. + +CVE-2009-1191 +mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server +2.2.11 allows remote attackers to obtain sensitive response data, +intended for a client that sent an earlier POST request with no +request body, via an HTTP request. + +CVE-2009-0023 +The apr_strmatch_precompile function in strmatch/apr_strmatch.c in +Apache APR-util before 1.3.5 allows remote attackers to cause a denial +of service (daemon crash) via crafted input involving (1) a .htaccess +file used with the Apache HTTP Server, (2) the SVNMasterURI directive +in the mod_dav_svn module in the Apache HTTP Server, (3) the +mod_apreq2 module for the Apache HTTP Server, or (4) an application +that uses the libapreq2 library, which triggers a heap-based buffer +underflow. + +CVE-2009-1955 +The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in +Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn +modules in the Apache HTTP Server, allows remote attackers to cause a +denial of service (memory consumption) via a crafted XML document +containing a large number of nested entity references, as demonstrated +by a PROPFIND request, a similar issue to CVE-2003-1564. + +CVE-2009-1956 +Off-by-one error in the apr_brigade_vprintf function in Apache +APR-util before 1.3.5 on big-endian platforms allows remote attackers +to obtain sensitive information or cause a denial of service +(application crash) via crafted input. + +Solution: +Update your system with the appropriate patches or +software upgrades. + + +Risk factor : High"; + + script_description(desc); + + script_summary("FreeBSD Ports: apache"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("FreeBSD Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"apache"); +if(!isnull(bver) && revcomp(a:bver, b:"2.2.0")>0 && revcomp(a:bver, b:"2.2.12")<0) { + security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_gnutls4.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_gnutls4.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/freebsd_gnutls4.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,110 @@ +# +#VID b31a1088-460f-11de-a11a-0022156e8794 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from VID b31a1088-460f-11de-a11a-0022156e8794 +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64785); + script_cve_id("CVE-2009-1415", "CVE-2009-1416", "CVE-2009-1417"); + script_bugtraq_id(34783); + script_version ("$"); + script_name("FreeBSD Ports: gnutls"); + + desc = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + gnutls + gnutls-devel + +CVE-2009-1415 +lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not +properly handle invalid DSA signatures, which allows remote attackers +to cause a denial of service (application crash) and possibly have +unspecified other impact via a malformed DSA key that triggers a (1) +free of an uninitialized pointer or (2) double free. + +CVE-2009-1416 +lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates +RSA keys stored in DSA structures, instead of the intended DSA keys, +which might allow remote attackers to spoof signatures on certificates +or have unspecified other impact by leveraging an invalid DSA key. + +CVE-2009-1417 +gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and +expiration times of X.509 certificates, which allows remote attackers +to successfully present a certificate that is (1) not yet valid or (2) +no longer valid, related to lack of time checks in the +_gnutls_x509_verify_certificate function in lib/x509/verify.c in +libgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3515 +http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3516 +http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3517 +http://www.vuxml.org/freebsd/b31a1088-460f-11de-a11a-0022156e8794.html + +Risk factor : High"; + + script_description(desc); + + script_summary("FreeBSD Ports: gnutls"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("FreeBSD Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"gnutls"); +if(!isnull(bver) && revcomp(a:bver, b:"2.6.6")<0) { + security_note(0, data:"Package gnutls version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"gnutls-devel"); +if(!isnull(bver) && revcomp(a:bver, b:"2.7.8")<0) { + security_note(0, data:"Package gnutls-devel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_gnutls5.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_gnutls5.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/freebsd_gnutls5.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,95 @@ +# +#VID 856a6f84-8b30-11de-8062-00e0815b8da8 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from VID 856a6f84-8b30-11de-8062-00e0815b8da8 +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64786); + script_cve_id("CVE-2009-2730"); + script_version ("$"); + script_name("FreeBSD Ports: gnutls"); + + desc = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + gnutls + gnutls-devel + +CVE-2009-2730 +libgnutls in GnuTLS before 2.8.2 does not properly handle a '\0' +character in a domain name in the subject's (1) Common Name (CN) or +(2) Subject Alternative Name (SAN) field of an X.509 certificate, +which allows man-in-the-middle attackers to spoof arbitrary SSL +servers via a crafted certificate issued by a legitimate Certification +Authority. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://article.gmane.org/gmane.network.gnutls.general/1733 +http://secunia.com/advisories/36266 +http://www.vuxml.org/freebsd/856a6f84-8b30-11de-8062-00e0815b8da8.html + +Risk factor : High"; + + script_description(desc); + + script_summary("FreeBSD Ports: gnutls"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("FreeBSD Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"gnutls"); +if(!isnull(bver) && revcomp(a:bver, b:"2.8.3")<0) { + security_note(0, data:"Package gnutls version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"gnutls-devel"); +if(!isnull(bver) && revcomp(a:bver, b:"0")>0) { + security_note(0, data:"Package gnutls-devel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_memcached.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_memcached.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/freebsd_memcached.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,88 @@ +# +#VID 86ada694-8b30-11de-b9d0-000c6e274733 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from VID 86ada694-8b30-11de-b9d0-000c6e274733 +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64787); + script_cve_id("CVE-2009-1255"); + script_version ("$"); + script_name("FreeBSD Ports: memcached"); + + desc = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: memcached + +CVE-2009-1255 +The process_stat function in (1) Memcached before 1.2.8 and (2) +MemcacheDB 1.2.0 discloses (a) the contents of /proc/self/maps in +response to a stats maps command and (b) memory-allocation statistics +in response to a stats malloc command, which allows remote attackers +to obtain sensitive information such as the locations of memory +regions, and defeat ASLR protection, by sending a command to the +daemon's TCP port. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/34915/ +http://www.vuxml.org/freebsd/86ada694-8b30-11de-b9d0-000c6e274733.html + +Risk factor : High"; + + script_description(desc); + + script_summary("FreeBSD Ports: memcached"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("FreeBSD Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"memcached"); +if(!isnull(bver) && revcomp(a:bver, b:"1.2.8")<0) { + security_note(0, data:"Package memcached version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_pidgin0.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_pidgin0.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/freebsd_pidgin0.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,103 @@ +# +#VID 59e7af2d-8db7-11de-883b-001e3300a30d +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from VID 59e7af2d-8db7-11de-883b-001e3300a30d +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64784); + script_cve_id("CVE-2009-2694"); + script_version ("$"); + script_name("FreeBSD Ports: pidgin, libpurple, finch"); + + desc = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + pidgin + libpurple + finch + +CVE-2009-2694 +The msn_slplink_process_msg function in +libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin +(formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows +remote attackers to execute arbitrary code or cause a denial of +service (memory corruption and application crash) by sending multiple +crafted SLP (aka MSNSLP) messages to trigger an overwrite of an +arbitrary memory location. NOTE: this issue reportedly exists because +of an incomplete fix for CVE-2009-1376. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/36384/ +http://www.pidgin.im/news/security/?id=34 +http://www.vuxml.org/freebsd/59e7af2d-8db7-11de-883b-001e3300a30d.html + +Risk factor : High"; + + script_description(desc); + + script_summary("FreeBSD Ports: pidgin, libpurple, finch"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("FreeBSD Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"pidgin"); +if(!isnull(bver) && revcomp(a:bver, b:"2.5.9")<0) { + security_note(0, data:"Package pidgin version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"libpurple"); +if(!isnull(bver) && revcomp(a:bver, b:"2.5.9")<0) { + security_note(0, data:"Package libpurple version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"finch"); +if(!isnull(bver) && revcomp(a:bver, b:"2.5.9")<0) { + security_note(0, data:"Package finch version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/glsa_200908_05.nasl =================================================================== --- trunk/openvas-plugins/scripts/glsa_200908_05.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/glsa_200908_05.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,82 @@ +# +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from Gentoo's XML based advisory +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + + +if(description) +{ + script_id(64762); + script_cve_id("CVE-2009-2411"); + script_version ("$"); + script_name("Gentoo Security Advisory GLSA 200908-05 (subversion)"); + + desc = " +The remote host is missing updates announced in +advisory GLSA 200908-05. + +Multiple integer overflows, leading to heap-based buffer overflows in the + Subversion client and server might allow remote attackers to execute + arbitrary code. + +Solution: +All Subversion users should upgrade to the latest version: + + # emerge --sync + # emerge --ask --oneshot --verbose =dev-util/subversion-1.6.4 + +http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200908-05 +http://bugs.gentoo.org/show_bug.cgi?id=280494 + +Risk factor : High"; + + script_description(desc); + + script_summary("Gentoo Security Advisory GLSA 200908-05 (subversion)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Gentoo Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/gentoo"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-gentoo.inc"); +vuln = 0; +if(ispkgvuln(pkg:"dev-util/subversion", unaffected: make_list("ge 1.6.4"), vulnerable: make_list("lt 1.6.4"))) { + vuln=1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/glsa_200908_06.nasl =================================================================== --- trunk/openvas-plugins/scripts/glsa_200908_06.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/glsa_200908_06.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,81 @@ +# +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from Gentoo's XML based advisory +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + + +if(description) +{ + script_id(64763); + script_cve_id("CVE-2009-2850"); + script_version ("$"); + script_name("Gentoo Security Advisory GLSA 200908-06 (cdf)"); + + desc = " +The remote host is missing updates announced in +advisory GLSA 200908-06. + +Multiple heap-based buffer overflows in CDF might result in the execution + of arbitrary code. + +Solution: +All CDF users should upgrade to the latest version: + + # emerge --sync + # emerge --ask --oneshot --verbose =sci-libs/cdf-3.3.0 + +http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200908-06 +http://bugs.gentoo.org/show_bug.cgi?id=278679 + +Risk factor : Medium"; + + script_description(desc); + + script_summary("Gentoo Security Advisory GLSA 200908-06 (cdf)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Gentoo Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/gentoo"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-gentoo.inc"); +vuln = 0; +if(ispkgvuln(pkg:"sci-libs/cdf", unaffected: make_list("ge 3.3.0"), vulnerable: make_list("lt 3.3.0"))) { + vuln=1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/glsa_200908_07.nasl =================================================================== --- trunk/openvas-plugins/scripts/glsa_200908_07.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/glsa_200908_07.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,90 @@ +# +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from Gentoo's XML based advisory +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + + +if(description) +{ + script_id(64764); + script_cve_id("CVE-2009-1391", "CVE-2009-1884"); + script_version ("$"); + script_name("Gentoo Security Advisory GLSA 200908-07 (Compress-Raw-Zlib Compress-Raw-Bzip2)"); + + desc = " +The remote host is missing updates announced in +advisory GLSA 200908-07. + +An off-by-one error in Compress::Raw::Zlib and Compress::Raw::Bzip2 might + lead to a Denial of Service. + +Solution: +All Compress::Raw::Zlib users should upgrade to the latest version: + + # emerge --sync + # emerge --ask --oneshot --verbose =perl-core/Compress-Raw-Zlib-2.020 + +All Compress::Raw::Bzip2 users should upgrade to the latest version: + + # emerge --sync + # emerge --ask --oneshot --verbose =perl-core/Compress-Raw-Bzip2-2.020 + +http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200908-07 +http://bugs.gentoo.org/show_bug.cgi?id=273141 +http://bugs.gentoo.org/show_bug.cgi?id=281955 + +Risk factor : Medium"; + + script_description(desc); + + script_summary("Gentoo Security Advisory GLSA 200908-07 (Compress-Raw-Zlib Compress-Raw-Bzip2)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Gentoo Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/gentoo"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-gentoo.inc"); +vuln = 0; +if(ispkgvuln(pkg:"perl-core/Compress-Raw-Zlib", unaffected: make_list("ge 2.020"), vulnerable: make_list("lt 2.020"))) { + vuln=1; +} +if(ispkgvuln(pkg:"perl-core/Compress-Raw-Bzip2", unaffected: make_list("ge 2.020"), vulnerable: make_list("lt 2.020"))) { + vuln=1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/glsa_200908_08.nasl =================================================================== --- trunk/openvas-plugins/scripts/glsa_200908_08.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/glsa_200908_08.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,81 @@ +# +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from Gentoo's XML based advisory +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + + +if(description) +{ + script_id(64765); + script_cve_id("CVE-2009-1892"); + script_version ("$"); + script_name("Gentoo Security Advisory GLSA 200908-08 (dhcp)"); + + desc = " +The remote host is missing updates announced in +advisory GLSA 200908-08. + +dhcpd as included in the ISC DHCP implementation does not properly handle + special conditions, leading to a Denial of Service. + +Solution: +All ISC DHCP users should upgrade to the latest version: + + # emerge --sync + # emerge --ask --oneshot --verbose =net-misc/dhcp-3.1.2_p1 + +http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200908-08 +http://bugs.gentoo.org/show_bug.cgi?id=275231 + +Risk factor : Medium"; + + script_description(desc); + + script_summary("Gentoo Security Advisory GLSA 200908-08 (dhcp)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Gentoo Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/gentoo"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-gentoo.inc"); +vuln = 0; +if(ispkgvuln(pkg:"net-misc/dhcp", unaffected: make_list("ge 3.1.2_p1"), vulnerable: make_list("lt 3.1.2_p1"))) { + vuln=1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/glsa_200908_09.nasl =================================================================== --- trunk/openvas-plugins/scripts/glsa_200908_09.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/glsa_200908_09.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,81 @@ +# +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from Gentoo's XML based advisory +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + + +if(description) +{ + script_id(64766); + script_cve_id("CVE-2009-1960"); + script_version ("$"); + script_name("Gentoo Security Advisory GLSA 200908-09 (dokuwiki)"); + + desc = " +The remote host is missing updates announced in +advisory GLSA 200908-09. + +An input sanitation error in DokuWiki might lead to the dislosure of local + files or even the remote execution of arbitrary code. + +Solution: +All DokuWiki users should upgrade to the latest version: + + # emerge --sync + # emerge --ask --oneshot --verbose =www-apps/dokuwiki-2009-02-14b + +http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200908-09 +http://bugs.gentoo.org/show_bug.cgi?id=272431 + +Risk factor : High"; + + script_description(desc); + + script_summary("Gentoo Security Advisory GLSA 200908-09 (dokuwiki)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Gentoo Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/gentoo"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-gentoo.inc"); +vuln = 0; +if(ispkgvuln(pkg:"www-apps/dokuwiki", unaffected: make_list("ge 20090214b"), vulnerable: make_list("lt 20090214b"))) { + vuln=1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/glsa_200908_10.nasl =================================================================== --- trunk/openvas-plugins/scripts/glsa_200908_10.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/glsa_200908_10.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,81 @@ +# +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from Gentoo's XML based advisory +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + + +if(description) +{ + script_id(64767); + script_cve_id("CVE-2009-2294"); + script_version ("$"); + script_name("Gentoo Security Advisory GLSA 200908-10 (dillo)"); + + desc = " +The remote host is missing updates announced in +advisory GLSA 200908-10. + +An integer overflow in the PNG handling of Dillo might result in the remote + execution of arbitrary code. + +Solution: +All Dillo users should upgrade to the latest version: + + # emerge --sync + # emerge --ask --oneshot --verbose =www-client/dillo-2.1.1 + +http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200908-10 +http://bugs.gentoo.org/show_bug.cgi?id=276432 + +Risk factor : Medium"; + + script_description(desc); + + script_summary("Gentoo Security Advisory GLSA 200908-10 (dillo)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Gentoo Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/gentoo"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-gentoo.inc"); +vuln = 0; +if(ispkgvuln(pkg:"www-client/dillo", unaffected: make_list("ge 2.1.1"), vulnerable: make_list("lt 2.1.1"))) { + vuln=1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_202.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_202.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_202.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,95 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:202 (memcached) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64674); + script_cve_id("CVE-2009-2415"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:202 (memcached)"); + + desc = " +The remote host is missing an update to memcached +announced via advisory MDVSA-2009:202. + +A vulnerability has been found and corrected in memcached: + +Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote +attackers to execute arbitrary code via vectors involving length +attributes that trigger heap-based buffer overflows (CVE-2009-2415). + +This update provides a solution to this vulnerability. Additionally +memcached-1.2.x has been upgraded to 1.2.8 for 2009.0/2009.1 and MES +5 that contains a number of upstream fixes, the repcached patch has +been upgraded to 2.2 as well. + +Affected: 2009.0, 2009.1, Corporate 4.0, Enterprise Server 5.0 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:202 + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:202 (memcached)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"memcached", rpm:"memcached~1.2.8~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"memcached", rpm:"memcached~1.2.8~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"memcached", rpm:"memcached~1.1.12~4.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"memcached", rpm:"memcached~1.2.8~0.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_203.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_203.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_203.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,178 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:203 (curl) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64675); + script_cve_id("CVE-2009-2408", "CVE-2009-2417"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:203 (curl)"); + + desc = " +The remote host is missing an update to curl +announced via advisory MDVSA-2009:203. + +A vulnerability has been found and corrected in curl: + +lib/ssluse.c in cURL and libcurl 7.4 through 7.19.5, when OpenSSL is +used, does not properly handle a '\0' character in a domain name in +the subject's Common Name (CN) field of an X.509 certificate, which +allows man-in-the-middle attackers to spoof arbitrary SSL servers via +a crafted certificate issued by a legitimate Certification Authority, +a related issue to CVE-2009-2408 (CVE-2009-2417). + +This update provides a solution to this vulnerability. + +Affected: 2008.1, 2009.0, Corporate 3.0, Corporate 4.0, + Enterprise Server 5.0, Multi Network Firewall 2.0 + + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:203 + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:203 (curl)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"curl", rpm:"curl~7.18.0~1.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"curl-examples", rpm:"curl-examples~7.18.0~1.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libcurl4", rpm:"libcurl4~7.18.0~1.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libcurl-devel", rpm:"libcurl-devel~7.18.0~1.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64curl4", rpm:"lib64curl4~7.18.0~1.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64curl-devel", rpm:"lib64curl-devel~7.18.0~1.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"curl", rpm:"curl~7.19.0~2.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"curl-examples", rpm:"curl-examples~7.19.0~2.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libcurl4", rpm:"libcurl4~7.19.0~2.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libcurl-devel", rpm:"libcurl-devel~7.19.0~2.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64curl4", rpm:"lib64curl4~7.19.0~2.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64curl-devel", rpm:"lib64curl-devel~7.19.0~2.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"curl", rpm:"curl~7.11.0~2.4.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libcurl2", rpm:"libcurl2~7.11.0~2.4.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libcurl2-devel", rpm:"libcurl2-devel~7.11.0~2.4.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64curl2", rpm:"lib64curl2~7.11.0~2.4.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64curl2-devel", rpm:"lib64curl2-devel~7.11.0~2.4.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"curl", rpm:"curl~7.14.0~2.4.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libcurl3", rpm:"libcurl3~7.14.0~2.4.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libcurl3-devel", rpm:"libcurl3-devel~7.14.0~2.4.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64curl3", rpm:"lib64curl3~7.14.0~2.4.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64curl3-devel", rpm:"lib64curl3-devel~7.14.0~2.4.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"curl", rpm:"curl~7.19.0~2.3mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"curl-examples", rpm:"curl-examples~7.19.0~2.3mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libcurl4", rpm:"libcurl4~7.19.0~2.3mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libcurl-devel", rpm:"libcurl-devel~7.19.0~2.3mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64curl4", rpm:"lib64curl4~7.19.0~2.3mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64curl-devel", rpm:"lib64curl-devel~7.19.0~2.3mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"curl", rpm:"curl~7.11.0~2.4.C30mdk", rls:"MNDK_2.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libcurl2", rpm:"libcurl2~7.11.0~2.4.C30mdk", rls:"MNDK_2.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libcurl2-devel", rpm:"libcurl2-devel~7.11.0~2.4.C30mdk", rls:"MNDK_2.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_204.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_204.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_204.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,356 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:204 (wxgtk) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64676); + script_cve_id("CVE-2009-2369"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:204 (wxgtk)"); + + desc = " +The remote host is missing an update to wxgtk +announced via advisory MDVSA-2009:204. + +A vulnerability has been found and corrected in wxgtk: + +Integer overflow in the wxImage::Create function in +src/common/image.cpp in wxWidgets 2.8.10 allows attackers to cause +a denial of service (crash) and possibly execute arbitrary code via +a crafted JPEG file, which triggers a heap-based buffer overflow. +NOTE: the provenance of this information is unknown; the details are +obtained solely from third party information (CVE-2009-2369). + +This update provides a solution to this vulnerability. + +Affected: 2008.1, 2009.0, 2009.1, Corporate 4.0, Enterprise Server 5.0 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:204 + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:204 (wxgtk)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"libwxgtk2.6", rpm:"libwxgtk2.6~2.6.4~14.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.6-devel", rpm:"libwxgtk2.6-devel~2.6.4~14.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.8", rpm:"libwxgtk2.8~2.8.7~1.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.8-devel", rpm:"libwxgtk2.8-devel~2.8.7~1.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkgl2.6", rpm:"libwxgtkgl2.6~2.6.4~14.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkgl2.8", rpm:"libwxgtkgl2.8~2.8.7~1.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkglu2.6", rpm:"libwxgtkglu2.6~2.6.4~14.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkglu2.8", rpm:"libwxgtkglu2.8~2.8.7~1.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.6", rpm:"libwxgtku2.6~2.6.4~14.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.6-devel", rpm:"libwxgtku2.6-devel~2.6.4~14.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.8", rpm:"libwxgtku2.8~2.8.7~1.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.8-devel", rpm:"libwxgtku2.8-devel~2.8.7~1.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"wxGTK2.6", rpm:"wxGTK2.6~2.6.4~14.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"wxgtk2.8", rpm:"wxgtk2.8~2.8.7~1.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.6", rpm:"lib64wxgtk2.6~2.6.4~14.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.6-devel", rpm:"lib64wxgtk2.6-devel~2.6.4~14.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.8", rpm:"lib64wxgtk2.8~2.8.7~1.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.8-devel", rpm:"lib64wxgtk2.8-devel~2.8.7~1.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkgl2.6", rpm:"lib64wxgtkgl2.6~2.6.4~14.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkgl2.8", rpm:"lib64wxgtkgl2.8~2.8.7~1.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkglu2.6", rpm:"lib64wxgtkglu2.6~2.6.4~14.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkglu2.8", rpm:"lib64wxgtkglu2.8~2.8.7~1.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.6", rpm:"lib64wxgtku2.6~2.6.4~14.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.6-devel", rpm:"lib64wxgtku2.6-devel~2.6.4~14.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.8", rpm:"lib64wxgtku2.8~2.8.7~1.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.8-devel", rpm:"lib64wxgtku2.8-devel~2.8.7~1.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.6", rpm:"libwxgtk2.6~2.6.4~16.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.6-devel", rpm:"libwxgtk2.6-devel~2.6.4~16.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.8", rpm:"libwxgtk2.8~2.8.8~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.8-devel", rpm:"libwxgtk2.8-devel~2.8.8~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkgl2.6", rpm:"libwxgtkgl2.6~2.6.4~16.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkgl2.8", rpm:"libwxgtkgl2.8~2.8.8~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkglu2.6", rpm:"libwxgtkglu2.6~2.6.4~16.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkglu2.8", rpm:"libwxgtkglu2.8~2.8.8~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.6", rpm:"libwxgtku2.6~2.6.4~16.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.6-devel", rpm:"libwxgtku2.6-devel~2.6.4~16.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.8", rpm:"libwxgtku2.8~2.8.8~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.8-devel", rpm:"libwxgtku2.8-devel~2.8.8~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"wxGTK2.6", rpm:"wxGTK2.6~2.6.4~16.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"wxgtk2.8", rpm:"wxgtk2.8~2.8.8~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.6", rpm:"lib64wxgtk2.6~2.6.4~16.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.6-devel", rpm:"lib64wxgtk2.6-devel~2.6.4~16.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.8", rpm:"lib64wxgtk2.8~2.8.8~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.8-devel", rpm:"lib64wxgtk2.8-devel~2.8.8~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkgl2.6", rpm:"lib64wxgtkgl2.6~2.6.4~16.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkgl2.8", rpm:"lib64wxgtkgl2.8~2.8.8~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkglu2.6", rpm:"lib64wxgtkglu2.6~2.6.4~16.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkglu2.8", rpm:"lib64wxgtkglu2.8~2.8.8~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.6", rpm:"lib64wxgtku2.6~2.6.4~16.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.6-devel", rpm:"lib64wxgtku2.6-devel~2.6.4~16.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.8", rpm:"lib64wxgtku2.8~2.8.8~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.8-devel", rpm:"lib64wxgtku2.8-devel~2.8.8~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.8", rpm:"libwxgtk2.8~2.8.9~3.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.8-devel", rpm:"libwxgtk2.8-devel~2.8.9~3.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkgl2.8", rpm:"libwxgtkgl2.8~2.8.9~3.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkglu2.8", rpm:"libwxgtkglu2.8~2.8.9~3.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.8", rpm:"libwxgtku2.8~2.8.9~3.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.8-devel", rpm:"libwxgtku2.8-devel~2.8.9~3.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"wxgtk2.8", rpm:"wxgtk2.8~2.8.9~3.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.8", rpm:"lib64wxgtk2.8~2.8.9~3.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.8-devel", rpm:"lib64wxgtk2.8-devel~2.8.9~3.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkgl2.8", rpm:"lib64wxgtkgl2.8~2.8.9~3.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkglu2.8", rpm:"lib64wxgtkglu2.8~2.8.9~3.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.8", rpm:"lib64wxgtku2.8~2.8.9~3.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.8-devel", rpm:"lib64wxgtku2.8-devel~2.8.9~3.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.6", rpm:"libwxgtk2.6~2.6.1~1.1.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.6-devel", rpm:"libwxgtk2.6-devel~2.6.1~1.1.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkgl2.6", rpm:"libwxgtkgl2.6~2.6.1~1.1.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkglu2.6", rpm:"libwxgtkglu2.6~2.6.1~1.1.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.6", rpm:"libwxgtku2.6~2.6.1~1.1.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.6-devel", rpm:"libwxgtku2.6-devel~2.6.1~1.1.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"wxGTK2.6", rpm:"wxGTK2.6~2.6.1~1.1.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.6", rpm:"lib64wxgtk2.6~2.6.1~1.1.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.6-devel", rpm:"lib64wxgtk2.6-devel~2.6.1~1.1.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkgl2.6", rpm:"lib64wxgtkgl2.6~2.6.1~1.1.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkglu2.6", rpm:"lib64wxgtkglu2.6~2.6.1~1.1.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.6", rpm:"lib64wxgtku2.6~2.6.1~1.1.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.6-devel", rpm:"lib64wxgtku2.6-devel~2.6.1~1.1.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.8", rpm:"libwxgtk2.8~2.8.8~1.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.8-devel", rpm:"libwxgtk2.8-devel~2.8.8~1.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkgl2.8", rpm:"libwxgtkgl2.8~2.8.8~1.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkglu2.8", rpm:"libwxgtkglu2.8~2.8.8~1.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.8", rpm:"libwxgtku2.8~2.8.8~1.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.8-devel", rpm:"libwxgtku2.8-devel~2.8.8~1.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"wxgtk2.8", rpm:"wxgtk2.8~2.8.8~1.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.8", rpm:"lib64wxgtk2.8~2.8.8~1.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.8-devel", rpm:"lib64wxgtk2.8-devel~2.8.8~1.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkgl2.8", rpm:"lib64wxgtkgl2.8~2.8.8~1.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkglu2.8", rpm:"lib64wxgtkglu2.8~2.8.8~1.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.8", rpm:"lib64wxgtku2.8~2.8.8~1.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.8-devel", rpm:"lib64wxgtku2.8-devel~2.8.8~1.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_205.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_205.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_205.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,1472 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:205 (kernel) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64677); + script_cve_id("CVE-2009-2692"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:205 (kernel)"); + + desc = " +The remote host is missing an update to kernel +announced via advisory MDVSA-2009:205. + +A vulnerability was discovered and corrected in the Linux 2.6 kernel: + +The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, +does not initialize all function pointers for socket operations +in proto_ops structures, which allows local users to trigger a NULL +pointer dereference and gain privileges by using mmap to map page zero, +placing arbitrary code on this page, and then invoking an unavailable +operation, as demonstrated by the sendpage operation on a PF_PPPOX +socket. (CVE-2009-2692) + +To update your kernel, please follow the directions located at: + +http://www.mandriva.com/en/security/kernelupdate + +Affected: 2009.0, 2009.1, Enterprise Server 5.0 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:205 + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:205 (kernel)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"alsa_raoppcm-kernel-2.6.27.24-desktop-2mnb", rpm:"alsa_raoppcm-kernel-2.6.27.24-desktop-2mnb~0.5.1~2mdv2008.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"alsa_raoppcm-kernel-2.6.27.24-desktop586-2mnb", rpm:"alsa_raoppcm-kernel-2.6.27.24-desktop586-2mnb~0.5.1~2mdv2008.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"alsa_raoppcm-kernel-2.6.27.24-server-2mnb", rpm:"alsa_raoppcm-kernel-2.6.27.24-server-2mnb~0.5.1~2mdv2008.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"alsa_raoppcm-kernel-desktop586-latest", rpm:"alsa_raoppcm-kernel-desktop586-latest~0.5.1~1.20090817.2mdv2008.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"alsa_raoppcm-kernel-desktop-latest", rpm:"alsa_raoppcm-kernel-desktop-latest~0.5.1~1.20090817.2mdv2008.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"alsa_raoppcm-kernel-server-latest", rpm:"alsa_raoppcm-kernel-server-latest~0.5.1~1.20090817.2mdv2008.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"drm-experimental-kernel-2.6.27.24-desktop-2mnb", rpm:"drm-experimental-kernel-2.6.27.24-desktop-2mnb~2.3.0~2.20080912.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"drm-experimental-kernel-2.6.27.24-desktop586-2mnb", rpm:"drm-experimental-kernel-2.6.27.24-desktop586-2mnb~2.3.0~2.20080912.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"drm-experimental-kernel-2.6.27.24-server-2mnb", rpm:"drm-experimental-kernel-2.6.27.24-server-2mnb~2.3.0~2.20080912.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"drm-experimental-kernel-desktop586-latest", rpm:"drm-experimental-kernel-desktop586-latest~2.3.0~1.20090817.2.20080912.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"drm-experimental-kernel-desktop-latest", rpm:"drm-experimental-kernel-desktop-latest~2.3.0~1.20090817.2.20080912.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"drm-experimental-kernel-server-latest", rpm:"drm-experimental-kernel-server-latest~2.3.0~1.20090817.2.20080912.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"et131x-kernel-2.6.27.24-desktop-2mnb", rpm:"et131x-kernel-2.6.27.24-desktop-2mnb~1.2.3~7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"et131x-kernel-2.6.27.24-desktop586-2mnb", rpm:"et131x-kernel-2.6.27.24-desktop586-2mnb~1.2.3~7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"et131x-kernel-2.6.27.24-server-2mnb", rpm:"et131x-kernel-2.6.27.24-server-2mnb~1.2.3~7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"et131x-kernel-desktop586-latest", rpm:"et131x-kernel-desktop586-latest~1.2.3~1.20090817.7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"et131x-kernel-desktop-latest", rpm:"et131x-kernel-desktop-latest~1.2.3~1.20090817.7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"et131x-kernel-server-latest", rpm:"et131x-kernel-server-latest~1.2.3~1.20090817.7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fcpci-kernel-2.6.27.24-desktop-2mnb", rpm:"fcpci-kernel-2.6.27.24-desktop-2mnb~3.11.07~7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fcpci-kernel-2.6.27.24-desktop586-2mnb", rpm:"fcpci-kernel-2.6.27.24-desktop586-2mnb~3.11.07~7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fcpci-kernel-2.6.27.24-server-2mnb", rpm:"fcpci-kernel-2.6.27.24-server-2mnb~3.11.07~7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fcpci-kernel-desktop586-latest", rpm:"fcpci-kernel-desktop586-latest~3.11.07~1.20090817.7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fcpci-kernel-desktop-latest", rpm:"fcpci-kernel-desktop-latest~3.11.07~1.20090817.7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fcpci-kernel-server-latest", rpm:"fcpci-kernel-server-latest~3.11.07~1.20090817.7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fglrx-kernel-2.6.27.24-desktop-2mnb", rpm:"fglrx-kernel-2.6.27.24-desktop-2mnb~8.522~3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fglrx-kernel-2.6.27.24-desktop586-2mnb", rpm:"fglrx-kernel-2.6.27.24-desktop586-2mnb~8.522~3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fglrx-kernel-2.6.27.24-server-2mnb", rpm:"fglrx-kernel-2.6.27.24-server-2mnb~8.522~3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fglrx-kernel-desktop586-latest", rpm:"fglrx-kernel-desktop586-latest~8.522~1.20090817.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fglrx-kernel-desktop-latest", rpm:"fglrx-kernel-desktop-latest~8.522~1.20090817.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fglrx-kernel-server-latest", rpm:"fglrx-kernel-server-latest~8.522~1.20090817.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnbd-kernel-2.6.27.24-desktop-2mnb", rpm:"gnbd-kernel-2.6.27.24-desktop-2mnb~2.03.07~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnbd-kernel-2.6.27.24-desktop586-2mnb", rpm:"gnbd-kernel-2.6.27.24-desktop586-2mnb~2.03.07~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnbd-kernel-2.6.27.24-server-2mnb", rpm:"gnbd-kernel-2.6.27.24-server-2mnb~2.03.07~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnbd-kernel-desktop586-latest", rpm:"gnbd-kernel-desktop586-latest~2.03.07~1.20090817.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnbd-kernel-desktop-latest", rpm:"gnbd-kernel-desktop-latest~2.03.07~1.20090817.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnbd-kernel-server-latest", rpm:"gnbd-kernel-server-latest~2.03.07~1.20090817.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hcfpcimodem-kernel-2.6.27.24-desktop-2mnb", rpm:"hcfpcimodem-kernel-2.6.27.24-desktop-2mnb~1.17~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hcfpcimodem-kernel-2.6.27.24-desktop586-2mnb", rpm:"hcfpcimodem-kernel-2.6.27.24-desktop586-2mnb~1.17~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hcfpcimodem-kernel-2.6.27.24-server-2mnb", rpm:"hcfpcimodem-kernel-2.6.27.24-server-2mnb~1.17~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hcfpcimodem-kernel-desktop586-latest", rpm:"hcfpcimodem-kernel-desktop586-latest~1.17~1.20090817.1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hcfpcimodem-kernel-desktop-latest", rpm:"hcfpcimodem-kernel-desktop-latest~1.17~1.20090817.1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hcfpcimodem-kernel-server-latest", rpm:"hcfpcimodem-kernel-server-latest~1.17~1.20090817.1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hsfmodem-kernel-2.6.27.24-desktop-2mnb", rpm:"hsfmodem-kernel-2.6.27.24-desktop-2mnb~7.68.00.13~1.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hsfmodem-kernel-2.6.27.24-desktop586-2mnb", rpm:"hsfmodem-kernel-2.6.27.24-desktop586-2mnb~7.68.00.13~1.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hsfmodem-kernel-2.6.27.24-server-2mnb", rpm:"hsfmodem-kernel-2.6.27.24-server-2mnb~7.68.00.13~1.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hsfmodem-kernel-desktop586-latest", rpm:"hsfmodem-kernel-desktop586-latest~7.68.00.13~1.20090817.1.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hsfmodem-kernel-desktop-latest", rpm:"hsfmodem-kernel-desktop-latest~7.68.00.13~1.20090817.1.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hsfmodem-kernel-server-latest", rpm:"hsfmodem-kernel-server-latest~7.68.00.13~1.20090817.1.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hso-kernel-2.6.27.24-desktop-2mnb", rpm:"hso-kernel-2.6.27.24-desktop-2mnb~1.2~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hso-kernel-2.6.27.24-desktop586-2mnb", rpm:"hso-kernel-2.6.27.24-desktop586-2mnb~1.2~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hso-kernel-2.6.27.24-server-2mnb", rpm:"hso-kernel-2.6.27.24-server-2mnb~1.2~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hso-kernel-desktop586-latest", rpm:"hso-kernel-desktop586-latest~1.2~1.20090817.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hso-kernel-desktop-latest", rpm:"hso-kernel-desktop-latest~1.2~1.20090817.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hso-kernel-server-latest", rpm:"hso-kernel-server-latest~1.2~1.20090817.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"iscsitarget-kernel-2.6.27.24-desktop-2mnb", rpm:"iscsitarget-kernel-2.6.27.24-desktop-2mnb~0.4.16~4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"iscsitarget-kernel-2.6.27.24-desktop586-2mnb", rpm:"iscsitarget-kernel-2.6.27.24-desktop586-2mnb~0.4.16~4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"iscsitarget-kernel-2.6.27.24-server-2mnb", rpm:"iscsitarget-kernel-2.6.27.24-server-2mnb~0.4.16~4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"iscsitarget-kernel-desktop586-latest", rpm:"iscsitarget-kernel-desktop586-latest~0.4.16~1.20090817.4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"iscsitarget-kernel-desktop-latest", rpm:"iscsitarget-kernel-desktop-latest~0.4.16~1.20090817.4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"iscsitarget-kernel-server-latest", rpm:"iscsitarget-kernel-server-latest~0.4.16~1.20090817.4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-2.6.27.24-2mnb", rpm:"kernel-2.6.27.24-2mnb~1~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop-2.6.27.24-2mnb", rpm:"kernel-desktop-2.6.27.24-2mnb~1~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop586-2.6.27.24-2mnb", rpm:"kernel-desktop586-2.6.27.24-2mnb~1~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop586-devel-2.6.27.24-2mnb", rpm:"kernel-desktop586-devel-2.6.27.24-2mnb~1~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop586-devel-latest", rpm:"kernel-desktop586-devel-latest~2.6.27.24~2mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop586-latest", rpm:"kernel-desktop586-latest~2.6.27.24~2mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop-devel-2.6.27.24-2mnb", rpm:"kernel-desktop-devel-2.6.27.24-2mnb~1~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop-devel-latest", rpm:"kernel-desktop-devel-latest~2.6.27.24~2mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop-latest", rpm:"kernel-desktop-latest~2.6.27.24~2mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.27.24~2mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-server-2.6.27.24-2mnb", rpm:"kernel-server-2.6.27.24-2mnb~1~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-server-devel-2.6.27.24-2mnb", rpm:"kernel-server-devel-2.6.27.24-2mnb~1~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-server-devel-latest", rpm:"kernel-server-devel-latest~2.6.27.24~2mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-server-latest", rpm:"kernel-server-latest~2.6.27.24~2mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-source-2.6.27.24-2mnb", rpm:"kernel-source-2.6.27.24-2mnb~1~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-source-latest", rpm:"kernel-source-latest~2.6.27.24~2mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kernel-2.6.27.24-desktop-2mnb", rpm:"kqemu-kernel-2.6.27.24-desktop-2mnb~1.4.0pre1~0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kernel-2.6.27.24-desktop586-2mnb", rpm:"kqemu-kernel-2.6.27.24-desktop586-2mnb~1.4.0pre1~0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kernel-2.6.27.24-server-2mnb", rpm:"kqemu-kernel-2.6.27.24-server-2mnb~1.4.0pre1~0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kernel-desktop586-latest", rpm:"kqemu-kernel-desktop586-latest~1.4.0pre1~1.20090817.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kernel-desktop-latest", rpm:"kqemu-kernel-desktop-latest~1.4.0pre1~1.20090817.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kernel-server-latest", rpm:"kqemu-kernel-server-latest~1.4.0pre1~1.20090817.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lirc-kernel-2.6.27.24-desktop-2mnb", rpm:"lirc-kernel-2.6.27.24-desktop-2mnb~0.8.3~4.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lirc-kernel-2.6.27.24-desktop586-2mnb", rpm:"lirc-kernel-2.6.27.24-desktop586-2mnb~0.8.3~4.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lirc-kernel-2.6.27.24-server-2mnb", rpm:"lirc-kernel-2.6.27.24-server-2mnb~0.8.3~4.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lirc-kernel-desktop586-latest", rpm:"lirc-kernel-desktop586-latest~0.8.3~1.20090817.4.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lirc-kernel-desktop-latest", rpm:"lirc-kernel-desktop-latest~0.8.3~1.20090817.4.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lirc-kernel-server-latest", rpm:"lirc-kernel-server-latest~0.8.3~1.20090817.4.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lzma-kernel-2.6.27.24-desktop-2mnb", rpm:"lzma-kernel-2.6.27.24-desktop-2mnb~4.43~24mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lzma-kernel-2.6.27.24-desktop586-2mnb", rpm:"lzma-kernel-2.6.27.24-desktop586-2mnb~4.43~24mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lzma-kernel-2.6.27.24-server-2mnb", rpm:"lzma-kernel-2.6.27.24-server-2mnb~4.43~24mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lzma-kernel-desktop586-latest", rpm:"lzma-kernel-desktop586-latest~4.43~1.20090817.24mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lzma-kernel-desktop-latest", rpm:"lzma-kernel-desktop-latest~4.43~1.20090817.24mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lzma-kernel-server-latest", rpm:"lzma-kernel-server-latest~4.43~1.20090817.24mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"madwifi-kernel-2.6.27.24-desktop-2mnb", rpm:"madwifi-kernel-2.6.27.24-desktop-2mnb~0.9.4~3.r3835mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"madwifi-kernel-2.6.27.24-desktop586-2mnb", rpm:"madwifi-kernel-2.6.27.24-desktop586-2mnb~0.9.4~3.r3835mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"madwifi-kernel-2.6.27.24-server-2mnb", rpm:"madwifi-kernel-2.6.27.24-server-2mnb~0.9.4~3.r3835mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"madwifi-kernel-desktop586-latest", rpm:"madwifi-kernel-desktop586-latest~0.9.4~1.20090817.3.r3835mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"madwifi-kernel-desktop-latest", rpm:"madwifi-kernel-desktop-latest~0.9.4~1.20090817.3.r3835mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"madwifi-kernel-server-latest", rpm:"madwifi-kernel-server-latest~0.9.4~1.20090817.3.r3835mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia173-kernel-2.6.27.24-desktop-2mnb", rpm:"nvidia173-kernel-2.6.27.24-desktop-2mnb~173.14.12~4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia173-kernel-2.6.27.24-desktop586-2mnb", rpm:"nvidia173-kernel-2.6.27.24-desktop586-2mnb~173.14.12~4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia173-kernel-desktop586-latest", rpm:"nvidia173-kernel-desktop586-latest~173.14.12~1.20090817.4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia173-kernel-desktop-latest", rpm:"nvidia173-kernel-desktop-latest~173.14.12~1.20090817.4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia71xx-kernel-2.6.27.24-desktop-2mnb", rpm:"nvidia71xx-kernel-2.6.27.24-desktop-2mnb~71.86.06~5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia71xx-kernel-2.6.27.24-desktop586-2mnb", rpm:"nvidia71xx-kernel-2.6.27.24-desktop586-2mnb~71.86.06~5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia71xx-kernel-2.6.27.24-server-2mnb", rpm:"nvidia71xx-kernel-2.6.27.24-server-2mnb~71.86.06~5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia71xx-kernel-desktop586-latest", rpm:"nvidia71xx-kernel-desktop586-latest~71.86.06~1.20090817.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia71xx-kernel-desktop-latest", rpm:"nvidia71xx-kernel-desktop-latest~71.86.06~1.20090817.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia71xx-kernel-server-latest", rpm:"nvidia71xx-kernel-server-latest~71.86.06~1.20090817.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia96xx-kernel-2.6.27.24-desktop-2mnb", rpm:"nvidia96xx-kernel-2.6.27.24-desktop-2mnb~96.43.07~5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia96xx-kernel-2.6.27.24-desktop586-2mnb", rpm:"nvidia96xx-kernel-2.6.27.24-desktop586-2mnb~96.43.07~5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia96xx-kernel-2.6.27.24-server-2mnb", rpm:"nvidia96xx-kernel-2.6.27.24-server-2mnb~96.43.07~5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia96xx-kernel-desktop586-latest", rpm:"nvidia96xx-kernel-desktop586-latest~96.43.07~1.20090817.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia96xx-kernel-desktop-latest", rpm:"nvidia96xx-kernel-desktop-latest~96.43.07~1.20090817.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia96xx-kernel-server-latest", rpm:"nvidia96xx-kernel-server-latest~96.43.07~1.20090817.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia-current-kernel-2.6.27.24-desktop-2mnb", rpm:"nvidia-current-kernel-2.6.27.24-desktop-2mnb~177.70~2.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia-current-kernel-2.6.27.24-desktop586-2mnb", rpm:"nvidia-current-kernel-2.6.27.24-desktop586-2mnb~177.70~2.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia-current-kernel-2.6.27.24-server-2mnb", rpm:"nvidia-current-kernel-2.6.27.24-server-2mnb~177.70~2.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia-current-kernel-desktop586-latest", rpm:"nvidia-current-kernel-desktop586-latest~177.70~1.20090817.2.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia-current-kernel-desktop-latest", rpm:"nvidia-current-kernel-desktop-latest~177.70~1.20090817.2.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia-current-kernel-server-latest", rpm:"nvidia-current-kernel-server-latest~177.70~1.20090817.2.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omfs-kernel-2.6.27.24-desktop-2mnb", rpm:"omfs-kernel-2.6.27.24-desktop-2mnb~0.8.0~1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omfs-kernel-2.6.27.24-desktop586-2mnb", rpm:"omfs-kernel-2.6.27.24-desktop586-2mnb~0.8.0~1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omfs-kernel-2.6.27.24-server-2mnb", rpm:"omfs-kernel-2.6.27.24-server-2mnb~0.8.0~1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omfs-kernel-desktop586-latest", rpm:"omfs-kernel-desktop586-latest~0.8.0~1.20090817.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omfs-kernel-desktop-latest", rpm:"omfs-kernel-desktop-latest~0.8.0~1.20090817.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omfs-kernel-server-latest", rpm:"omfs-kernel-server-latest~0.8.0~1.20090817.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omnibook-kernel-2.6.27.24-desktop-2mnb", rpm:"omnibook-kernel-2.6.27.24-desktop-2mnb~20080513~0.274.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omnibook-kernel-2.6.27.24-desktop586-2mnb", rpm:"omnibook-kernel-2.6.27.24-desktop586-2mnb~20080513~0.274.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omnibook-kernel-2.6.27.24-server-2mnb", rpm:"omnibook-kernel-2.6.27.24-server-2mnb~20080513~0.274.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omnibook-kernel-desktop586-latest", rpm:"omnibook-kernel-desktop586-latest~20080513~1.20090817.0.274.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omnibook-kernel-desktop-latest", rpm:"omnibook-kernel-desktop-latest~20080513~1.20090817.0.274.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omnibook-kernel-server-latest", rpm:"omnibook-kernel-server-latest~20080513~1.20090817.0.274.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"opencbm-kernel-2.6.27.24-desktop-2mnb", rpm:"opencbm-kernel-2.6.27.24-desktop-2mnb~0.4.2a~1mdv2008.1", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"opencbm-kernel-2.6.27.24-desktop586-2mnb", rpm:"opencbm-kernel-2.6.27.24-desktop586-2mnb~0.4.2a~1mdv2008.1", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"opencbm-kernel-2.6.27.24-server-2mnb", rpm:"opencbm-kernel-2.6.27.24-server-2mnb~0.4.2a~1mdv2008.1", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"opencbm-kernel-desktop586-latest", rpm:"opencbm-kernel-desktop586-latest~0.4.2a~1.20090817.1mdv2008.1", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"opencbm-kernel-desktop-latest", rpm:"opencbm-kernel-desktop-latest~0.4.2a~1.20090817.1mdv2008.1", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"opencbm-kernel-server-latest", rpm:"opencbm-kernel-server-latest~0.4.2a~1.20090817.1mdv2008.1", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ov51x-jpeg-kernel-2.6.27.24-desktop-2mnb", rpm:"ov51x-jpeg-kernel-2.6.27.24-desktop-2mnb~1.5.9~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ov51x-jpeg-kernel-2.6.27.24-desktop586-2mnb", rpm:"ov51x-jpeg-kernel-2.6.27.24-desktop586-2mnb~1.5.9~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ov51x-jpeg-kernel-2.6.27.24-server-2mnb", rpm:"ov51x-jpeg-kernel-2.6.27.24-server-2mnb~1.5.9~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ov51x-jpeg-kernel-desktop586-latest", rpm:"ov51x-jpeg-kernel-desktop586-latest~1.5.9~1.20090817.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ov51x-jpeg-kernel-desktop-latest", rpm:"ov51x-jpeg-kernel-desktop-latest~1.5.9~1.20090817.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ov51x-jpeg-kernel-server-latest", rpm:"ov51x-jpeg-kernel-server-latest~1.5.9~1.20090817.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qc-usb-kernel-2.6.27.24-desktop-2mnb", rpm:"qc-usb-kernel-2.6.27.24-desktop-2mnb~0.6.6~6mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qc-usb-kernel-2.6.27.24-desktop586-2mnb", rpm:"qc-usb-kernel-2.6.27.24-desktop586-2mnb~0.6.6~6mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qc-usb-kernel-2.6.27.24-server-2mnb", rpm:"qc-usb-kernel-2.6.27.24-server-2mnb~0.6.6~6mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qc-usb-kernel-desktop586-latest", rpm:"qc-usb-kernel-desktop586-latest~0.6.6~1.20090817.6mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qc-usb-kernel-desktop-latest", rpm:"qc-usb-kernel-desktop-latest~0.6.6~1.20090817.6mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qc-usb-kernel-server-latest", rpm:"qc-usb-kernel-server-latest~0.6.6~1.20090817.6mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2860-kernel-2.6.27.24-desktop-2mnb", rpm:"rt2860-kernel-2.6.27.24-desktop-2mnb~1.7.0.0~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2860-kernel-2.6.27.24-desktop586-2mnb", rpm:"rt2860-kernel-2.6.27.24-desktop586-2mnb~1.7.0.0~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2860-kernel-2.6.27.24-server-2mnb", rpm:"rt2860-kernel-2.6.27.24-server-2mnb~1.7.0.0~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2860-kernel-desktop586-latest", rpm:"rt2860-kernel-desktop586-latest~1.7.0.0~1.20090817.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2860-kernel-desktop-latest", rpm:"rt2860-kernel-desktop-latest~1.7.0.0~1.20090817.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2860-kernel-server-latest", rpm:"rt2860-kernel-server-latest~1.7.0.0~1.20090817.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2870-kernel-2.6.27.24-desktop-2mnb", rpm:"rt2870-kernel-2.6.27.24-desktop-2mnb~1.3.1.0~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2870-kernel-2.6.27.24-desktop586-2mnb", rpm:"rt2870-kernel-2.6.27.24-desktop586-2mnb~1.3.1.0~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2870-kernel-2.6.27.24-server-2mnb", rpm:"rt2870-kernel-2.6.27.24-server-2mnb~1.3.1.0~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2870-kernel-desktop586-latest", rpm:"rt2870-kernel-desktop586-latest~1.3.1.0~1.20090817.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2870-kernel-desktop-latest", rpm:"rt2870-kernel-desktop-latest~1.3.1.0~1.20090817.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2870-kernel-server-latest", rpm:"rt2870-kernel-server-latest~1.3.1.0~1.20090817.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rtl8187se-kernel-2.6.27.24-desktop-2mnb", rpm:"rtl8187se-kernel-2.6.27.24-desktop-2mnb~1016.20080716~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rtl8187se-kernel-2.6.27.24-desktop586-2mnb", rpm:"rtl8187se-kernel-2.6.27.24-desktop586-2mnb~1016.20080716~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rtl8187se-kernel-2.6.27.24-server-2mnb", rpm:"rtl8187se-kernel-2.6.27.24-server-2mnb~1016.20080716~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rtl8187se-kernel-desktop586-latest", rpm:"rtl8187se-kernel-desktop586-latest~1016.20080716~1.20090817.1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rtl8187se-kernel-desktop-latest", rpm:"rtl8187se-kernel-desktop-latest~1016.20080716~1.20090817.1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rtl8187se-kernel-server-latest", rpm:"rtl8187se-kernel-server-latest~1016.20080716~1.20090817.1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"slmodem-kernel-2.6.27.24-desktop-2mnb", rpm:"slmodem-kernel-2.6.27.24-desktop-2mnb~2.9.11~0.20080817.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"slmodem-kernel-2.6.27.24-desktop586-2mnb", rpm:"slmodem-kernel-2.6.27.24-desktop586-2mnb~2.9.11~0.20080817.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"slmodem-kernel-2.6.27.24-server-2mnb", rpm:"slmodem-kernel-2.6.27.24-server-2mnb~2.9.11~0.20080817.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"slmodem-kernel-desktop586-latest", rpm:"slmodem-kernel-desktop586-latest~2.9.11~1.20090817.0.20080817.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"slmodem-kernel-desktop-latest", rpm:"slmodem-kernel-desktop-latest~2.9.11~1.20090817.0.20080817.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"slmodem-kernel-server-latest", rpm:"slmodem-kernel-server-latest~2.9.11~1.20090817.0.20080817.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-lzma-kernel-2.6.27.24-desktop-2mnb", rpm:"squashfs-lzma-kernel-2.6.27.24-desktop-2mnb~3.3~5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-lzma-kernel-2.6.27.24-desktop586-2mnb", rpm:"squashfs-lzma-kernel-2.6.27.24-desktop586-2mnb~3.3~5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-lzma-kernel-2.6.27.24-server-2mnb", rpm:"squashfs-lzma-kernel-2.6.27.24-server-2mnb~3.3~5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-lzma-kernel-desktop586-latest", rpm:"squashfs-lzma-kernel-desktop586-latest~3.3~1.20090817.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-lzma-kernel-desktop-latest", rpm:"squashfs-lzma-kernel-desktop-latest~3.3~1.20090817.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-lzma-kernel-server-latest", rpm:"squashfs-lzma-kernel-server-latest~3.3~1.20090817.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tp_smapi-kernel-2.6.27.24-desktop-2mnb", rpm:"tp_smapi-kernel-2.6.27.24-desktop-2mnb~0.37~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tp_smapi-kernel-2.6.27.24-desktop586-2mnb", rpm:"tp_smapi-kernel-2.6.27.24-desktop586-2mnb~0.37~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tp_smapi-kernel-2.6.27.24-server-2mnb", rpm:"tp_smapi-kernel-2.6.27.24-server-2mnb~0.37~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tp_smapi-kernel-desktop586-latest", rpm:"tp_smapi-kernel-desktop586-latest~0.37~1.20090817.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tp_smapi-kernel-desktop-latest", rpm:"tp_smapi-kernel-desktop-latest~0.37~1.20090817.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tp_smapi-kernel-server-latest", rpm:"tp_smapi-kernel-server-latest~0.37~1.20090817.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxadd-kernel-2.6.27.24-desktop-2mnb", rpm:"vboxadd-kernel-2.6.27.24-desktop-2mnb~2.0.2~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxadd-kernel-2.6.27.24-desktop586-2mnb", rpm:"vboxadd-kernel-2.6.27.24-desktop586-2mnb~2.0.2~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxadd-kernel-2.6.27.24-server-2mnb", rpm:"vboxadd-kernel-2.6.27.24-server-2mnb~2.0.2~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxadd-kernel-desktop586-latest", rpm:"vboxadd-kernel-desktop586-latest~2.0.2~1.20090817.2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxadd-kernel-desktop-latest", rpm:"vboxadd-kernel-desktop-latest~2.0.2~1.20090817.2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxadd-kernel-server-latest", rpm:"vboxadd-kernel-server-latest~2.0.2~1.20090817.2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxvfs-kernel-2.6.27.24-desktop-2mnb", rpm:"vboxvfs-kernel-2.6.27.24-desktop-2mnb~2.0.2~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxvfs-kernel-2.6.27.24-desktop586-2mnb", rpm:"vboxvfs-kernel-2.6.27.24-desktop586-2mnb~2.0.2~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxvfs-kernel-2.6.27.24-server-2mnb", rpm:"vboxvfs-kernel-2.6.27.24-server-2mnb~2.0.2~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxvfs-kernel-desktop586-latest", rpm:"vboxvfs-kernel-desktop586-latest~2.0.2~1.20090817.2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxvfs-kernel-desktop-latest", rpm:"vboxvfs-kernel-desktop-latest~2.0.2~1.20090817.2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxvfs-kernel-server-latest", rpm:"vboxvfs-kernel-server-latest~2.0.2~1.20090817.2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vhba-kernel-2.6.27.24-desktop-2mnb", rpm:"vhba-kernel-2.6.27.24-desktop-2mnb~1.0.0~1.svn304.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vhba-kernel-2.6.27.24-desktop586-2mnb", rpm:"vhba-kernel-2.6.27.24-desktop586-2mnb~1.0.0~1.svn304.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vhba-kernel-2.6.27.24-server-2mnb", rpm:"vhba-kernel-2.6.27.24-server-2mnb~1.0.0~1.svn304.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vhba-kernel-desktop586-latest", rpm:"vhba-kernel-desktop586-latest~1.0.0~1.20090817.1.svn304.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vhba-kernel-desktop-latest", rpm:"vhba-kernel-desktop-latest~1.0.0~1.20090817.1.svn304.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vhba-kernel-server-latest", rpm:"vhba-kernel-server-latest~1.0.0~1.20090817.1.svn304.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"virtualbox-kernel-2.6.27.24-desktop-2mnb", rpm:"virtualbox-kernel-2.6.27.24-desktop-2mnb~2.0.2~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"virtualbox-kernel-2.6.27.24-desktop586-2mnb", rpm:"virtualbox-kernel-2.6.27.24-desktop586-2mnb~2.0.2~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"virtualbox-kernel-2.6.27.24-server-2mnb", rpm:"virtualbox-kernel-2.6.27.24-server-2mnb~2.0.2~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"virtualbox-kernel-desktop586-latest", rpm:"virtualbox-kernel-desktop586-latest~2.0.2~1.20090817.2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"virtualbox-kernel-desktop-latest", rpm:"virtualbox-kernel-desktop-latest~2.0.2~1.20090817.2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"virtualbox-kernel-server-latest", rpm:"virtualbox-kernel-server-latest~2.0.2~1.20090817.2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vpnclient-kernel-2.6.27.24-desktop-2mnb", rpm:"vpnclient-kernel-2.6.27.24-desktop-2mnb~4.8.01.0640~3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vpnclient-kernel-2.6.27.24-desktop586-2mnb", rpm:"vpnclient-kernel-2.6.27.24-desktop586-2mnb~4.8.01.0640~3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vpnclient-kernel-2.6.27.24-server-2mnb", rpm:"vpnclient-kernel-2.6.27.24-server-2mnb~4.8.01.0640~3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vpnclient-kernel-desktop586-latest", rpm:"vpnclient-kernel-desktop586-latest~4.8.01.0640~1.20090817.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vpnclient-kernel-desktop-latest", rpm:"vpnclient-kernel-desktop-latest~4.8.01.0640~1.20090817.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vpnclient-kernel-server-latest", rpm:"vpnclient-kernel-server-latest~4.8.01.0640~1.20090817.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia173-kernel-2.6.27.24-server-2mnb", rpm:"nvidia173-kernel-2.6.27.24-server-2mnb~173.14.12~4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia173-kernel-server-latest", rpm:"nvidia173-kernel-server-latest~173.14.12~1.20090817.4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"alsa_raoppcm-kernel-2.6.29.6-desktop-2mnb", rpm:"alsa_raoppcm-kernel-2.6.29.6-desktop-2mnb~0.5.1~2mdv2008.0", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"alsa_raoppcm-kernel-2.6.29.6-desktop586-2mnb", rpm:"alsa_raoppcm-kernel-2.6.29.6-desktop586-2mnb~0.5.1~2mdv2008.0", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"alsa_raoppcm-kernel-2.6.29.6-server-2mnb", rpm:"alsa_raoppcm-kernel-2.6.29.6-server-2mnb~0.5.1~2mdv2008.0", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"alsa_raoppcm-kernel-desktop586-latest", rpm:"alsa_raoppcm-kernel-desktop586-latest~0.5.1~1.20090817.2mdv2008.0", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"alsa_raoppcm-kernel-desktop-latest", rpm:"alsa_raoppcm-kernel-desktop-latest~0.5.1~1.20090817.2mdv2008.0", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"alsa_raoppcm-kernel-server-latest", rpm:"alsa_raoppcm-kernel-server-latest~0.5.1~1.20090817.2mdv2008.0", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"broadcom-wl-kernel-2.6.29.6-desktop-2mnb", rpm:"broadcom-wl-kernel-2.6.29.6-desktop-2mnb~5.10.79.10~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"broadcom-wl-kernel-2.6.29.6-desktop586-2mnb", rpm:"broadcom-wl-kernel-2.6.29.6-desktop586-2mnb~5.10.79.10~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"broadcom-wl-kernel-2.6.29.6-server-2mnb", rpm:"broadcom-wl-kernel-2.6.29.6-server-2mnb~5.10.79.10~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"broadcom-wl-kernel-desktop586-latest", rpm:"broadcom-wl-kernel-desktop586-latest~5.10.79.10~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"broadcom-wl-kernel-desktop-latest", rpm:"broadcom-wl-kernel-desktop-latest~5.10.79.10~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"broadcom-wl-kernel-server-latest", rpm:"broadcom-wl-kernel-server-latest~5.10.79.10~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"em8300-kernel-2.6.29.6-desktop-2mnb", rpm:"em8300-kernel-2.6.29.6-desktop-2mnb~0.17.2~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"em8300-kernel-2.6.29.6-desktop586-2mnb", rpm:"em8300-kernel-2.6.29.6-desktop586-2mnb~0.17.2~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"em8300-kernel-2.6.29.6-server-2mnb", rpm:"em8300-kernel-2.6.29.6-server-2mnb~0.17.2~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"em8300-kernel-desktop586-latest", rpm:"em8300-kernel-desktop586-latest~0.17.2~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"em8300-kernel-desktop-latest", rpm:"em8300-kernel-desktop-latest~0.17.2~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"em8300-kernel-server-latest", rpm:"em8300-kernel-server-latest~0.17.2~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fcpci-kernel-2.6.29.6-desktop-2mnb", rpm:"fcpci-kernel-2.6.29.6-desktop-2mnb~3.11.07~7mdv2009.0", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fcpci-kernel-2.6.29.6-desktop586-2mnb", rpm:"fcpci-kernel-2.6.29.6-desktop586-2mnb~3.11.07~7mdv2009.0", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fcpci-kernel-2.6.29.6-server-2mnb", rpm:"fcpci-kernel-2.6.29.6-server-2mnb~3.11.07~7mdv2009.0", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fcpci-kernel-desktop586-latest", rpm:"fcpci-kernel-desktop586-latest~3.11.07~1.20090817.7mdv2009.0", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fcpci-kernel-desktop-latest", rpm:"fcpci-kernel-desktop-latest~3.11.07~1.20090817.7mdv2009.0", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fcpci-kernel-server-latest", rpm:"fcpci-kernel-server-latest~3.11.07~1.20090817.7mdv2009.0", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fglrx-kernel-2.6.29.6-desktop-2mnb", rpm:"fglrx-kernel-2.6.29.6-desktop-2mnb~8.600~2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fglrx-kernel-2.6.29.6-desktop586-2mnb", rpm:"fglrx-kernel-2.6.29.6-desktop586-2mnb~8.600~2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fglrx-kernel-2.6.29.6-server-2mnb", rpm:"fglrx-kernel-2.6.29.6-server-2mnb~8.600~2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fglrx-kernel-desktop586-latest", rpm:"fglrx-kernel-desktop586-latest~8.600~1.20090817.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fglrx-kernel-desktop-latest", rpm:"fglrx-kernel-desktop-latest~8.600~1.20090817.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fglrx-kernel-server-latest", rpm:"fglrx-kernel-server-latest~8.600~1.20090817.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hcfpcimodem-kernel-2.6.29.6-desktop-2mnb", rpm:"hcfpcimodem-kernel-2.6.29.6-desktop-2mnb~1.18~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hcfpcimodem-kernel-2.6.29.6-desktop586-2mnb", rpm:"hcfpcimodem-kernel-2.6.29.6-desktop586-2mnb~1.18~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hcfpcimodem-kernel-2.6.29.6-server-2mnb", rpm:"hcfpcimodem-kernel-2.6.29.6-server-2mnb~1.18~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hcfpcimodem-kernel-desktop586-latest", rpm:"hcfpcimodem-kernel-desktop586-latest~1.18~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hcfpcimodem-kernel-desktop-latest", rpm:"hcfpcimodem-kernel-desktop-latest~1.18~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hcfpcimodem-kernel-server-latest", rpm:"hcfpcimodem-kernel-server-latest~1.18~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hsfmodem-kernel-2.6.29.6-desktop-2mnb", rpm:"hsfmodem-kernel-2.6.29.6-desktop-2mnb~7.80.02.03~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hsfmodem-kernel-2.6.29.6-desktop586-2mnb", rpm:"hsfmodem-kernel-2.6.29.6-desktop586-2mnb~7.80.02.03~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hsfmodem-kernel-2.6.29.6-server-2mnb", rpm:"hsfmodem-kernel-2.6.29.6-server-2mnb~7.80.02.03~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hsfmodem-kernel-desktop586-latest", rpm:"hsfmodem-kernel-desktop586-latest~7.80.02.03~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hsfmodem-kernel-desktop-latest", rpm:"hsfmodem-kernel-desktop-latest~7.80.02.03~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hsfmodem-kernel-server-latest", rpm:"hsfmodem-kernel-server-latest~7.80.02.03~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hso-kernel-2.6.29.6-desktop-2mnb", rpm:"hso-kernel-2.6.29.6-desktop-2mnb~1.2~3mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hso-kernel-2.6.29.6-desktop586-2mnb", rpm:"hso-kernel-2.6.29.6-desktop586-2mnb~1.2~3mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hso-kernel-2.6.29.6-server-2mnb", rpm:"hso-kernel-2.6.29.6-server-2mnb~1.2~3mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hso-kernel-desktop586-latest", rpm:"hso-kernel-desktop586-latest~1.2~1.20090817.3mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hso-kernel-desktop-latest", rpm:"hso-kernel-desktop-latest~1.2~1.20090817.3mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hso-kernel-server-latest", rpm:"hso-kernel-server-latest~1.2~1.20090817.3mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-2.6.29.6-2mnb", rpm:"kernel-2.6.29.6-2mnb~1~1mnb2", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop-2.6.29.6-2mnb", rpm:"kernel-desktop-2.6.29.6-2mnb~1~1mnb2", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop586-2.6.29.6-2mnb", rpm:"kernel-desktop586-2.6.29.6-2mnb~1~1mnb2", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop586-devel-2.6.29.6-2mnb", rpm:"kernel-desktop586-devel-2.6.29.6-2mnb~1~1mnb2", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop586-devel-latest", rpm:"kernel-desktop586-devel-latest~2.6.29.6~2mnb2", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop586-latest", rpm:"kernel-desktop586-latest~2.6.29.6~2mnb2", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop-devel-2.6.29.6-2mnb", rpm:"kernel-desktop-devel-2.6.29.6-2mnb~1~1mnb2", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop-devel-latest", rpm:"kernel-desktop-devel-latest~2.6.29.6~2mnb2", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop-latest", rpm:"kernel-desktop-latest~2.6.29.6~2mnb2", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.29.6~2mnb2", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-server-2.6.29.6-2mnb", rpm:"kernel-server-2.6.29.6-2mnb~1~1mnb2", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-server-devel-2.6.29.6-2mnb", rpm:"kernel-server-devel-2.6.29.6-2mnb~1~1mnb2", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-server-devel-latest", rpm:"kernel-server-devel-latest~2.6.29.6~2mnb2", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-server-latest", rpm:"kernel-server-latest~2.6.29.6~2mnb2", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-source-2.6.29.6-2mnb", rpm:"kernel-source-2.6.29.6-2mnb~1~1mnb2", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-source-latest", rpm:"kernel-source-latest~2.6.29.6~2mnb2", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kernel-2.6.29.6-desktop-2mnb", rpm:"kqemu-kernel-2.6.29.6-desktop-2mnb~1.4.0pre1~4", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kernel-2.6.29.6-desktop586-2mnb", rpm:"kqemu-kernel-2.6.29.6-desktop586-2mnb~1.4.0pre1~4", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kernel-2.6.29.6-server-2mnb", rpm:"kqemu-kernel-2.6.29.6-server-2mnb~1.4.0pre1~4", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kernel-desktop586-latest", rpm:"kqemu-kernel-desktop586-latest~1.4.0pre1~1.20090817.4", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kernel-desktop-latest", rpm:"kqemu-kernel-desktop-latest~1.4.0pre1~1.20090817.4", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kernel-server-latest", rpm:"kqemu-kernel-server-latest~1.4.0pre1~1.20090817.4", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libafs-kernel-2.6.29.6-desktop-2mnb", rpm:"libafs-kernel-2.6.29.6-desktop-2mnb~1.4.10~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libafs-kernel-2.6.29.6-desktop586-2mnb", rpm:"libafs-kernel-2.6.29.6-desktop586-2mnb~1.4.10~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libafs-kernel-2.6.29.6-server-2mnb", rpm:"libafs-kernel-2.6.29.6-server-2mnb~1.4.10~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libafs-kernel-desktop586-latest", rpm:"libafs-kernel-desktop586-latest~1.4.10~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libafs-kernel-desktop-latest", rpm:"libafs-kernel-desktop-latest~1.4.10~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libafs-kernel-server-latest", rpm:"libafs-kernel-server-latest~1.4.10~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lirc-kernel-2.6.29.6-desktop-2mnb", rpm:"lirc-kernel-2.6.29.6-desktop-2mnb~0.8.5~0.20090320.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lirc-kernel-2.6.29.6-desktop586-2mnb", rpm:"lirc-kernel-2.6.29.6-desktop586-2mnb~0.8.5~0.20090320.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lirc-kernel-2.6.29.6-server-2mnb", rpm:"lirc-kernel-2.6.29.6-server-2mnb~0.8.5~0.20090320.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lirc-kernel-desktop586-latest", rpm:"lirc-kernel-desktop586-latest~0.8.5~1.20090817.0.20090320.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lirc-kernel-desktop-latest", rpm:"lirc-kernel-desktop-latest~0.8.5~1.20090817.0.20090320.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lirc-kernel-server-latest", rpm:"lirc-kernel-server-latest~0.8.5~1.20090817.0.20090320.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lzma-kernel-2.6.29.6-desktop-2mnb", rpm:"lzma-kernel-2.6.29.6-desktop-2mnb~4.43~27.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lzma-kernel-2.6.29.6-desktop586-2mnb", rpm:"lzma-kernel-2.6.29.6-desktop586-2mnb~4.43~27.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lzma-kernel-2.6.29.6-server-2mnb", rpm:"lzma-kernel-2.6.29.6-server-2mnb~4.43~27.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lzma-kernel-desktop586-latest", rpm:"lzma-kernel-desktop586-latest~4.43~1.20090817.27.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lzma-kernel-desktop-latest", rpm:"lzma-kernel-desktop-latest~4.43~1.20090817.27.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lzma-kernel-server-latest", rpm:"lzma-kernel-server-latest~4.43~1.20090817.27.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"madwifi-kernel-2.6.29.6-desktop-2mnb", rpm:"madwifi-kernel-2.6.29.6-desktop-2mnb~0.9.4~4.r3998mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"madwifi-kernel-2.6.29.6-desktop586-2mnb", rpm:"madwifi-kernel-2.6.29.6-desktop586-2mnb~0.9.4~4.r3998mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"madwifi-kernel-2.6.29.6-server-2mnb", rpm:"madwifi-kernel-2.6.29.6-server-2mnb~0.9.4~4.r3998mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"madwifi-kernel-desktop586-latest", rpm:"madwifi-kernel-desktop586-latest~0.9.4~1.20090817.4.r3998mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"madwifi-kernel-desktop-latest", rpm:"madwifi-kernel-desktop-latest~0.9.4~1.20090817.4.r3998mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"madwifi-kernel-server-latest", rpm:"madwifi-kernel-server-latest~0.9.4~1.20090817.4.r3998mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"netfilter-rtsp-kernel-2.6.29.6-desktop-2mnb", rpm:"netfilter-rtsp-kernel-2.6.29.6-desktop-2mnb~2.6.26~2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"netfilter-rtsp-kernel-2.6.29.6-desktop586-2mnb", rpm:"netfilter-rtsp-kernel-2.6.29.6-desktop586-2mnb~2.6.26~2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"netfilter-rtsp-kernel-2.6.29.6-server-2mnb", rpm:"netfilter-rtsp-kernel-2.6.29.6-server-2mnb~2.6.26~2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"netfilter-rtsp-kernel-desktop586-latest", rpm:"netfilter-rtsp-kernel-desktop586-latest~2.6.26~1.20090817.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"netfilter-rtsp-kernel-desktop-latest", rpm:"netfilter-rtsp-kernel-desktop-latest~2.6.26~1.20090817.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"netfilter-rtsp-kernel-server-latest", rpm:"netfilter-rtsp-kernel-server-latest~2.6.26~1.20090817.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nouveau-kernel-2.6.29.6-desktop-2mnb", rpm:"nouveau-kernel-2.6.29.6-desktop-2mnb~0.0.12~0.20090329.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nouveau-kernel-2.6.29.6-desktop586-2mnb", rpm:"nouveau-kernel-2.6.29.6-desktop586-2mnb~0.0.12~0.20090329.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nouveau-kernel-2.6.29.6-server-2mnb", rpm:"nouveau-kernel-2.6.29.6-server-2mnb~0.0.12~0.20090329.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nouveau-kernel-desktop586-latest", rpm:"nouveau-kernel-desktop586-latest~0.0.12~1.20090817.0.20090329.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nouveau-kernel-desktop-latest", rpm:"nouveau-kernel-desktop-latest~0.0.12~1.20090817.0.20090329.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nouveau-kernel-server-latest", rpm:"nouveau-kernel-server-latest~0.0.12~1.20090817.0.20090329.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia173-kernel-2.6.29.6-desktop-2mnb", rpm:"nvidia173-kernel-2.6.29.6-desktop-2mnb~173.14.18~2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia173-kernel-2.6.29.6-desktop586-2mnb", rpm:"nvidia173-kernel-2.6.29.6-desktop586-2mnb~173.14.18~2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia173-kernel-2.6.29.6-server-2mnb", rpm:"nvidia173-kernel-2.6.29.6-server-2mnb~173.14.18~2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia173-kernel-desktop586-latest", rpm:"nvidia173-kernel-desktop586-latest~173.14.18~1.20090817.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia173-kernel-desktop-latest", rpm:"nvidia173-kernel-desktop-latest~173.14.18~1.20090817.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia173-kernel-server-latest", rpm:"nvidia173-kernel-server-latest~173.14.18~1.20090817.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia96xx-kernel-2.6.29.6-desktop-2mnb", rpm:"nvidia96xx-kernel-2.6.29.6-desktop-2mnb~96.43.11~5mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia96xx-kernel-2.6.29.6-desktop586-2mnb", rpm:"nvidia96xx-kernel-2.6.29.6-desktop586-2mnb~96.43.11~5mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia96xx-kernel-2.6.29.6-server-2mnb", rpm:"nvidia96xx-kernel-2.6.29.6-server-2mnb~96.43.11~5mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia96xx-kernel-desktop586-latest", rpm:"nvidia96xx-kernel-desktop586-latest~96.43.11~1.20090817.5mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia96xx-kernel-desktop-latest", rpm:"nvidia96xx-kernel-desktop-latest~96.43.11~1.20090817.5mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia96xx-kernel-server-latest", rpm:"nvidia96xx-kernel-server-latest~96.43.11~1.20090817.5mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia-current-kernel-2.6.29.6-desktop-2mnb", rpm:"nvidia-current-kernel-2.6.29.6-desktop-2mnb~180.51~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia-current-kernel-2.6.29.6-desktop586-2mnb", rpm:"nvidia-current-kernel-2.6.29.6-desktop586-2mnb~180.51~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia-current-kernel-2.6.29.6-server-2mnb", rpm:"nvidia-current-kernel-2.6.29.6-server-2mnb~180.51~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia-current-kernel-desktop586-latest", rpm:"nvidia-current-kernel-desktop586-latest~180.51~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia-current-kernel-desktop-latest", rpm:"nvidia-current-kernel-desktop-latest~180.51~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia-current-kernel-server-latest", rpm:"nvidia-current-kernel-server-latest~180.51~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"opencbm-kernel-2.6.29.6-desktop-2mnb", rpm:"opencbm-kernel-2.6.29.6-desktop-2mnb~0.4.2a~4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"opencbm-kernel-2.6.29.6-desktop586-2mnb", rpm:"opencbm-kernel-2.6.29.6-desktop586-2mnb~0.4.2a~4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"opencbm-kernel-2.6.29.6-server-2mnb", rpm:"opencbm-kernel-2.6.29.6-server-2mnb~0.4.2a~4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"opencbm-kernel-desktop586-latest", rpm:"opencbm-kernel-desktop586-latest~0.4.2a~1.20090817.4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"opencbm-kernel-desktop-latest", rpm:"opencbm-kernel-desktop-latest~0.4.2a~1.20090817.4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"opencbm-kernel-server-latest", rpm:"opencbm-kernel-server-latest~0.4.2a~1.20090817.4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2870-kernel-2.6.29.6-desktop-2mnb", rpm:"rt2870-kernel-2.6.29.6-desktop-2mnb~1.4.0.0~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2870-kernel-2.6.29.6-desktop586-2mnb", rpm:"rt2870-kernel-2.6.29.6-desktop586-2mnb~1.4.0.0~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2870-kernel-2.6.29.6-server-2mnb", rpm:"rt2870-kernel-2.6.29.6-server-2mnb~1.4.0.0~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2870-kernel-desktop586-latest", rpm:"rt2870-kernel-desktop586-latest~1.4.0.0~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2870-kernel-desktop-latest", rpm:"rt2870-kernel-desktop-latest~1.4.0.0~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2870-kernel-server-latest", rpm:"rt2870-kernel-server-latest~1.4.0.0~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"slmodem-kernel-2.6.29.6-desktop-2mnb", rpm:"slmodem-kernel-2.6.29.6-desktop-2mnb~2.9.11~0.20080817.4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"slmodem-kernel-2.6.29.6-desktop586-2mnb", rpm:"slmodem-kernel-2.6.29.6-desktop586-2mnb~2.9.11~0.20080817.4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"slmodem-kernel-2.6.29.6-server-2mnb", rpm:"slmodem-kernel-2.6.29.6-server-2mnb~2.9.11~0.20080817.4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"slmodem-kernel-desktop586-latest", rpm:"slmodem-kernel-desktop586-latest~2.9.11~1.20090817.0.20080817.4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"slmodem-kernel-desktop-latest", rpm:"slmodem-kernel-desktop-latest~2.9.11~1.20090817.0.20080817.4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"slmodem-kernel-server-latest", rpm:"slmodem-kernel-server-latest~2.9.11~1.20090817.0.20080817.4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-kernel-2.6.29.6-desktop-2mnb", rpm:"squashfs-kernel-2.6.29.6-desktop-2mnb~3.4~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-kernel-2.6.29.6-desktop586-2mnb", rpm:"squashfs-kernel-2.6.29.6-desktop586-2mnb~3.4~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-kernel-2.6.29.6-server-2mnb", rpm:"squashfs-kernel-2.6.29.6-server-2mnb~3.4~1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-kernel-desktop586-latest", rpm:"squashfs-kernel-desktop586-latest~3.4~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-kernel-desktop-latest", rpm:"squashfs-kernel-desktop-latest~3.4~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-kernel-server-latest", rpm:"squashfs-kernel-server-latest~3.4~1.20090817.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-lzma-kernel-2.6.29.6-desktop-2mnb", rpm:"squashfs-lzma-kernel-2.6.29.6-desktop-2mnb~3.3~10mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-lzma-kernel-2.6.29.6-desktop586-2mnb", rpm:"squashfs-lzma-kernel-2.6.29.6-desktop586-2mnb~3.3~10mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-lzma-kernel-2.6.29.6-server-2mnb", rpm:"squashfs-lzma-kernel-2.6.29.6-server-2mnb~3.3~10mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-lzma-kernel-desktop586-latest", rpm:"squashfs-lzma-kernel-desktop586-latest~3.3~1.20090817.10mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-lzma-kernel-desktop-latest", rpm:"squashfs-lzma-kernel-desktop-latest~3.3~1.20090817.10mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-lzma-kernel-server-latest", rpm:"squashfs-lzma-kernel-server-latest~3.3~1.20090817.10mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"syntek-kernel-2.6.29.6-desktop-2mnb", rpm:"syntek-kernel-2.6.29.6-desktop-2mnb~1.3.1~5mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"syntek-kernel-2.6.29.6-desktop586-2mnb", rpm:"syntek-kernel-2.6.29.6-desktop586-2mnb~1.3.1~5mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"syntek-kernel-2.6.29.6-server-2mnb", rpm:"syntek-kernel-2.6.29.6-server-2mnb~1.3.1~5mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"syntek-kernel-desktop586-latest", rpm:"syntek-kernel-desktop586-latest~1.3.1~1.20090817.5mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"syntek-kernel-desktop-latest", rpm:"syntek-kernel-desktop-latest~1.3.1~1.20090817.5mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"syntek-kernel-server-latest", rpm:"syntek-kernel-server-latest~1.3.1~1.20090817.5mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tp_smapi-kernel-2.6.29.6-desktop-2mnb", rpm:"tp_smapi-kernel-2.6.29.6-desktop-2mnb~0.40~2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tp_smapi-kernel-2.6.29.6-desktop586-2mnb", rpm:"tp_smapi-kernel-2.6.29.6-desktop586-2mnb~0.40~2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tp_smapi-kernel-2.6.29.6-server-2mnb", rpm:"tp_smapi-kernel-2.6.29.6-server-2mnb~0.40~2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tp_smapi-kernel-desktop586-latest", rpm:"tp_smapi-kernel-desktop586-latest~0.40~1.20090817.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tp_smapi-kernel-desktop-latest", rpm:"tp_smapi-kernel-desktop-latest~0.40~1.20090817.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tp_smapi-kernel-server-latest", rpm:"tp_smapi-kernel-server-latest~0.40~1.20090817.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxadditions-kernel-2.6.29.6-desktop-2mnb", rpm:"vboxadditions-kernel-2.6.29.6-desktop-2mnb~2.2.0~4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxadditions-kernel-2.6.29.6-desktop586-2mnb", rpm:"vboxadditions-kernel-2.6.29.6-desktop586-2mnb~2.2.0~4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxadditions-kernel-2.6.29.6-server-2mnb", rpm:"vboxadditions-kernel-2.6.29.6-server-2mnb~2.2.0~4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxadditions-kernel-desktop586-latest", rpm:"vboxadditions-kernel-desktop586-latest~2.2.0~1.20090817.4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxadditions-kernel-desktop-latest", rpm:"vboxadditions-kernel-desktop-latest~2.2.0~1.20090817.4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxadditions-kernel-server-latest", rpm:"vboxadditions-kernel-server-latest~2.2.0~1.20090817.4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vhba-kernel-2.6.29.6-desktop-2mnb", rpm:"vhba-kernel-2.6.29.6-desktop-2mnb~1.2.1~2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vhba-kernel-2.6.29.6-desktop586-2mnb", rpm:"vhba-kernel-2.6.29.6-desktop586-2mnb~1.2.1~2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vhba-kernel-2.6.29.6-server-2mnb", rpm:"vhba-kernel-2.6.29.6-server-2mnb~1.2.1~2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vhba-kernel-desktop586-latest", rpm:"vhba-kernel-desktop586-latest~1.2.1~1.20090817.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vhba-kernel-desktop-latest", rpm:"vhba-kernel-desktop-latest~1.2.1~1.20090817.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vhba-kernel-server-latest", rpm:"vhba-kernel-server-latest~1.2.1~1.20090817.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"virtualbox-kernel-2.6.29.6-desktop-2mnb", rpm:"virtualbox-kernel-2.6.29.6-desktop-2mnb~2.2.0~4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"virtualbox-kernel-2.6.29.6-desktop586-2mnb", rpm:"virtualbox-kernel-2.6.29.6-desktop586-2mnb~2.2.0~4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"virtualbox-kernel-2.6.29.6-server-2mnb", rpm:"virtualbox-kernel-2.6.29.6-server-2mnb~2.2.0~4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"virtualbox-kernel-desktop586-latest", rpm:"virtualbox-kernel-desktop586-latest~2.2.0~1.20090817.4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"virtualbox-kernel-desktop-latest", rpm:"virtualbox-kernel-desktop-latest~2.2.0~1.20090817.4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"virtualbox-kernel-server-latest", rpm:"virtualbox-kernel-server-latest~2.2.0~1.20090817.4mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vpnclient-kernel-2.6.29.6-desktop-2mnb", rpm:"vpnclient-kernel-2.6.29.6-desktop-2mnb~4.8.01.0640~3mdv2009.0", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vpnclient-kernel-2.6.29.6-desktop586-2mnb", rpm:"vpnclient-kernel-2.6.29.6-desktop586-2mnb~4.8.01.0640~3mdv2009.0", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vpnclient-kernel-2.6.29.6-server-2mnb", rpm:"vpnclient-kernel-2.6.29.6-server-2mnb~4.8.01.0640~3mdv2009.0", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vpnclient-kernel-desktop586-latest", rpm:"vpnclient-kernel-desktop586-latest~4.8.01.0640~1.20090817.3mdv2009.0", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vpnclient-kernel-desktop-latest", rpm:"vpnclient-kernel-desktop-latest~4.8.01.0640~1.20090817.3mdv2009.0", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vpnclient-kernel-server-latest", rpm:"vpnclient-kernel-server-latest~4.8.01.0640~1.20090817.3mdv2009.0", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-2.6.27.24-2mnb", rpm:"kernel-2.6.27.24-2mnb~1~1mnb2", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop-2.6.27.24-2mnb", rpm:"kernel-desktop-2.6.27.24-2mnb~1~1mnb2", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop586-2.6.27.24-2mnb", rpm:"kernel-desktop586-2.6.27.24-2mnb~1~1mnb2", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop586-devel-2.6.27.24-2mnb", rpm:"kernel-desktop586-devel-2.6.27.24-2mnb~1~1mnb2", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop586-devel-latest", rpm:"kernel-desktop586-devel-latest~2.6.27.24~2mnb2", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop586-latest", rpm:"kernel-desktop586-latest~2.6.27.24~2mnb2", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop-devel-2.6.27.24-2mnb", rpm:"kernel-desktop-devel-2.6.27.24-2mnb~1~1mnb2", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop-devel-latest", rpm:"kernel-desktop-devel-latest~2.6.27.24~2mnb2", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop-latest", rpm:"kernel-desktop-latest~2.6.27.24~2mnb2", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.27.24~2mnb2", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-server-2.6.27.24-2mnb", rpm:"kernel-server-2.6.27.24-2mnb~1~1mnb2", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-server-devel-2.6.27.24-2mnb", rpm:"kernel-server-devel-2.6.27.24-2mnb~1~1mnb2", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-server-devel-latest", rpm:"kernel-server-devel-latest~2.6.27.24~2mnb2", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-server-latest", rpm:"kernel-server-latest~2.6.27.24~2mnb2", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-source-2.6.27.24-2mnb", rpm:"kernel-source-2.6.27.24-2mnb~1~1mnb2", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-source-latest", rpm:"kernel-source-latest~2.6.27.24~2mnb2", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fglrx-kernel-2.6.27.24-desktop-2mnb", rpm:"fglrx-kernel-2.6.27.24-desktop-2mnb~8.522~3mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fglrx-kernel-2.6.27.24-server-2mnb", rpm:"fglrx-kernel-2.6.27.24-server-2mnb~8.522~3mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fglrx-kernel-desktop-latest", rpm:"fglrx-kernel-desktop-latest~8.522~1.20090814.3mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fglrx-kernel-server-latest", rpm:"fglrx-kernel-server-latest~8.522~1.20090814.3mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"iscsitarget-kernel-2.6.27.24-desktop-2mnb", rpm:"iscsitarget-kernel-2.6.27.24-desktop-2mnb~0.4.16~4mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"iscsitarget-kernel-2.6.27.24-server-2mnb", rpm:"iscsitarget-kernel-2.6.27.24-server-2mnb~0.4.16~4mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"iscsitarget-kernel-desktop-latest", rpm:"iscsitarget-kernel-desktop-latest~0.4.16~1.20090814.4mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"iscsitarget-kernel-server-latest", rpm:"iscsitarget-kernel-server-latest~0.4.16~1.20090814.4mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kernel-2.6.27.24-desktop-2mnb", rpm:"kqemu-kernel-2.6.27.24-desktop-2mnb~1.4.0pre1~0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kernel-2.6.27.24-server-2mnb", rpm:"kqemu-kernel-2.6.27.24-server-2mnb~1.4.0pre1~0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kernel-desktop-latest", rpm:"kqemu-kernel-desktop-latest~1.4.0pre1~1.20090814.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kernel-server-latest", rpm:"kqemu-kernel-server-latest~1.4.0pre1~1.20090814.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libafs-kernel-2.6.27.24-desktop-2mnb", rpm:"libafs-kernel-2.6.27.24-desktop-2mnb~1.4.7~5.1mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libafs-kernel-2.6.27.24-server-2mnb", rpm:"libafs-kernel-2.6.27.24-server-2mnb~1.4.7~5.1mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libafs-kernel-desktop-latest", rpm:"libafs-kernel-desktop-latest~1.4.7~1.20090814.5.1mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libafs-kernel-server-latest", rpm:"libafs-kernel-server-latest~1.4.7~1.20090814.5.1mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"madwifi-kernel-2.6.27.24-desktop-2mnb", rpm:"madwifi-kernel-2.6.27.24-desktop-2mnb~0.9.4~3.r3835mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"madwifi-kernel-2.6.27.24-server-2mnb", rpm:"madwifi-kernel-2.6.27.24-server-2mnb~0.9.4~3.r3835mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"madwifi-kernel-desktop-latest", rpm:"madwifi-kernel-desktop-latest~0.9.4~1.20090814.3.r3835mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"madwifi-kernel-server-latest", rpm:"madwifi-kernel-server-latest~0.9.4~1.20090814.3.r3835mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia71xx-kernel-2.6.27.24-desktop-2mnb", rpm:"nvidia71xx-kernel-2.6.27.24-desktop-2mnb~71.86.06~5mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia71xx-kernel-2.6.27.24-server-2mnb", rpm:"nvidia71xx-kernel-2.6.27.24-server-2mnb~71.86.06~5mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia71xx-kernel-desktop-latest", rpm:"nvidia71xx-kernel-desktop-latest~71.86.06~1.20090814.5mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia71xx-kernel-server-latest", rpm:"nvidia71xx-kernel-server-latest~71.86.06~1.20090814.5mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia96xx-kernel-2.6.27.24-desktop-2mnb", rpm:"nvidia96xx-kernel-2.6.27.24-desktop-2mnb~96.43.07~5mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia96xx-kernel-2.6.27.24-server-2mnb", rpm:"nvidia96xx-kernel-2.6.27.24-server-2mnb~96.43.07~5mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia96xx-kernel-desktop-latest", rpm:"nvidia96xx-kernel-desktop-latest~96.43.07~1.20090814.5mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia96xx-kernel-server-latest", rpm:"nvidia96xx-kernel-server-latest~96.43.07~1.20090814.5mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia-current-kernel-2.6.27.24-desktop-2mnb", rpm:"nvidia-current-kernel-2.6.27.24-desktop-2mnb~177.70~2.3mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia-current-kernel-2.6.27.24-server-2mnb", rpm:"nvidia-current-kernel-2.6.27.24-server-2mnb~177.70~2.3mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia-current-kernel-desktop-latest", rpm:"nvidia-current-kernel-desktop-latest~177.70~1.20090814.2.3mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia-current-kernel-server-latest", rpm:"nvidia-current-kernel-server-latest~177.70~1.20090814.2.3mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vpnclient-kernel-2.6.27.24-desktop-2mnb", rpm:"vpnclient-kernel-2.6.27.24-desktop-2mnb~4.8.01.0640~3mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vpnclient-kernel-2.6.27.24-server-2mnb", rpm:"vpnclient-kernel-2.6.27.24-server-2mnb~4.8.01.0640~3mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vpnclient-kernel-desktop-latest", rpm:"vpnclient-kernel-desktop-latest~4.8.01.0640~1.20090814.3mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vpnclient-kernel-server-latest", rpm:"vpnclient-kernel-server-latest~4.8.01.0640~1.20090814.3mdv2009.0", rls:"MNDK_mes5")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_206.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_206.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_206.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,94 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:206 (wget) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64678); + script_cve_id("CVE-2009-2408"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:206 (wget)"); + + desc = " +The remote host is missing an update to wget +announced via advisory MDVSA-2009:206. + +A vulnerability has been found and corrected in wget: + +SUSE discovered a security issue in wget related to +http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2408 + +This update provides a solution to this vulnerability. + +Affected: 2008.1, 2009.0, 2009.1, Corporate 4.0, Enterprise Server 5.0 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:206 + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:206 (wget)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"wget", rpm:"wget~1.11~1.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"wget", rpm:"wget~1.11.4~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"wget", rpm:"wget~1.11.4~2.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"wget", rpm:"wget~1.10~1.3.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"wget", rpm:"wget~1.11.4~1.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_207.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_207.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_207.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,88 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:207 (perl-Compress-Raw-Bzip2) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64679); + script_cve_id("CVE-2009-1391", "CVE-2009-1884"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:207 (perl-Compress-Raw-Bzip2)"); + + desc = " +The remote host is missing an update to perl-Compress-Raw-Bzip2 +announced via advisory MDVSA-2009:207. + +A vulnerability has been found and corrected in perl-Compress-Raw-Bzip: + +Off-by-one error in the bzinflate function in Bzip2.xs in +the Compress-Raw-Bzip2 module before 2.018 for Perl allows +context-dependent attackers to cause a denial of service (application +hang or crash) via a crafted bzip2 compressed stream that triggers +a buffer overflow, a related issue to CVE-2009-1391 (CVE-2009-1884). + +This update provides a solution to this vulnerability. + +Affected: 2009.1, Enterprise Server 5.0 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:207 + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:207 (perl-Compress-Raw-Bzip2)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"perl-Compress-Raw-Bzip2", rpm:"perl-Compress-Raw-Bzip2~2.015~2.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"perl-Compress-Raw-Bzip2", rpm:"perl-Compress-Raw-Bzip2~2.015~1.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_208.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_208.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_208.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,116 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:208 (libgadu) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64680); + script_cve_id("CVE-2008-4776"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:208 (libgadu)"); + + desc = " +The remote host is missing an update to libgadu +announced via advisory MDVSA-2009:208. + +A vulnerability has been found and corrected in libgadu: + +libgadu before 1.8.2 allows remote servers to cause a denial of service +(crash) via a contact description with a large length, which triggers +a buffer over-read (CVE-2008-4776). + +This update provides a solution to this vulnerability. + +Affected: 2008.1, 2009.0, Enterprise Server 5.0 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:208 + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:208 (libgadu)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"libgadu3", rpm:"libgadu3~1.8.0~1.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libgadu-devel", rpm:"libgadu-devel~1.8.0~1.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64gadu3", rpm:"lib64gadu3~1.8.0~1.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64gadu-devel", rpm:"lib64gadu-devel~1.8.0~1.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libgadu3", rpm:"libgadu3~1.8.1~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libgadu-devel", rpm:"libgadu-devel~1.8.1~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64gadu3", rpm:"lib64gadu3~1.8.1~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64gadu-devel", rpm:"lib64gadu-devel~1.8.1~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libgadu3", rpm:"libgadu3~1.8.1~2.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libgadu-devel", rpm:"libgadu-devel~1.8.1~2.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64gadu3", rpm:"lib64gadu3~1.8.1~2.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64gadu-devel", rpm:"lib64gadu-devel~1.8.1~2.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_209.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_209.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_209.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,130 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:209 (java-1.6.0-openjdk) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64681); + script_cve_id("CVE-2009-0217", "CVE-2009-1896", "CVE-2009-2475", "CVE-2009-2476", "CVE-2009-2625", "CVE-2009-2670", "CVE-2009-2671", "CVE-2009-2673", "CVE-2009-2674", "CVE-2009-2675", "CVE-2009-2689", "CVE-2009-2690"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:209 (java-1.6.0-openjdk)"); + + desc = " +The remote host is missing an update to java-1.6.0-openjdk +announced via advisory MDVSA-2009:209. + +Multiple Java OpenJDK security vulnerabilities has been identified +and fixed. For details, please visit the referenced security +advisories. + +Affected: 2009.0, 2009.1, Enterprise Server 5.0 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:209 + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:209 (java-1.6.0-openjdk)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"java-1.6.0-openjdk", rpm:"java-1.6.0-openjdk~1.6.0.0~0.20.b16.0.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.6.0-openjdk-demo", rpm:"java-1.6.0-openjdk-demo~1.6.0.0~0.20.b16.0.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.6.0-openjdk-devel", rpm:"java-1.6.0-openjdk-devel~1.6.0.0~0.20.b16.0.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.6.0-openjdk-javadoc", rpm:"java-1.6.0-openjdk-javadoc~1.6.0.0~0.20.b16.0.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.6.0-openjdk-plugin", rpm:"java-1.6.0-openjdk-plugin~1.6.0.0~0.20.b16.0.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.6.0-openjdk-src", rpm:"java-1.6.0-openjdk-src~1.6.0.0~0.20.b16.0.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.6.0-openjdk", rpm:"java-1.6.0-openjdk~1.6.0.0~0.20.b16.0.3mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.6.0-openjdk-demo", rpm:"java-1.6.0-openjdk-demo~1.6.0.0~0.20.b16.0.3mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.6.0-openjdk-devel", rpm:"java-1.6.0-openjdk-devel~1.6.0.0~0.20.b16.0.3mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.6.0-openjdk-javadoc", rpm:"java-1.6.0-openjdk-javadoc~1.6.0.0~0.20.b16.0.3mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.6.0-openjdk-plugin", rpm:"java-1.6.0-openjdk-plugin~1.6.0.0~0.20.b16.0.3mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.6.0-openjdk-src", rpm:"java-1.6.0-openjdk-src~1.6.0.0~0.20.b16.0.3mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.6.0-openjdk", rpm:"java-1.6.0-openjdk~1.6.0.0~0.20.b16.0.4mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.6.0-openjdk-demo", rpm:"java-1.6.0-openjdk-demo~1.6.0.0~0.20.b16.0.4mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.6.0-openjdk-devel", rpm:"java-1.6.0-openjdk-devel~1.6.0.0~0.20.b16.0.4mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.6.0-openjdk-javadoc", rpm:"java-1.6.0-openjdk-javadoc~1.6.0.0~0.20.b16.0.4mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.6.0-openjdk-plugin", rpm:"java-1.6.0-openjdk-plugin~1.6.0.0~0.20.b16.0.4mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"java-1.6.0-openjdk-src", rpm:"java-1.6.0-openjdk-src~1.6.0.0~0.20.b16.0.4mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_210.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_210.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_210.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,154 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:210 (gnutls) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64682); + script_cve_id("CVE-2009-2730"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:210 (gnutls)"); + + desc = " +The remote host is missing an update to gnutls +announced via advisory MDVSA-2009:210. + +A vulnerability have been discovered and corrected in GnuTLS +before 2.8.2, which could allow man-in-the-middle attackers to spoof +arbitrary SSL servers via a crafted certificate issued by a legitimate +Certification Authority (CVE-2009-2730). + +This update fixes this vulnerability. + +Affected: 2008.1, 2009.0, 2009.1, Corporate 4.0, Enterprise Server 5.0 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:210 + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:210 (gnutls)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"gnutls", rpm:"gnutls~2.3.0~3.5mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libgnutls26", rpm:"libgnutls26~2.3.0~3.5mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libgnutls-devel", rpm:"libgnutls-devel~2.3.0~3.5mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64gnutls26", rpm:"lib64gnutls26~2.3.0~3.5mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64gnutls-devel", rpm:"lib64gnutls-devel~2.3.0~3.5mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnutls", rpm:"gnutls~2.4.1~2.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libgnutls26", rpm:"libgnutls26~2.4.1~2.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libgnutls-devel", rpm:"libgnutls-devel~2.4.1~2.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64gnutls26", rpm:"lib64gnutls26~2.4.1~2.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64gnutls-devel", rpm:"lib64gnutls-devel~2.4.1~2.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnutls", rpm:"gnutls~2.6.4~1.3mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libgnutls26", rpm:"libgnutls26~2.6.4~1.3mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libgnutls-devel", rpm:"libgnutls-devel~2.6.4~1.3mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64gnutls26", rpm:"lib64gnutls26~2.6.4~1.3mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64gnutls-devel", rpm:"lib64gnutls-devel~2.6.4~1.3mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnutls", rpm:"gnutls~1.0.25~2.5.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libgnutls11", rpm:"libgnutls11~1.0.25~2.5.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libgnutls11-devel", rpm:"libgnutls11-devel~1.0.25~2.5.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64gnutls11", rpm:"lib64gnutls11~1.0.25~2.5.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64gnutls11-devel", rpm:"lib64gnutls11-devel~1.0.25~2.5.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnutls", rpm:"gnutls~2.4.1~2.5mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libgnutls26", rpm:"libgnutls26~2.4.1~2.5mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libgnutls-devel", rpm:"libgnutls-devel~2.4.1~2.5mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64gnutls26", rpm:"lib64gnutls26~2.4.1~2.5mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64gnutls-devel", rpm:"lib64gnutls-devel~2.4.1~2.5mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_211.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_211.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_211.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,179 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:211 (expat) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64683); + script_cve_id("CVE-2009-2625"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:211 (expat)"); + + desc = " +The remote host is missing an update to expat +announced via advisory MDVSA-2009:211. + +A vulnerability was found in xmltok_impl.c (expat) that with +specially crafted XML could be exploited and lead to a denial of +service attack. Related to CVE-2009-2625. + +This update fixes this vulnerability. + +Affected: 2008.1, 2009.0, 2009.1, Corporate 3.0, Corporate 4.0, + Enterprise Server 5.0, Multi Network Firewall 2.0 + + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:211 + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:211 (expat)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"expat", rpm:"expat~2.0.1~6.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libexpat1", rpm:"libexpat1~2.0.1~6.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libexpat1-devel", rpm:"libexpat1-devel~2.0.1~6.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64expat1", rpm:"lib64expat1~2.0.1~6.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64expat1-devel", rpm:"lib64expat1-devel~2.0.1~6.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"expat", rpm:"expat~2.0.1~7.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libexpat1", rpm:"libexpat1~2.0.1~7.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libexpat1-devel", rpm:"libexpat1-devel~2.0.1~7.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64expat1", rpm:"lib64expat1~2.0.1~7.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64expat1-devel", rpm:"lib64expat1-devel~2.0.1~7.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"expat", rpm:"expat~2.0.1~8.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libexpat1", rpm:"libexpat1~2.0.1~8.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libexpat1-devel", rpm:"libexpat1-devel~2.0.1~8.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64expat1", rpm:"lib64expat1~2.0.1~8.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64expat1-devel", rpm:"lib64expat1-devel~2.0.1~8.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"expat", rpm:"expat~1.95.6~4.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libexpat0", rpm:"libexpat0~1.95.6~4.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libexpat0-devel", rpm:"libexpat0-devel~1.95.6~4.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64expat0", rpm:"lib64expat0~1.95.6~4.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64expat0-devel", rpm:"lib64expat0-devel~1.95.6~4.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"expat", rpm:"expat~1.95.8~1.1.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libexpat0", rpm:"libexpat0~1.95.8~1.1.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libexpat0-devel", rpm:"libexpat0-devel~1.95.8~1.1.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64expat0", rpm:"lib64expat0~1.95.8~1.1.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64expat0-devel", rpm:"lib64expat0-devel~1.95.8~1.1.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"expat", rpm:"expat~2.0.1~7.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libexpat1", rpm:"libexpat1~2.0.1~7.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libexpat1-devel", rpm:"libexpat1-devel~2.0.1~7.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64expat1", rpm:"lib64expat1~2.0.1~7.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64expat1-devel", rpm:"lib64expat1-devel~2.0.1~7.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"expat", rpm:"expat~1.95.6~4.1.C30mdk", rls:"MNDK_2.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libexpat0", rpm:"libexpat0~1.95.6~4.1.C30mdk", rls:"MNDK_2.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libexpat0-devel", rpm:"libexpat0-devel~1.95.6~4.1.C30mdk", rls:"MNDK_2.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_212.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_212.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_212.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,251 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:212 (python) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64684); + script_cve_id("CVE-2009-2625"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:212 (python)"); + + desc = " +The remote host is missing an update to python +announced via advisory MDVSA-2009:212. + +A vulnerability was found in xmltok_impl.c (expat) that with +specially crafted XML could be exploited and lead to a denial of +service attack. Related to CVE-2009-2625. + +This update fixes this vulnerability. + +Affected: 2008.1, 2009.0, 2009.1, Corporate 3.0, Corporate 4.0, + Enterprise Server 5.0, Multi Network Firewall 2.0 + + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:212 + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:212 (python)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"libpython2.5", rpm:"libpython2.5~2.5.2~2.4mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpython2.5-devel", rpm:"libpython2.5-devel~2.5.2~2.4mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python", rpm:"python~2.5.2~2.4mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python-base", rpm:"python-base~2.5.2~2.4mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python-docs", rpm:"python-docs~2.5.2~2.4mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tkinter", rpm:"tkinter~2.5.2~2.4mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tkinter-apps", rpm:"tkinter-apps~2.5.2~2.4mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64python2.5", rpm:"lib64python2.5~2.5.2~2.4mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64python2.5-devel", rpm:"lib64python2.5-devel~2.5.2~2.4mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpython2.5", rpm:"libpython2.5~2.5.2~5.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpython2.5-devel", rpm:"libpython2.5-devel~2.5.2~5.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python", rpm:"python~2.5.2~5.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python-base", rpm:"python-base~2.5.2~5.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python-docs", rpm:"python-docs~2.5.2~5.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tkinter", rpm:"tkinter~2.5.2~5.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tkinter-apps", rpm:"tkinter-apps~2.5.2~5.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64python2.5", rpm:"lib64python2.5~2.5.2~5.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64python2.5-devel", rpm:"lib64python2.5-devel~2.5.2~5.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpython2.6", rpm:"libpython2.6~2.6.1~6.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpython2.6-devel", rpm:"libpython2.6-devel~2.6.1~6.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python", rpm:"python~2.6.1~6.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python-docs", rpm:"python-docs~2.6.1~6.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tkinter", rpm:"tkinter~2.6.1~6.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tkinter-apps", rpm:"tkinter-apps~2.6.1~6.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64python2.6", rpm:"lib64python2.6~2.6.1~6.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64python2.6-devel", rpm:"lib64python2.6-devel~2.6.1~6.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpython2.3", rpm:"libpython2.3~2.3.7~0.3.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpython2.3-devel", rpm:"libpython2.3-devel~2.3.7~0.3.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python", rpm:"python~2.3.7~0.3.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python-base", rpm:"python-base~2.3.7~0.3.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python-docs", rpm:"python-docs~2.3.7~0.3.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tkinter", rpm:"tkinter~2.3.7~0.3.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64python2.3", rpm:"lib64python2.3~2.3.7~0.3.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64python2.3-devel", rpm:"lib64python2.3-devel~2.3.7~0.3.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpython2.4", rpm:"libpython2.4~2.4.5~0.3.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpython2.4-devel", rpm:"libpython2.4-devel~2.4.5~0.3.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python", rpm:"python~2.4.5~0.3.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python-base", rpm:"python-base~2.4.5~0.3.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python-docs", rpm:"python-docs~2.4.5~0.3.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tkinter", rpm:"tkinter~2.4.5~0.3.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64python2.4", rpm:"lib64python2.4~2.4.5~0.3.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64python2.4-devel", rpm:"lib64python2.4-devel~2.4.5~0.3.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpython2.5", rpm:"libpython2.5~2.5.2~5.3mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpython2.5-devel", rpm:"libpython2.5-devel~2.5.2~5.3mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python", rpm:"python~2.5.2~5.3mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python-base", rpm:"python-base~2.5.2~5.3mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python-docs", rpm:"python-docs~2.5.2~5.3mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tkinter", rpm:"tkinter~2.5.2~5.3mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tkinter-apps", rpm:"tkinter-apps~2.5.2~5.3mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64python2.5", rpm:"lib64python2.5~2.5.2~5.3mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64python2.5-devel", rpm:"lib64python2.5-devel~2.5.2~5.3mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpython2.3", rpm:"libpython2.3~2.3.7~0.3.C30mdk", rls:"MNDK_2.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpython2.3-devel", rpm:"libpython2.3-devel~2.3.7~0.3.C30mdk", rls:"MNDK_2.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python", rpm:"python~2.3.7~0.3.C30mdk", rls:"MNDK_2.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python-base", rpm:"python-base~2.3.7~0.3.C30mdk", rls:"MNDK_2.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python-docs", rpm:"python-docs~2.3.7~0.3.C30mdk", rls:"MNDK_2.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tkinter", rpm:"tkinter~2.3.7~0.3.C30mdk", rls:"MNDK_2.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_213.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_213.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_213.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,312 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:213 (wxgtk) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64685); + script_cve_id("CVE-2009-2625"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:213 (wxgtk)"); + + desc = " +The remote host is missing an update to wxgtk +announced via advisory MDVSA-2009:213. + +A vulnerability was found in xmltok_impl.c (expat) that with +specially crafted XML could be exploited and lead to a denial of +service attack. Related to CVE-2009-2625. + +This update fixes this vulnerability. + +Affected: 2008.1, 2009.0, 2009.1, Enterprise Server 5.0 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:213 + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:213 (wxgtk)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"libwxgtk2.6", rpm:"libwxgtk2.6~2.6.4~14.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.6-devel", rpm:"libwxgtk2.6-devel~2.6.4~14.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.8", rpm:"libwxgtk2.8~2.8.7~1.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.8-devel", rpm:"libwxgtk2.8-devel~2.8.7~1.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkgl2.6", rpm:"libwxgtkgl2.6~2.6.4~14.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkgl2.8", rpm:"libwxgtkgl2.8~2.8.7~1.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkglu2.6", rpm:"libwxgtkglu2.6~2.6.4~14.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkglu2.8", rpm:"libwxgtkglu2.8~2.8.7~1.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.6", rpm:"libwxgtku2.6~2.6.4~14.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.6-devel", rpm:"libwxgtku2.6-devel~2.6.4~14.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.8", rpm:"libwxgtku2.8~2.8.7~1.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.8-devel", rpm:"libwxgtku2.8-devel~2.8.7~1.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"wxGTK2.6", rpm:"wxGTK2.6~2.6.4~14.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"wxgtk2.8", rpm:"wxgtk2.8~2.8.7~1.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.6", rpm:"lib64wxgtk2.6~2.6.4~14.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.6-devel", rpm:"lib64wxgtk2.6-devel~2.6.4~14.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.8", rpm:"lib64wxgtk2.8~2.8.7~1.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.8-devel", rpm:"lib64wxgtk2.8-devel~2.8.7~1.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkgl2.6", rpm:"lib64wxgtkgl2.6~2.6.4~14.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkgl2.8", rpm:"lib64wxgtkgl2.8~2.8.7~1.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkglu2.6", rpm:"lib64wxgtkglu2.6~2.6.4~14.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkglu2.8", rpm:"lib64wxgtkglu2.8~2.8.7~1.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.6", rpm:"lib64wxgtku2.6~2.6.4~14.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.6-devel", rpm:"lib64wxgtku2.6-devel~2.6.4~14.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.8", rpm:"lib64wxgtku2.8~2.8.7~1.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.8-devel", rpm:"lib64wxgtku2.8-devel~2.8.7~1.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.6", rpm:"libwxgtk2.6~2.6.4~16.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.6-devel", rpm:"libwxgtk2.6-devel~2.6.4~16.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.8", rpm:"libwxgtk2.8~2.8.8~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.8-devel", rpm:"libwxgtk2.8-devel~2.8.8~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkgl2.6", rpm:"libwxgtkgl2.6~2.6.4~16.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkgl2.8", rpm:"libwxgtkgl2.8~2.8.8~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkglu2.6", rpm:"libwxgtkglu2.6~2.6.4~16.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkglu2.8", rpm:"libwxgtkglu2.8~2.8.8~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.6", rpm:"libwxgtku2.6~2.6.4~16.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.6-devel", rpm:"libwxgtku2.6-devel~2.6.4~16.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.8", rpm:"libwxgtku2.8~2.8.8~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.8-devel", rpm:"libwxgtku2.8-devel~2.8.8~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"wxGTK2.6", rpm:"wxGTK2.6~2.6.4~16.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"wxgtk2.8", rpm:"wxgtk2.8~2.8.8~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.6", rpm:"lib64wxgtk2.6~2.6.4~16.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.6-devel", rpm:"lib64wxgtk2.6-devel~2.6.4~16.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.8", rpm:"lib64wxgtk2.8~2.8.8~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.8-devel", rpm:"lib64wxgtk2.8-devel~2.8.8~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkgl2.6", rpm:"lib64wxgtkgl2.6~2.6.4~16.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkgl2.8", rpm:"lib64wxgtkgl2.8~2.8.8~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkglu2.6", rpm:"lib64wxgtkglu2.6~2.6.4~16.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkglu2.8", rpm:"lib64wxgtkglu2.8~2.8.8~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.6", rpm:"lib64wxgtku2.6~2.6.4~16.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.6-devel", rpm:"lib64wxgtku2.6-devel~2.6.4~16.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.8", rpm:"lib64wxgtku2.8~2.8.8~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.8-devel", rpm:"lib64wxgtku2.8-devel~2.8.8~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.8", rpm:"libwxgtk2.8~2.8.9~3.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.8-devel", rpm:"libwxgtk2.8-devel~2.8.9~3.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkgl2.8", rpm:"libwxgtkgl2.8~2.8.9~3.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkglu2.8", rpm:"libwxgtkglu2.8~2.8.9~3.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.8", rpm:"libwxgtku2.8~2.8.9~3.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.8-devel", rpm:"libwxgtku2.8-devel~2.8.9~3.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"wxgtk2.8", rpm:"wxgtk2.8~2.8.9~3.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.8", rpm:"lib64wxgtk2.8~2.8.9~3.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.8-devel", rpm:"lib64wxgtk2.8-devel~2.8.9~3.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkgl2.8", rpm:"lib64wxgtkgl2.8~2.8.9~3.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkglu2.8", rpm:"lib64wxgtkglu2.8~2.8.9~3.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.8", rpm:"lib64wxgtku2.8~2.8.9~3.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.8-devel", rpm:"lib64wxgtku2.8-devel~2.8.9~3.2mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.8", rpm:"libwxgtk2.8~2.8.8~1.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtk2.8-devel", rpm:"libwxgtk2.8-devel~2.8.8~1.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkgl2.8", rpm:"libwxgtkgl2.8~2.8.8~1.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtkglu2.8", rpm:"libwxgtkglu2.8~2.8.8~1.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.8", rpm:"libwxgtku2.8~2.8.8~1.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libwxgtku2.8-devel", rpm:"libwxgtku2.8-devel~2.8.8~1.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"wxgtk2.8", rpm:"wxgtk2.8~2.8.8~1.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.8", rpm:"lib64wxgtk2.8~2.8.8~1.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtk2.8-devel", rpm:"lib64wxgtk2.8-devel~2.8.8~1.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkgl2.8", rpm:"lib64wxgtkgl2.8~2.8.8~1.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtkglu2.8", rpm:"lib64wxgtkglu2.8~2.8.8~1.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.8", rpm:"lib64wxgtku2.8~2.8.8~1.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64wxgtku2.8-devel", rpm:"lib64wxgtku2.8-devel~2.8.8~1.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_214.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_214.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_214.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,87 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:214 (python-celementtree) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64686); + script_cve_id("CVE-2009-2625"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:214 (python-celementtree)"); + + desc = " +The remote host is missing an update to python-celementtree +announced via advisory MDVSA-2009:214. + +A vulnerability was found in xmltok_impl.c (expat) that with +specially crafted XML could be exploited and lead to a denial of +service attack. Related to CVE-2009-2625. + +This update fixes this vulnerability. + +Affected: 2008.1, 2009.0, 2009.1 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:214 + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:214 (python-celementtree)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"python-celementtree", rpm:"python-celementtree~1.0.5~2.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python-celementtree", rpm:"python-celementtree~1.0.5~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python-celementtree", rpm:"python-celementtree~1.0.5~3.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_215.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_215.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_215.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,84 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:215 (audacity) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64687); + script_cve_id("CVE-2009-2625"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:215 (audacity)"); + + desc = " +The remote host is missing an update to audacity +announced via advisory MDVSA-2009:215. + +A vulnerability was found in xmltok_impl.c (expat) that with +specially crafted XML could be exploited and lead to a denial of +service attack. Related to CVE-2009-2625. + +This update fixes this vulnerability. + +Affected: 2009.0, Corporate 3.0 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:215 + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:215 (audacity)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"audacity", rpm:"audacity~1.3.5~3.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"audacity", rpm:"audacity~1.2.0~1.3.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_216.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_216.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_216.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,344 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:216 (mozilla-thunderbird) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64688); + script_cve_id("CVE-2009-2408", "CVE-2009-2409", "CVE-2009-2404", "CVE-2009-2625"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:216 (mozilla-thunderbird)"); + + desc = " +The remote host is missing an update to mozilla-thunderbird +announced via advisory MDVSA-2009:216. + +A number of security vulnerabilities have been discovered in the NSS +and NSPR libraries and in Mozilla Thunderbird: + +Security issues in nss prior to 3.12.3 could lead to a +man-in-the-middle attack via a spoofed X.509 certificate +(CVE-2009-2408) and md2 algorithm flaws (CVE-2009-2409), and also +cause a denial-of-service and possible code execution via a long +domain name in X.509 certificate (CVE-2009-2404). + +A vulnerability was found in xmltok_impl.c (expat) that with +specially crafted XML could be exploited and lead to a denial of +service attack. Related to CVE-2009-2625. + +This update provides the latest versions of the NSS and NSPR libraries +and Thunderbird which are not vulnerable to these issues. + +Affected: Corporate 3.0 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:216 +http://www.mozilla.org/security/announce/2009/mfsa2009-42.html + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:216 (mozilla-thunderbird)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"libnspr4", rpm:"libnspr4~4.7.5~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libnspr-devel", rpm:"libnspr-devel~4.7.5~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libnss3", rpm:"libnss3~3.12.3.1~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libnss-devel", rpm:"libnss-devel~3.12.3.1~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libnss-static-devel", rpm:"libnss-static-devel~3.12.3.1~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libsqlite3_0", rpm:"libsqlite3_0~3.6.15~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libsqlite3-devel", rpm:"libsqlite3-devel~3.6.15~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libsqlite3-static-devel", rpm:"libsqlite3-static-devel~3.6.15~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird", rpm:"mozilla-thunderbird~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-af", rpm:"mozilla-thunderbird-af~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-be", rpm:"mozilla-thunderbird-be~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-bg", rpm:"mozilla-thunderbird-bg~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-ca", rpm:"mozilla-thunderbird-ca~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-cs", rpm:"mozilla-thunderbird-cs~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-da", rpm:"mozilla-thunderbird-da~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-de", rpm:"mozilla-thunderbird-de~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-devel", rpm:"mozilla-thunderbird-devel~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-el", rpm:"mozilla-thunderbird-el~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-en_GB", rpm:"mozilla-thunderbird-en_GB~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail", rpm:"mozilla-thunderbird-enigmail~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ar", rpm:"mozilla-thunderbird-enigmail-ar~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ca", rpm:"mozilla-thunderbird-enigmail-ca~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-cs", rpm:"mozilla-thunderbird-enigmail-cs~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-de", rpm:"mozilla-thunderbird-enigmail-de~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-el", rpm:"mozilla-thunderbird-enigmail-el~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-es", rpm:"mozilla-thunderbird-enigmail-es~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-es_AR", rpm:"mozilla-thunderbird-enigmail-es_AR~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-fi", rpm:"mozilla-thunderbird-enigmail-fi~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-fr", rpm:"mozilla-thunderbird-enigmail-fr~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-hu", rpm:"mozilla-thunderbird-enigmail-hu~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-it", rpm:"mozilla-thunderbird-enigmail-it~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ja", rpm:"mozilla-thunderbird-enigmail-ja~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ko", rpm:"mozilla-thunderbird-enigmail-ko~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-nb", rpm:"mozilla-thunderbird-enigmail-nb~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-nl", rpm:"mozilla-thunderbird-enigmail-nl~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-pl", rpm:"mozilla-thunderbird-enigmail-pl~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-pt", rpm:"mozilla-thunderbird-enigmail-pt~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-pt_BR", rpm:"mozilla-thunderbird-enigmail-pt_BR~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ro", rpm:"mozilla-thunderbird-enigmail-ro~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ru", rpm:"mozilla-thunderbird-enigmail-ru~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-sk", rpm:"mozilla-thunderbird-enigmail-sk~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-sl", rpm:"mozilla-thunderbird-enigmail-sl~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-sv", rpm:"mozilla-thunderbird-enigmail-sv~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-zh_CN", rpm:"mozilla-thunderbird-enigmail-zh_CN~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-zh_TW", rpm:"mozilla-thunderbird-enigmail-zh_TW~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-es_AR", rpm:"mozilla-thunderbird-es_AR~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-es_ES", rpm:"mozilla-thunderbird-es_ES~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-et_EE", rpm:"mozilla-thunderbird-et_EE~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-eu", rpm:"mozilla-thunderbird-eu~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-fi", rpm:"mozilla-thunderbird-fi~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-fr", rpm:"mozilla-thunderbird-fr~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-gu_IN", rpm:"mozilla-thunderbird-gu_IN~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-he", rpm:"mozilla-thunderbird-he~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-hu", rpm:"mozilla-thunderbird-hu~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-it", rpm:"mozilla-thunderbird-it~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-ja", rpm:"mozilla-thunderbird-ja~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-ko", rpm:"mozilla-thunderbird-ko~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-lt", rpm:"mozilla-thunderbird-lt~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-mk", rpm:"mozilla-thunderbird-mk~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-nb_NO", rpm:"mozilla-thunderbird-nb_NO~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-nl", rpm:"mozilla-thunderbird-nl~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-nn_NO", rpm:"mozilla-thunderbird-nn_NO~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-pa_IN", rpm:"mozilla-thunderbird-pa_IN~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-pl", rpm:"mozilla-thunderbird-pl~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-pt_BR", rpm:"mozilla-thunderbird-pt_BR~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-pt_PT", rpm:"mozilla-thunderbird-pt_PT~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-ru", rpm:"mozilla-thunderbird-ru~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-sk", rpm:"mozilla-thunderbird-sk~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-sl", rpm:"mozilla-thunderbird-sl~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-sv_SE", rpm:"mozilla-thunderbird-sv_SE~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-tr", rpm:"mozilla-thunderbird-tr~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-uk", rpm:"mozilla-thunderbird-uk~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-zh_CN", rpm:"mozilla-thunderbird-zh_CN~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-zh_TW", rpm:"mozilla-thunderbird-zh_TW~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nsinstall", rpm:"nsinstall~2.0.0.23~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nss", rpm:"nss~3.12.3.1~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"sqlite3-tools", rpm:"sqlite3-tools~3.6.15~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64nspr4", rpm:"lib64nspr4~4.7.5~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64nspr-devel", rpm:"lib64nspr-devel~4.7.5~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64nss3", rpm:"lib64nss3~3.12.3.1~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64nss-devel", rpm:"lib64nss-devel~3.12.3.1~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64nss-static-devel", rpm:"lib64nss-static-devel~3.12.3.1~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64sqlite3_0", rpm:"lib64sqlite3_0~3.6.15~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64sqlite3-devel", rpm:"lib64sqlite3-devel~3.6.15~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64sqlite3-static-devel", rpm:"lib64sqlite3-static-devel~3.6.15~0.1.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_217.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_217.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_217.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,506 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:217 (mozilla-thunderbird) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64689); + script_cve_id("CVE-2009-2408", "CVE-2009-2625"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:217 (mozilla-thunderbird)"); + + desc = " +The remote host is missing an update to mozilla-thunderbird +announced via advisory MDVSA-2009:217. + +A number of security vulnerabilities have been discovered in Mozilla +Thunderbird: + +Security issues in thunderbird could lead to a man-in-the-middle +attack via a spoofed X.509 certificate (CVE-2009-2408). + +A vulnerability was found in xmltok_impl.c (expat) that with +specially crafted XML could be exploited and lead to a denial of +service attack. Related to CVE-2009-2625. + +This update provides the latest version of Thunderbird which are not +vulnerable to these issues. + +Affected: 2009.0, 2009.1 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:217 +http://www.mozilla.org/security/announce/2009/mfsa2009-42.html + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:217 (mozilla-thunderbird)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"mozilla-thunderbird", rpm:"mozilla-thunderbird~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-af", rpm:"mozilla-thunderbird-af~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-be", rpm:"mozilla-thunderbird-be~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-bg", rpm:"mozilla-thunderbird-bg~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-ca", rpm:"mozilla-thunderbird-ca~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-cs", rpm:"mozilla-thunderbird-cs~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-da", rpm:"mozilla-thunderbird-da~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-de", rpm:"mozilla-thunderbird-de~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-devel", rpm:"mozilla-thunderbird-devel~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-el", rpm:"mozilla-thunderbird-el~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-en_GB", rpm:"mozilla-thunderbird-en_GB~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail", rpm:"mozilla-thunderbird-enigmail~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ar", rpm:"mozilla-thunderbird-enigmail-ar~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ca", rpm:"mozilla-thunderbird-enigmail-ca~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-cs", rpm:"mozilla-thunderbird-enigmail-cs~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-de", rpm:"mozilla-thunderbird-enigmail-de~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-el", rpm:"mozilla-thunderbird-enigmail-el~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-es", rpm:"mozilla-thunderbird-enigmail-es~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-es_AR", rpm:"mozilla-thunderbird-enigmail-es_AR~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-fi", rpm:"mozilla-thunderbird-enigmail-fi~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-fr", rpm:"mozilla-thunderbird-enigmail-fr~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-hu", rpm:"mozilla-thunderbird-enigmail-hu~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-it", rpm:"mozilla-thunderbird-enigmail-it~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ja", rpm:"mozilla-thunderbird-enigmail-ja~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ko", rpm:"mozilla-thunderbird-enigmail-ko~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-nb", rpm:"mozilla-thunderbird-enigmail-nb~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-nl", rpm:"mozilla-thunderbird-enigmail-nl~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-pl", rpm:"mozilla-thunderbird-enigmail-pl~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-pt", rpm:"mozilla-thunderbird-enigmail-pt~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-pt_BR", rpm:"mozilla-thunderbird-enigmail-pt_BR~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ro", rpm:"mozilla-thunderbird-enigmail-ro~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ru", rpm:"mozilla-thunderbird-enigmail-ru~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-sk", rpm:"mozilla-thunderbird-enigmail-sk~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-sl", rpm:"mozilla-thunderbird-enigmail-sl~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-sv", rpm:"mozilla-thunderbird-enigmail-sv~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-tr", rpm:"mozilla-thunderbird-enigmail-tr~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-zh_CN", rpm:"mozilla-thunderbird-enigmail-zh_CN~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-zh_TW", rpm:"mozilla-thunderbird-enigmail-zh_TW~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-es_AR", rpm:"mozilla-thunderbird-es_AR~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-es_ES", rpm:"mozilla-thunderbird-es_ES~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-et_EE", rpm:"mozilla-thunderbird-et_EE~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-eu", rpm:"mozilla-thunderbird-eu~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-fi", rpm:"mozilla-thunderbird-fi~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-fr", rpm:"mozilla-thunderbird-fr~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-ga", rpm:"mozilla-thunderbird-ga~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-gu_IN", rpm:"mozilla-thunderbird-gu_IN~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-he", rpm:"mozilla-thunderbird-he~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-hu", rpm:"mozilla-thunderbird-hu~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-it", rpm:"mozilla-thunderbird-it~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-ja", rpm:"mozilla-thunderbird-ja~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-ko", rpm:"mozilla-thunderbird-ko~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-lt", rpm:"mozilla-thunderbird-lt~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-mk", rpm:"mozilla-thunderbird-mk~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-moztraybiff", rpm:"mozilla-thunderbird-moztraybiff~1.2.4~1.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-nb_NO", rpm:"mozilla-thunderbird-nb_NO~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-nl", rpm:"mozilla-thunderbird-nl~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-nn_NO", rpm:"mozilla-thunderbird-nn_NO~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-pa_IN", rpm:"mozilla-thunderbird-pa_IN~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-pl", rpm:"mozilla-thunderbird-pl~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-pt_BR", rpm:"mozilla-thunderbird-pt_BR~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-pt_PT", rpm:"mozilla-thunderbird-pt_PT~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-ru", rpm:"mozilla-thunderbird-ru~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-sk", rpm:"mozilla-thunderbird-sk~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-sl", rpm:"mozilla-thunderbird-sl~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-sv_SE", rpm:"mozilla-thunderbird-sv_SE~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-tr", rpm:"mozilla-thunderbird-tr~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-uk", rpm:"mozilla-thunderbird-uk~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-zh_CN", rpm:"mozilla-thunderbird-zh_CN~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-zh_TW", rpm:"mozilla-thunderbird-zh_TW~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nsinstall", rpm:"nsinstall~2.0.0.23~0.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird", rpm:"mozilla-thunderbird~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-af", rpm:"mozilla-thunderbird-af~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-be", rpm:"mozilla-thunderbird-be~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-bg", rpm:"mozilla-thunderbird-bg~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-ca", rpm:"mozilla-thunderbird-ca~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-cs", rpm:"mozilla-thunderbird-cs~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-da", rpm:"mozilla-thunderbird-da~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-de", rpm:"mozilla-thunderbird-de~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-devel", rpm:"mozilla-thunderbird-devel~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-el", rpm:"mozilla-thunderbird-el~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-en_GB", rpm:"mozilla-thunderbird-en_GB~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail", rpm:"mozilla-thunderbird-enigmail~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ar", rpm:"mozilla-thunderbird-enigmail-ar~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ca", rpm:"mozilla-thunderbird-enigmail-ca~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-cs", rpm:"mozilla-thunderbird-enigmail-cs~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-de", rpm:"mozilla-thunderbird-enigmail-de~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-el", rpm:"mozilla-thunderbird-enigmail-el~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-es", rpm:"mozilla-thunderbird-enigmail-es~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-es_AR", rpm:"mozilla-thunderbird-enigmail-es_AR~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-fi", rpm:"mozilla-thunderbird-enigmail-fi~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-fr", rpm:"mozilla-thunderbird-enigmail-fr~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-hu", rpm:"mozilla-thunderbird-enigmail-hu~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-it", rpm:"mozilla-thunderbird-enigmail-it~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ja", rpm:"mozilla-thunderbird-enigmail-ja~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ko", rpm:"mozilla-thunderbird-enigmail-ko~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-nb", rpm:"mozilla-thunderbird-enigmail-nb~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-nl", rpm:"mozilla-thunderbird-enigmail-nl~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-pl", rpm:"mozilla-thunderbird-enigmail-pl~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-pt", rpm:"mozilla-thunderbird-enigmail-pt~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-pt_BR", rpm:"mozilla-thunderbird-enigmail-pt_BR~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ro", rpm:"mozilla-thunderbird-enigmail-ro~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-ru", rpm:"mozilla-thunderbird-enigmail-ru~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-sk", rpm:"mozilla-thunderbird-enigmail-sk~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-sl", rpm:"mozilla-thunderbird-enigmail-sl~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-sv", rpm:"mozilla-thunderbird-enigmail-sv~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-tr", rpm:"mozilla-thunderbird-enigmail-tr~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-zh_CN", rpm:"mozilla-thunderbird-enigmail-zh_CN~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-enigmail-zh_TW", rpm:"mozilla-thunderbird-enigmail-zh_TW~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-es_AR", rpm:"mozilla-thunderbird-es_AR~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-es_ES", rpm:"mozilla-thunderbird-es_ES~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-et_EE", rpm:"mozilla-thunderbird-et_EE~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-eu", rpm:"mozilla-thunderbird-eu~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-fi", rpm:"mozilla-thunderbird-fi~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-fr", rpm:"mozilla-thunderbird-fr~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-ga", rpm:"mozilla-thunderbird-ga~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-gu_IN", rpm:"mozilla-thunderbird-gu_IN~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-he", rpm:"mozilla-thunderbird-he~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-hu", rpm:"mozilla-thunderbird-hu~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-it", rpm:"mozilla-thunderbird-it~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-ja", rpm:"mozilla-thunderbird-ja~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-ko", rpm:"mozilla-thunderbird-ko~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-lt", rpm:"mozilla-thunderbird-lt~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-mk", rpm:"mozilla-thunderbird-mk~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-moztraybiff", rpm:"mozilla-thunderbird-moztraybiff~1.2.4~1.5mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-nb_NO", rpm:"mozilla-thunderbird-nb_NO~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-nl", rpm:"mozilla-thunderbird-nl~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-nn_NO", rpm:"mozilla-thunderbird-nn_NO~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-pa_IN", rpm:"mozilla-thunderbird-pa_IN~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-pl", rpm:"mozilla-thunderbird-pl~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-pt_BR", rpm:"mozilla-thunderbird-pt_BR~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-pt_PT", rpm:"mozilla-thunderbird-pt_PT~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-ru", rpm:"mozilla-thunderbird-ru~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-sk", rpm:"mozilla-thunderbird-sk~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-sl", rpm:"mozilla-thunderbird-sl~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-sv_SE", rpm:"mozilla-thunderbird-sv_SE~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-tr", rpm:"mozilla-thunderbird-tr~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-uk", rpm:"mozilla-thunderbird-uk~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-zh_CN", rpm:"mozilla-thunderbird-zh_CN~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mozilla-thunderbird-zh_TW", rpm:"mozilla-thunderbird-zh_TW~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nsinstall", rpm:"nsinstall~2.0.0.23~0.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_218.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_218.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_218.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,96 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:218 (w3c-libwww) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64690); + script_cve_id("CVE-2009-2625"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:218 (w3c-libwww)"); + + desc = " +The remote host is missing an update to w3c-libwww +announced via advisory MDVSA-2009:218. + +A vulnerability was found in xmltok_impl.c (expat) that with +specially crafted XML could be exploited and lead to a denial of +service attack. Related to CVE-2009-2625. + +This update fixes this vulnerability. + +Affected: 2008.1, Corporate 3.0 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:218 + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:218 (w3c-libwww)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"w3c-libwww", rpm:"w3c-libwww~5.4.0~9.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"w3c-libwww-apps", rpm:"w3c-libwww-apps~5.4.0~9.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"w3c-libwww-devel", rpm:"w3c-libwww-devel~5.4.0~9.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"w3c-libwww", rpm:"w3c-libwww~5.4.0~2.2.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"w3c-libwww-apps", rpm:"w3c-libwww-apps~5.4.0~2.2.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"w3c-libwww-devel", rpm:"w3c-libwww-devel~5.4.0~2.2.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_219.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_219.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_219.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,95 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:219 (kompozer) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64691); + script_cve_id("CVE-2009-2625"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:219 (kompozer)"); + + desc = " +The remote host is missing an update to kompozer +announced via advisory MDVSA-2009:219. + +A vulnerability was found in xmltok_impl.c (expat) that with +specially crafted XML could be exploited and lead to a denial of +service attack. Related to CVE-2009-2625. + +Additionally on 2009.0 a patch was added to prevent kompozer from +crashing (#44830), on 2009.1 a format string patch was added to make +it build with the -Wformat -Werror=format-security gcc optimization +switch added in 2009.1 + +This update fixes these issues. + +Affected: 2009.0, 2009.1 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:219 + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:219 (kompozer)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"kompozer", rpm:"kompozer~0.7.10~3.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kompozer-devel", rpm:"kompozer-devel~0.7.10~3.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kompozer", rpm:"kompozer~0.7.10~4.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kompozer-devel", rpm:"kompozer-devel~0.7.10~4.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_220.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_220.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_220.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,87 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:220 (davfs) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64692); + script_cve_id("CVE-2009-2625"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:220 (davfs)"); + + desc = " +The remote host is missing an update to davfs +announced via advisory MDVSA-2009:220. + +A vulnerability was found in xmltok_impl.c (expat) that with +specially crafted XML could be exploited and lead to a denial of +service attack. Related to CVE-2009-2625. + +This update fixes this vulnerability. + +Affected: 2008.1, 2009.0, 2009.1 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:220 + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:220 (davfs)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"davfs", rpm:"davfs~0.2.4~12.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"davfs", rpm:"davfs~0.2.4~13.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"davfs", rpm:"davfs~0.2.4~13.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_221.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_221.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_221.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,179 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:221 (libneon0.27) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64693); + script_cve_id("CVE-2003-1564", "CVE-2009-2473", "CVE-2009-2408", "CVE-2009-2474"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:221 (libneon0.27)"); + + desc = " +The remote host is missing an update to libneon0.27 +announced via advisory MDVSA-2009:221. + +Multiple vulnerabilities has been found and corrected in libneon0.27: + +neon before 0.28.6, when expat is used, does not properly detect +recursion during entity expansion, which allows context-dependent +attackers to cause a denial of service (memory and CPU consumption) +via a crafted XML document containing a large number of nested entity +references, a similar issue to CVE-2003-1564 (CVE-2009-2473). + +neon before 0.28.6, when OpenSSL is used, does not properly handle a +'\0' (NUL) character in a domain name in the subject's Common Name +(CN) field of an X.509 certificate, which allows man-in-the-middle +attackers to spoof arbitrary SSL servers via a crafted certificate +issued by a legitimate Certification Authority, a related issue to +CVE-2009-2408 (CVE-2009-2474). + +This update provides a solution to these vulnerabilities. + +Affected: 2008.1, 2009.0, 2009.1, Corporate 4.0, Enterprise Server 5.0 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:221 + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:221 (libneon0.27)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"libneon0.27", rpm:"libneon0.27~0.28.3~0.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libneon0.27-devel", rpm:"libneon0.27-devel~0.28.3~0.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libneon0.27-static-devel", rpm:"libneon0.27-static-devel~0.28.3~0.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64neon0.27", rpm:"lib64neon0.27~0.28.3~0.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64neon0.27-devel", rpm:"lib64neon0.27-devel~0.28.3~0.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64neon0.27-static-devel", rpm:"lib64neon0.27-static-devel~0.28.3~0.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libneon0.27", rpm:"libneon0.27~0.28.3~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libneon0.27-devel", rpm:"libneon0.27-devel~0.28.3~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libneon0.27-static-devel", rpm:"libneon0.27-static-devel~0.28.3~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64neon0.27", rpm:"lib64neon0.27~0.28.3~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64neon0.27-devel", rpm:"lib64neon0.27-devel~0.28.3~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64neon0.27-static-devel", rpm:"lib64neon0.27-static-devel~0.28.3~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libneon0.27", rpm:"libneon0.27~0.28.3~2.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libneon0.27-devel", rpm:"libneon0.27-devel~0.28.3~2.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libneon0.27-static-devel", rpm:"libneon0.27-static-devel~0.28.3~2.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64neon0.27", rpm:"lib64neon0.27~0.28.3~2.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64neon0.27-devel", rpm:"lib64neon0.27-devel~0.28.3~2.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64neon0.27-static-devel", rpm:"lib64neon0.27-static-devel~0.28.3~2.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libneon0.27", rpm:"libneon0.27~0.28.3~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libneon0.27-devel", rpm:"libneon0.27-devel~0.28.3~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libneon0.27-static-devel", rpm:"libneon0.27-static-devel~0.28.3~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64neon0.27", rpm:"lib64neon0.27~0.28.3~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64neon0.27-devel", rpm:"lib64neon0.27-devel~0.28.3~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64neon0.27-static-devel", rpm:"lib64neon0.27-static-devel~0.28.3~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libneon0.27", rpm:"libneon0.27~0.28.3~1.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libneon0.27-devel", rpm:"libneon0.27-devel~0.28.3~1.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libneon0.27-static-devel", rpm:"libneon0.27-static-devel~0.28.3~1.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64neon0.27", rpm:"lib64neon0.27~0.28.3~1.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64neon0.27-devel", rpm:"lib64neon0.27-devel~0.28.3~1.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64neon0.27-static-devel", rpm:"lib64neon0.27-static-devel~0.28.3~1.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_222.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_222.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_222.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,383 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:222 (squirrelmail) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64694); + script_cve_id("CVE-2009-2964"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:222 (squirrelmail)"); + + desc = " +The remote host is missing an update to squirrelmail +announced via advisory MDVSA-2009:222. + +A vulnerability has been found and corrected in squirrelmail: + +All form submissions (send message, change preferences, etc.) in +SquirrelMail were previously subject to cross-site request forgery +(CSRF), wherein data could be sent to them from an offsite location, +which could allow an attacker to inject malicious content into +user preferences or possibly send emails without user consent +(CVE-2009-2964). + +This update provides a solution to this vulnerability. + +Affected: Corporate 4.0, Enterprise Server 5.0 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:222 + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:222 (squirrelmail)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"squirrelmail", rpm:"squirrelmail~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-ar", rpm:"squirrelmail-ar~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-bg", rpm:"squirrelmail-bg~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-bn", rpm:"squirrelmail-bn~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-ca", rpm:"squirrelmail-ca~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-cs", rpm:"squirrelmail-cs~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-cy", rpm:"squirrelmail-cy~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-cyrus", rpm:"squirrelmail-cyrus~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-da", rpm:"squirrelmail-da~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-de", rpm:"squirrelmail-de~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-el", rpm:"squirrelmail-el~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-en", rpm:"squirrelmail-en~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-es", rpm:"squirrelmail-es~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-et", rpm:"squirrelmail-et~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-eu", rpm:"squirrelmail-eu~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-fa", rpm:"squirrelmail-fa~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-fi", rpm:"squirrelmail-fi~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-fo", rpm:"squirrelmail-fo~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-fr", rpm:"squirrelmail-fr~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-fy", rpm:"squirrelmail-fy~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-he", rpm:"squirrelmail-he~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-hr", rpm:"squirrelmail-hr~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-hu", rpm:"squirrelmail-hu~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-id", rpm:"squirrelmail-id~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-is", rpm:"squirrelmail-is~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-it", rpm:"squirrelmail-it~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-ja", rpm:"squirrelmail-ja~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-ka", rpm:"squirrelmail-ka~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-ko", rpm:"squirrelmail-ko~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-lt", rpm:"squirrelmail-lt~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-ms", rpm:"squirrelmail-ms~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-nb", rpm:"squirrelmail-nb~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-nl", rpm:"squirrelmail-nl~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-nn", rpm:"squirrelmail-nn~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-pl", rpm:"squirrelmail-pl~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-poutils", rpm:"squirrelmail-poutils~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-pt", rpm:"squirrelmail-pt~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-ro", rpm:"squirrelmail-ro~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-ru", rpm:"squirrelmail-ru~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-sk", rpm:"squirrelmail-sk~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-sl", rpm:"squirrelmail-sl~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-sr", rpm:"squirrelmail-sr~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-sv", rpm:"squirrelmail-sv~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-th", rpm:"squirrelmail-th~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-tr", rpm:"squirrelmail-tr~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-ug", rpm:"squirrelmail-ug~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-uk", rpm:"squirrelmail-uk~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-vi", rpm:"squirrelmail-vi~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-zh_CN", rpm:"squirrelmail-zh_CN~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-zh_TW", rpm:"squirrelmail-zh_TW~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail", rpm:"squirrelmail~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-ar", rpm:"squirrelmail-ar~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-bg", rpm:"squirrelmail-bg~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-bn", rpm:"squirrelmail-bn~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-ca", rpm:"squirrelmail-ca~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-cs", rpm:"squirrelmail-cs~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-cy", rpm:"squirrelmail-cy~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-cyrus", rpm:"squirrelmail-cyrus~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-da", rpm:"squirrelmail-da~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-de", rpm:"squirrelmail-de~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-el", rpm:"squirrelmail-el~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-en", rpm:"squirrelmail-en~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-es", rpm:"squirrelmail-es~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-et", rpm:"squirrelmail-et~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-eu", rpm:"squirrelmail-eu~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-fa", rpm:"squirrelmail-fa~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-fi", rpm:"squirrelmail-fi~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-fo", rpm:"squirrelmail-fo~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-fr", rpm:"squirrelmail-fr~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-fy", rpm:"squirrelmail-fy~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-he", rpm:"squirrelmail-he~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-hr", rpm:"squirrelmail-hr~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-hu", rpm:"squirrelmail-hu~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-id", rpm:"squirrelmail-id~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-is", rpm:"squirrelmail-is~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-it", rpm:"squirrelmail-it~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-ja", rpm:"squirrelmail-ja~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-ka", rpm:"squirrelmail-ka~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-ko", rpm:"squirrelmail-ko~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-lt", rpm:"squirrelmail-lt~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-ms", rpm:"squirrelmail-ms~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-nb", rpm:"squirrelmail-nb~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-nl", rpm:"squirrelmail-nl~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-nn", rpm:"squirrelmail-nn~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-pl", rpm:"squirrelmail-pl~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-poutils", rpm:"squirrelmail-poutils~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-pt", rpm:"squirrelmail-pt~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-ro", rpm:"squirrelmail-ro~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-ru", rpm:"squirrelmail-ru~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-sk", rpm:"squirrelmail-sk~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-sl", rpm:"squirrelmail-sl~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-sr", rpm:"squirrelmail-sr~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-sv", rpm:"squirrelmail-sv~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-th", rpm:"squirrelmail-th~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-tr", rpm:"squirrelmail-tr~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-ug", rpm:"squirrelmail-ug~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-uk", rpm:"squirrelmail-uk~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-vi", rpm:"squirrelmail-vi~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-zh_CN", rpm:"squirrelmail-zh_CN~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squirrelmail-zh_TW", rpm:"squirrelmail-zh_TW~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_223.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_223.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_223.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,173 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:223 (xerces-c) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64695); + script_cve_id("CVE-2009-1885"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:223 (xerces-c)"); + + desc = " +The remote host is missing an update to xerces-c +announced via advisory MDVSA-2009:223. + +A vulnerability has been found and corrected in xerces-c: + +Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in +Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to +cause a denial of service (application crash) via vectors involving +nested parentheses and invalid byte values in simply nested DTD +structures, as demonstrated by the Codenomicon XML fuzzing framework +(CVE-2009-1885). + +This update provides a solution to this vulnerability. + +Affected: 2008.1, 2009.0, 2009.1, Enterprise Server 5.0 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:223 + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:223 (xerces-c)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"libxerces-c0", rpm:"libxerces-c0~2.7.0~7.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libxerces-c0-devel", rpm:"libxerces-c0-devel~2.7.0~7.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"xerces-c-doc", rpm:"xerces-c-doc~2.7.0~7.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64xerces-c0", rpm:"lib64xerces-c0~2.7.0~7.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64xerces-c0-devel", rpm:"lib64xerces-c0-devel~2.7.0~7.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libxerces-c0", rpm:"libxerces-c0~2.7.0~7.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libxerces-c0-devel", rpm:"libxerces-c0-devel~2.7.0~7.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libxerces-c28", rpm:"libxerces-c28~2.8.0~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libxerces-c-devel", rpm:"libxerces-c-devel~2.8.0~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"xerces-c-doc", rpm:"xerces-c-doc~2.7.0~7.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"xerces-c-doc", rpm:"xerces-c-doc~2.8.0~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64xerces-c0", rpm:"lib64xerces-c0~2.7.0~7.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64xerces-c0-devel", rpm:"lib64xerces-c0-devel~2.7.0~7.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64xerces-c28", rpm:"lib64xerces-c28~2.8.0~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64xerces-c-devel", rpm:"lib64xerces-c-devel~2.8.0~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libxerces-c28", rpm:"libxerces-c28~2.8.0~2.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libxerces-c-devel", rpm:"libxerces-c-devel~2.8.0~2.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"xerces-c-doc", rpm:"xerces-c-doc~2.8.0~2.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64xerces-c28", rpm:"lib64xerces-c28~2.8.0~2.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64xerces-c-devel", rpm:"lib64xerces-c-devel~2.8.0~2.1mdv2009.1", rls:"MNDK_2009.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libxerces-c0", rpm:"libxerces-c0~2.7.0~7.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libxerces-c0-devel", rpm:"libxerces-c0-devel~2.7.0~7.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libxerces-c28", rpm:"libxerces-c28~2.8.0~2.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libxerces-c-devel", rpm:"libxerces-c-devel~2.8.0~2.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"xerces-c-doc", rpm:"xerces-c-doc~2.7.0~7.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"xerces-c-doc", rpm:"xerces-c-doc~2.8.0~2.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64xerces-c0", rpm:"lib64xerces-c0~2.7.0~7.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64xerces-c0-devel", rpm:"lib64xerces-c0-devel~2.7.0~7.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64xerces-c28", rpm:"lib64xerces-c28~2.8.0~2.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64xerces-c-devel", rpm:"lib64xerces-c-devel~2.8.0~2.1mdvmes5", rls:"MNDK_mes5")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_224.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_224.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/mdksa_2009_224.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,144 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:224 (postfix) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64696); + script_cve_id("CVE-2008-2937"); + script_version ("$"); + script_name("Mandrake Security Advisory MDVSA-2009:224 (postfix)"); + + desc = " +The remote host is missing an update to postfix +announced via advisory MDVSA-2009:224. + +A vulnerability has been found and corrected in postfix: + +Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a +mailbox file even when this file is not owned by the recipient, which +allows local users to read e-mail messages by creating a mailbox file +corresponding to another user's account name (CVE-2008-2937). + +This update provides a solution to this vulnerability. + +Affected: 2008.1, Corporate 3.0, Corporate 4.0 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:224 + +Risk factor : High"; + + script_description(desc); + + script_summary("Mandrake Security Advisory MDVSA-2009:224 (postfix)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Mandrake Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"libpostfix1", rpm:"libpostfix1~2.5.1~2.3mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"postfix", rpm:"postfix~2.5.1~2.3mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"postfix-ldap", rpm:"postfix-ldap~2.5.1~2.3mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"postfix-mysql", rpm:"postfix-mysql~2.5.1~2.3mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"postfix-pcre", rpm:"postfix-pcre~2.5.1~2.3mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"postfix-pgsql", rpm:"postfix-pgsql~2.5.1~2.3mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64postfix1", rpm:"lib64postfix1~2.5.1~2.3mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpostfix1", rpm:"libpostfix1~2.1.1~0.5.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"postfix", rpm:"postfix~2.1.1~0.5.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"postfix-ldap", rpm:"postfix-ldap~2.1.1~0.5.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"postfix-mysql", rpm:"postfix-mysql~2.1.1~0.5.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"postfix-pcre", rpm:"postfix-pcre~2.1.1~0.5.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"postfix-pgsql", rpm:"postfix-pgsql~2.1.1~0.5.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64postfix1", rpm:"lib64postfix1~2.1.1~0.5.C30mdk", rls:"MNDK_3.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpostfix1", rpm:"libpostfix1~2.3.5~0.3.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"postfix", rpm:"postfix~2.3.5~0.3.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"postfix-ldap", rpm:"postfix-ldap~2.3.5~0.3.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"postfix-mysql", rpm:"postfix-mysql~2.3.5~0.3.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"postfix-pcre", rpm:"postfix-pcre~2.3.5~0.3.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"postfix-pgsql", rpm:"postfix-pgsql~2.3.5~0.3.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64postfix1", rpm:"lib64postfix1~2.3.5~0.3.20060mlcs4", rls:"MNDK_4.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Modified: trunk/openvas-plugins/scripts/ovcesa2009_1209.nasl =================================================================== --- trunk/openvas-plugins/scripts/ovcesa2009_1209.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/ovcesa2009_1209.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -1,4 +1,4 @@ -#CESA-2009:1209 64665 2 +#CESA-2009:1209 64665 4 # $Id$ # Description: Auto-generated from advisory CESA-2009:1209 (curl) # @@ -27,7 +27,7 @@ { script_id(64665); script_cve_id("CVE-2009-2417"); - script_version ("$Revision$"); + script_version ("$"); script_name("CentOS Security Advisory CESA-2009:1209 (curl)"); desc = " @@ -72,6 +72,12 @@ if(isrpmvuln(pkg:"curl-devel", rpm:"curl-devel~7.10.6~10.rhel3", rls:"CentOS3")) { vuln = 1; } +if(isrpmvuln(pkg:"curl", rpm:"curl~7.15.5~2.1.el5_3.5", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"curl-devel", rpm:"curl-devel~7.15.5~2.1.el5_3.5", rls:"CentOS5")) { + vuln = 1; +} if(vuln) { security_hole(0); Added: trunk/openvas-plugins/scripts/ovcesa2009_1218.nasl =================================================================== --- trunk/openvas-plugins/scripts/ovcesa2009_1218.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/ovcesa2009_1218.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,102 @@ +#CESA-2009:1218 64789 4 +# $Id$ +# Description: Auto-generated from advisory CESA-2009:1218 (pidgin) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64789); + script_cve_id("CVE-2009-2694"); + script_version ("$"); + script_name("CentOS Security Advisory CESA-2009:1218 (pidgin)"); + + desc = " +The remote host is missing updates to pidgin announced in +advisory CESA-2009:1218. + +For details on the issues addressed in this update, +please visit the referenced security advisories. + +Solution: +Update the appropriate packages on your system. + +http://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1218 +http://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1218 +https://rhn.redhat.com/errata/RHSA-2009-1218.html + +Risk factor : High"; + + script_description(desc); + + script_summary("CentOS Security Advisory CESA-2009:1218 (pidgin)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("CentOS Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"finch", rpm:"finch~2.5.9~1.el5", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"finch-devel", rpm:"finch-devel~2.5.9~1.el5", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple", rpm:"libpurple~2.5.9~1.el5", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple-devel", rpm:"libpurple-devel~2.5.9~1.el5", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple-perl", rpm:"libpurple-perl~2.5.9~1.el5", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpurple-tcl", rpm:"libpurple-tcl~2.5.9~1.el5", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin", rpm:"pidgin~2.5.9~1.el5", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin-devel", rpm:"pidgin-devel~2.5.9~1.el5", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin-perl", rpm:"pidgin-perl~2.5.9~1.el5", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pidgin", rpm:"pidgin~1.5.1~4.el3", rls:"CentOS3")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/ovcesa2009_1219.nasl =================================================================== --- trunk/openvas-plugins/scripts/ovcesa2009_1219.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/ovcesa2009_1219.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,84 @@ +#CESA-2009:1219 64788 4 +# $Id$ +# Description: Auto-generated from advisory CESA-2009:1219 (libvorbis) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64788); + script_cve_id("CVE-2009-2663"); + script_version ("$"); + script_name("CentOS Security Advisory CESA-2009:1219 (libvorbis)"); + + desc = " +The remote host is missing updates to libvorbis announced in +advisory CESA-2009:1219. + +For details on the issues addressed in this update, +please visit the referenced security advisories. + +Solution: +Update the appropriate packages on your system. + +http://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1219 +http://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1219 +https://rhn.redhat.com/errata/RHSA-2009-1219.html + +Risk factor : High"; + + script_description(desc); + + script_summary("CentOS Security Advisory CESA-2009:1219 (libvorbis)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("CentOS Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"libvorbis", rpm:"libvorbis~1.1.2~3.el5_3.3", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libvorbis-devel", rpm:"libvorbis-devel~1.1.2~3.el5_3.3", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libvorbis", rpm:"libvorbis~1.0~11.el3", rls:"CentOS3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libvorbis-devel", rpm:"libvorbis-devel~1.0~11.el3", rls:"CentOS3")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/ovcesa2009_1222.nasl =================================================================== --- trunk/openvas-plugins/scripts/ovcesa2009_1222.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/ovcesa2009_1222.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,102 @@ +#CESA-2009:1222 64792 2 +# $Id$ +# Description: Auto-generated from advisory CESA-2009:1222 (kernel) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64792); + script_cve_id("CVE-2009-2692", "CVE-2009-2698"); + script_version ("$"); + script_name("CentOS Security Advisory CESA-2009:1222 (kernel)"); + + desc = " +The remote host is missing updates to kernel announced in +advisory CESA-2009:1222. + +For details on the issues addressed in this update, +please visit the referenced security advisories. + +Solution: +Update the appropriate packages on your system. + +http://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1222 +http://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1222 +https://rhn.redhat.com/errata/RHSA-2009-1222.html + +Risk factor : High"; + + script_description(desc); + + script_summary("CentOS Security Advisory CESA-2009:1222 (kernel)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("CentOS Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.18~128.7.1.el5", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.18~128.7.1.el5", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.18~128.7.1.el5", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.18~128.7.1.el5", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.18~128.7.1.el5", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.18~128.7.1.el5", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE", rpm:"kernel-PAE~2.6.18~128.7.1.el5", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE-devel", rpm:"kernel-PAE-devel~2.6.18~128.7.1.el5", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.18~128.7.1.el5", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-xen-devel", rpm:"kernel-xen-devel~2.6.18~128.7.1.el5", rls:"CentOS5")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/ovcesa2009_1223.nasl =================================================================== --- trunk/openvas-plugins/scripts/ovcesa2009_1223.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/ovcesa2009_1223.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,105 @@ +#CESA-2009:1223 64791 2 +# $Id$ +# Description: Auto-generated from advisory CESA-2009:1223 (kernel) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64791); + script_cve_id("CVE-2009-2692", "CVE-2009-2698"); + script_version ("$"); + script_name("CentOS Security Advisory CESA-2009:1223 (kernel)"); + + desc = " +The remote host is missing updates to kernel announced in +advisory CESA-2009:1223. + +For details on the issues addressed in this update, +please visit the referenced security advisories. + +Solution: +Update the appropriate packages on your system. + +http://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1223 +http://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1223 +https://rhn.redhat.com/errata/RHSA-2009-1223.html + +Risk factor : High"; + + script_description(desc); + + script_summary("CentOS Security Advisory CESA-2009:1223 (kernel)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("CentOS Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.9~89.0.9.EL", rls:"CentOS4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.9~89.0.9.EL", rls:"CentOS4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.9~89.0.9.EL", rls:"CentOS4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-largesmp", rpm:"kernel-largesmp~2.6.9~89.0.9.EL", rls:"CentOS4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-largesmp-devel", rpm:"kernel-largesmp-devel~2.6.9~89.0.9.EL", rls:"CentOS4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.6.9~89.0.9.EL", rls:"CentOS4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp-devel", rpm:"kernel-smp-devel~2.6.9~89.0.9.EL", rls:"CentOS4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-xenU", rpm:"kernel-xenU~2.6.9~89.0.9.EL", rls:"CentOS4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-xenU-devel", rpm:"kernel-xenU-devel~2.6.9~89.0.9.EL", rls:"CentOS4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-hugemem", rpm:"kernel-hugemem~2.6.9~89.0.9.EL", rls:"CentOS4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-hugemem-devel", rpm:"kernel-hugemem-devel~2.6.9~89.0.9.EL", rls:"CentOS4")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/ovcesa2009_123.nasl =================================================================== --- trunk/openvas-plugins/scripts/ovcesa2009_123.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/ovcesa2009_123.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,80 @@ +#CESA-2009:123 64790 2 +# $Id$ +# Description: Auto-generated from advisory CESA-2009:123 (gnutls) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64790); + script_version ("$"); + script_name("CentOS Security Advisory CESA-2009:123 (gnutls)"); + + desc = " +The remote host is missing updates to gnutls announced in +advisory CESA-2009:123. + +For details on the issues addressed in this update, +please visit the referenced security advisories. + +Solution: +Update the appropriate packages on your system. + +http://www.securityspace.com/smysecure/catid.html?in=CESA-2009:123 +http://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:123 +https://rhn.redhat.com/errata/RHSA-2009-1232.html + +Risk factor : Medium"; + + script_description(desc); + + script_summary("CentOS Security Advisory CESA-2009:123 (gnutls)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("CentOS Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"gnutls", rpm:"gnutls~1.4.1~3.el5_3.5", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnutls-devel", rpm:"gnutls-devel~1.4.1~3.el5_3.5", rls:"CentOS5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnutls-utils", rpm:"gnutls-utils~1.4.1~3.el5_3.5", rls:"CentOS5")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/ovcesa2009_1232.nasl =================================================================== --- trunk/openvas-plugins/scripts/ovcesa2009_1232.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/ovcesa2009_1232.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,78 @@ +#CESA-2009:1232 64793 2 +# $Id$ +# Description: Auto-generated from advisory CESA-2009:1232 (gnutls) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64793); + script_cve_id("CVE-2009-2730"); + script_version ("$"); + script_name("CentOS Security Advisory CESA-2009:1232 (gnutls)"); + + desc = " +The remote host is missing updates to gnutls announced in +advisory CESA-2009:1232. + +For details on the issues addressed in this update, +please visit the referenced security advisories. + +Solution: +Update the appropriate packages on your system. + +http://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1232 +http://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1232 +https://rhn.redhat.com/errata/RHSA-2009-1232.html + +Risk factor : Medium"; + + script_description(desc); + + script_summary("CentOS Security Advisory CESA-2009:1232 (gnutls)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("CentOS Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"gnutls", rpm:"gnutls~1.0.20~4.el4_8.3", rls:"CentOS4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnutls-devel", rpm:"gnutls-devel~1.0.20~4.el4_8.3", rls:"CentOS4")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/ovcesa2009_1233.nasl =================================================================== --- trunk/openvas-plugins/scripts/ovcesa2009_1233.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/ovcesa2009_1233.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,99 @@ +#CESA-2009:1233 64794 2 +# $Id$ +# Description: Auto-generated from advisory CESA-2009:1233 (kernel) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64794); + script_cve_id("CVE-2009-2692", "CVE-2009-2698"); + script_version ("$"); + script_name("CentOS Security Advisory CESA-2009:1233 (kernel)"); + + desc = " +The remote host is missing updates to kernel announced in +advisory CESA-2009:1233. + +For details on the issues addressed in this update, +please visit the referenced security advisories. + +Solution: +Update the appropriate packages on your system. + +http://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1233 +http://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1233 +https://rhn.redhat.com/errata/RHSA-2009-1233.html + +Risk factor : High"; + + script_description(desc); + + script_summary("CentOS Security Advisory CESA-2009:1233 (kernel)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("CentOS Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.4.21~60.EL", rls:"CentOS3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-BOOT", rpm:"kernel-BOOT~2.4.21~60.EL", rls:"CentOS3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.4.21~60.EL", rls:"CentOS3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-hugemem", rpm:"kernel-hugemem~2.4.21~60.EL", rls:"CentOS3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-hugemem-unsupported", rpm:"kernel-hugemem-unsupported~2.4.21~60.EL", rls:"CentOS3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.4.21~60.EL", rls:"CentOS3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp-unsupported", rpm:"kernel-smp-unsupported~2.4.21~60.EL", rls:"CentOS3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-source", rpm:"kernel-source~2.4.21~60.EL", rls:"CentOS3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-unsupported", rpm:"kernel-unsupported~2.4.21~60.EL", rls:"CentOS3")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/suse_sa_2009_045.nasl =================================================================== --- trunk/openvas-plugins/scripts/suse_sa_2009_045.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/suse_sa_2009_045.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,536 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory SUSE-SA:2009:045 (kernel) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64761); + script_cve_id("CVE-2008-5033", "CVE-2009-0676", "CVE-2009-1046", "CVE-2009-1385", "CVE-2009-1389", "CVE-2009-1630", "CVE-2009-1758", "CVE-2009-1895", "CVE-2009-2406", "CVE-2009-2407", "CVE-2009-2692"); + script_version ("$"); + script_name("SuSE Security Advisory SUSE-SA:2009:045 (kernel)"); + + desc = " +The remote host is missing updates announced in +advisory SUSE-SA:2009:045. + +The Linux kernel update fixes the following security issues: + +CVE-2009-2692: A missing NULL pointer check in the socket sendpage +function can be used by local attackers to gain root privileges. +[SLES9, SLES10-SP2, SLE11, openSUSE] + +CVE-2009-1389: A crash on r8169 network cards when receiving +large packets was fixed. +[SLES9, SLES10-SP2, SLE11, openSUSE] + +CVE-2009-1758: The hypervisor_callback function in Xen allows guest +user applications to cause a denial of service (kernel oops) of the +guest OS by triggering a segmentation fault in certain address +ranges. +[SLES9, SLES10-SP2, SLE11, openSUSE] + +CVE-2009-1630: The nfs_permission function in fs/nfs/dir.c in the +NFS client implementation in the Linux kernel, when atomic_open is +available, does not check execute (aka EXEC or MAY_EXEC) permission +bits, which allows local users to bypass permissions and execute files, +as demonstrated by files on an NFSv4 fileserver +[SLE10-SP2, SLE11, openSUSE] + +CVE-2009-2406: A kernel stack overflow when mounting eCryptfs +filesystems in parse_tag_11_packet() was fixed. Code execution might +be possible if ecryptfs is in use. +[SLE11, openSUSE] + +CVE-2009-2407: A kernel heap overflow when mounting eCryptfs +filesystems in parse_tag_3_packet() was fixed. Code execution might +be possible if ecryptfs is in use. +[SLE11, openSUSE] + +(no CVE assigned yet): An information leak from using sigaltstack. +[SLES9, SLES10-SP2, SLE11, openSUSE] + +CVE-2009-0676: A memory disclosure via the SO_BSDCOMPAT socket +option +[openSUSE 10.3 only] + +CVE-2009-1895: Personality flags on set*id were not cleared +correctly, so ASLR and NULL page protection could be bypassed. +[openSUSE 11.0 only] + +CVE-2009-1046: utf-8 console memory corruption that can be used for +local privilege escalation +[openSUSE 11.0 only] + +CVE-2008-5033: Oops in video4linux tvaudio +[openSUSE 11.0 only] + +CVE-2009-1385: A Integer underflow in the e1000_clean_rx_irq +function in drivers/net/e1000/e1000_main.c in the e1000 driver the +e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka +e1000) before 7.5.5 allows remote attackers to cause a denial of +service (panic) via a crafted frame size. +[openSUSE 11.0 only] + +The mmap_min_addr sysctl is now enabled by default to protect +against kernel NULL page exploits. +[SLE11, openSUSE 11.0-11.1] + +The -fno-delete-null-pointer-checks compiler option is now used to +build the kernel to avoid gcc optimizing away NULL pointer checks. +Also -fwrapv is now used everywhere. +[SLES9, SLES10-SP2, SLE11, openSUSE] + +The kernel update also contains numerous other, non-security +bug fixes. Please refer to the rpm changelog for a detailed list. + +Solution: +Update your system with the packages as indicated in +the referenced security advisory. + +https://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:045 + +Risk factor : High"; + + script_description(desc); + + script_summary("SuSE Security Advisory SUSE-SA:2009:045 (kernel)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("SuSE Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug-debugsource", rpm:"kernel-debug-debugsource~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-default-debuginfo", rpm:"kernel-default-debuginfo~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-default-debugsource", rpm:"kernel-default-debugsource~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-ec2-debuginfo", rpm:"kernel-ec2-debuginfo~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-ec2-debugsource", rpm:"kernel-ec2-debugsource~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-pae-debuginfo", rpm:"kernel-pae-debuginfo~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-pae-debugsource", rpm:"kernel-pae-debugsource~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-source-debuginfo", rpm:"kernel-source-debuginfo~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-trace-debuginfo", rpm:"kernel-trace-debuginfo~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-trace-debugsource", rpm:"kernel-trace-debugsource~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-vanilla-debuginfo", rpm:"kernel-vanilla-debuginfo~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-vanilla-debugsource", rpm:"kernel-vanilla-debugsource~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-xen-debuginfo", rpm:"kernel-xen-debuginfo~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-xen-debugsource", rpm:"kernel-xen-debugsource~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"aufs-kmp-debug", rpm:"aufs-kmp-debug~cvs20081020_2.6.27.29_0.1~1.32.14", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"aufs-kmp-trace", rpm:"aufs-kmp-trace~cvs20081020_2.6.27.29_0.1~1.32.14", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"brocade-bfa-kmp-debug", rpm:"brocade-bfa-kmp-debug~1.1.0.2_2.6.27.29_0.1~1.8.2", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"brocade-bfa-kmp-trace", rpm:"brocade-bfa-kmp-trace~1.1.0.2_2.6.27.29_0.1~1.8.2", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"dazuko-kmp-debug", rpm:"dazuko-kmp-debug~2.3.6_2.6.27.29_0.1~1.49.12", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"dazuko-kmp-trace", rpm:"dazuko-kmp-trace~2.3.6_2.6.27.29_0.1~1.49.12", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"drbd-kmp-debug", rpm:"drbd-kmp-debug~8.2.7_2.6.27.29_0.1~1.19.25", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"drbd-kmp-trace", rpm:"drbd-kmp-trace~8.2.7_2.6.27.29_0.1~1.19.25", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"intel-iamt-heci-kmp-debug", rpm:"intel-iamt-heci-kmp-debug~3.1.0.31_2.6.27.29_0.1~2.40.12", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"intel-iamt-heci-kmp-trace", rpm:"intel-iamt-heci-kmp-trace~3.1.0.31_2.6.27.29_0.1~2.40.12", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"iscsitarget-kmp-debug", rpm:"iscsitarget-kmp-debug~0.4.15_2.6.27.29_0.1~89.11.18", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"iscsitarget-kmp-trace", rpm:"iscsitarget-kmp-trace~0.4.15_2.6.27.29_0.1~89.11.18", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug-base", rpm:"kernel-debug-base~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug-extra", rpm:"kernel-debug-extra~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-default", rpm:"kernel-default~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-default-base", rpm:"kernel-default-base~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-default-extra", rpm:"kernel-default-extra~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-ec2", rpm:"kernel-ec2~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-ec2-base", rpm:"kernel-ec2-base~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-ec2-extra", rpm:"kernel-ec2-extra~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-pae", rpm:"kernel-pae~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-pae-base", rpm:"kernel-pae-base~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-pae-extra", rpm:"kernel-pae-extra~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-source", rpm:"kernel-source~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-syms", rpm:"kernel-syms~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-trace", rpm:"kernel-trace~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-trace-base", rpm:"kernel-trace-base~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-trace-extra", rpm:"kernel-trace-extra~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-vanilla", rpm:"kernel-vanilla~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-xen-base", rpm:"kernel-xen-base~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-xen-extra", rpm:"kernel-xen-extra~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kmp-debug", rpm:"kqemu-kmp-debug~1.4.0pre1_2.6.27.29_0.1~2.1.12", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kmp-trace", rpm:"kqemu-kmp-trace~1.4.0pre1_2.6.27.29_0.1~2.1.12", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kvm-kmp-trace", rpm:"kvm-kmp-trace~78_2.6.27.29_0.1~6.7.4", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lirc-kmp-trace", rpm:"lirc-kmp-trace~0.8.4_2.6.27.29_0.1~0.1.14", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ofed-kmp-debug", rpm:"ofed-kmp-debug~1.4_2.6.27.29_0.1~21.16.2", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ofed-kmp-trace", rpm:"ofed-kmp-trace~1.4_2.6.27.29_0.1~21.16.2", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"oracleasm-kmp-debug", rpm:"oracleasm-kmp-debug~2.0.5_2.6.27.29_0.1~2.36.14", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"oracleasm-kmp-trace", rpm:"oracleasm-kmp-trace~2.0.5_2.6.27.29_0.1~2.36.14", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pcfclock-kmp-debug", rpm:"pcfclock-kmp-debug~0.44_2.6.27.29_0.1~227.56.14", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pcfclock-kmp-trace", rpm:"pcfclock-kmp-trace~0.44_2.6.27.29_0.1~227.56.14", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"virtualbox-ose-kmp-debug", rpm:"virtualbox-ose-kmp-debug~2.0.6_2.6.27.29_0.1~2.8.55", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"virtualbox-ose-kmp-trace", rpm:"virtualbox-ose-kmp-trace~2.0.6_2.6.27.29_0.1~2.8.55", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vmware-kmp-debug", rpm:"vmware-kmp-debug~2008.09.03_2.6.27.29_0.1~5.50.37", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vmware-kmp-trace", rpm:"vmware-kmp-trace~2008.09.03_2.6.27.29_0.1~5.50.37", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug-debugsource", rpm:"kernel-debug-debugsource~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-default-debuginfo", rpm:"kernel-default-debuginfo~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-default-debugsource", rpm:"kernel-default-debugsource~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-pae-debuginfo", rpm:"kernel-pae-debuginfo~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-pae-debugsource", rpm:"kernel-pae-debugsource~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-source-debuginfo", rpm:"kernel-source-debuginfo~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-vanilla-debuginfo", rpm:"kernel-vanilla-debuginfo~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-vanilla-debugsource", rpm:"kernel-vanilla-debugsource~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-xen-debuginfo", rpm:"kernel-xen-debuginfo~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-xen-debugsource", rpm:"kernel-xen-debugsource~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"acerhk-kmp-debug", rpm:"acerhk-kmp-debug~0.5.35_2.6.25.20_0.5~98.1", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"acx-kmp-debug", rpm:"acx-kmp-debug~20080210_2.6.25.20_0.5~3.1", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"appleir-kmp-debug", rpm:"appleir-kmp-debug~1.1_2.6.25.20_0.5~108.1", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"at76_usb-kmp-debug", rpm:"at76_usb-kmp-debug~0.17_2.6.25.20_0.5~2.1", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"atl2-kmp-debug", rpm:"atl2-kmp-debug~2.0.4_2.6.25.20_0.5~4.1", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"aufs-kmp-debug", rpm:"aufs-kmp-debug~cvs20080429_2.6.25.20_0.5~13.3", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"dazuko-kmp-debug", rpm:"dazuko-kmp-debug~2.3.4.4_2.6.25.20_0.5~42.1", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"drbd-kmp-debug", rpm:"drbd-kmp-debug~8.2.6_2.6.25.20_0.5~0.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gspcav-kmp-debug", rpm:"gspcav-kmp-debug~01.00.20_2.6.25.20_0.5~1.1", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"iscsitarget-kmp-debug", rpm:"iscsitarget-kmp-debug~0.4.15_2.6.25.20_0.5~63.1", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ivtv-kmp-debug", rpm:"ivtv-kmp-debug~1.0.3_2.6.25.20_0.5~66.1", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-default", rpm:"kernel-default~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-pae", rpm:"kernel-pae~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-source", rpm:"kernel-source~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-syms", rpm:"kernel-syms~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-vanilla", rpm:"kernel-vanilla~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kmp-debug", rpm:"kqemu-kmp-debug~1.3.0pre11_2.6.25.20_0.5~7.1", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nouveau-kmp-debug", rpm:"nouveau-kmp-debug~0.10.1.20081112_2.6.25.20_0.5~0.4", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omnibook-kmp-debug", rpm:"omnibook-kmp-debug~20080313_2.6.25.20_0.5~1.1", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pcc-acpi-kmp-debug", rpm:"pcc-acpi-kmp-debug~0.9_2.6.25.20_0.5~4.1", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pcfclock-kmp-debug", rpm:"pcfclock-kmp-debug~0.44_2.6.25.20_0.5~207.1", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tpctl-kmp-debug", rpm:"tpctl-kmp-debug~4.17_2.6.25.20_0.5~189.1", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"uvcvideo-kmp-debug", rpm:"uvcvideo-kmp-debug~r200_2.6.25.20_0.5~2.4", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"virtualbox-ose-kmp-debug", rpm:"virtualbox-ose-kmp-debug~1.5.6_2.6.25.20_0.5~33.3", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vmware-kmp-debug", rpm:"vmware-kmp-debug~2008.04.14_2.6.25.20_0.5~21.1", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"wlan-ng-kmp-debug", rpm:"wlan-ng-kmp-debug~0.2.8_2.6.25.20_0.5~107.1", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-bigsmp", rpm:"kernel-bigsmp~2.6.22.19~0.4", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.22.19~0.4", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-default", rpm:"kernel-default~2.6.22.19~0.4", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-source", rpm:"kernel-source~2.6.22.19~0.4", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-syms", rpm:"kernel-syms~2.6.22.19~0.4", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.22.19~0.4", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-xenpae", rpm:"kernel-xenpae~2.6.22.19~0.4", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-docs", rpm:"kernel-docs~2.6.3~3.13.46", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-docs", rpm:"kernel-docs~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-kdump-debuginfo", rpm:"kernel-kdump-debuginfo~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-kdump-debugsource", rpm:"kernel-kdump-debugsource~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-ppc64-debuginfo", rpm:"kernel-ppc64-debuginfo~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-ppc64-debugsource", rpm:"kernel-ppc64-debugsource~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-ps3-debuginfo", rpm:"kernel-ps3-debuginfo~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-ps3-debugsource", rpm:"kernel-ps3-debugsource~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-kdump", rpm:"kernel-kdump~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-ppc64", rpm:"kernel-ppc64~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-ppc64-base", rpm:"kernel-ppc64-base~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-ppc64-extra", rpm:"kernel-ppc64-extra~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-ps3", rpm:"kernel-ps3~2.6.27.29~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-kdump-debuginfo", rpm:"kernel-kdump-debuginfo~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-kdump-debugsource", rpm:"kernel-kdump-debugsource~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-ppc64-debuginfo", rpm:"kernel-ppc64-debuginfo~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-ppc64-debugsource", rpm:"kernel-ppc64-debugsource~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-ps3-debuginfo", rpm:"kernel-ps3-debuginfo~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-ps3-debugsource", rpm:"kernel-ps3-debugsource~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-kdump", rpm:"kernel-kdump~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-ppc64", rpm:"kernel-ppc64~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-ps3", rpm:"kernel-ps3~2.6.25.20~0.5", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-kdump", rpm:"kernel-kdump~2.6.22.19~0.4", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-ppc64", rpm:"kernel-ppc64~2.6.22.19~0.4", rls:"openSUSE10.3")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/ubuntu_802_2.nasl =================================================================== --- trunk/openvas-plugins/scripts/ubuntu_802_2.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/ubuntu_802_2.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,258 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory USN-802-2 (apache2) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64774); + script_cve_id("CVE-2009-1891", "CVE-2009-1890"); + script_version ("$"); + script_name("Ubuntu USN-802-2 (apache2)"); + + desc = " +The remote host is missing an update to apache2 +announced via advisory USN-802-2. + +Details follow: + +USN-802-1 fixed vulnerabilities in Apache. The upstream fix for +CVE-2009-1891 introduced a regression that would cause Apache children to +occasionally segfault when mod_deflate is used. This update fixes the +problem. + +We apologize for the inconvenience. + +Original advisory details: + + It was discovered that mod_proxy_http did not properly handle a large + amount of streamed data when used as a reverse proxy. A remote attacker + could exploit this and cause a denial of service via memory resource + consumption. This issue affected Ubuntu 8.04 LTS, 8.10 and 9.04. + (CVE-2009-1890) + + It was discovered that mod_deflate did not abort compressing large files + when the connection was closed. A remote attacker could exploit this and + cause a denial of service via CPU resource consumption. (CVE-2009-1891) + +Solution: +The problem can be corrected by upgrading your system to the +following package versions: + +Ubuntu 6.06 LTS: + apache2-common 2.0.55-4ubuntu2.8 + apache2-mpm-perchild 2.0.55-4ubuntu2.8 + apache2-mpm-prefork 2.0.55-4ubuntu2.8 + apache2-mpm-worker 2.0.55-4ubuntu2.8 + libapr0 2.0.55-4ubuntu2.8 + +Ubuntu 8.04 LTS: + apache2-mpm-event 2.2.8-1ubuntu0.11 + apache2-mpm-perchild 2.2.8-1ubuntu0.11 + apache2-mpm-prefork 2.2.8-1ubuntu0.11 + apache2-mpm-worker 2.2.8-1ubuntu0.11 + apache2.2-common 2.2.8-1ubuntu0.11 + +Ubuntu 8.10: + apache2-mpm-event 2.2.9-7ubuntu3.3 + apache2-mpm-prefork 2.2.9-7ubuntu3.3 + apache2-mpm-worker 2.2.9-7ubuntu3.3 + apache2.2-common 2.2.9-7ubuntu3.3 + +Ubuntu 9.04: + apache2-mpm-event 2.2.11-2ubuntu2.3 + apache2-mpm-prefork 2.2.11-2ubuntu2.3 + apache2-mpm-worker 2.2.11-2ubuntu2.3 + apache2.2-common 2.2.11-2ubuntu2.3 + +In general, a standard system upgrade is sufficient to effect the +necessary changes. + +https://secure1.securityspace.com/smysecure/catid.html?in=USN-802-2 + +Risk factor : High"; + + script_description(desc); + + script_summary("Ubuntu USN-802-2 (apache2)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Ubuntu Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"apache2-doc", ver:"2.0.55-4ubuntu2.8", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-common", ver:"2.0.55-4ubuntu2.8", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-mpm-perchild", ver:"2.0.55-4ubuntu2.8", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-mpm-prefork", ver:"2.0.55-4ubuntu2.8", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-mpm-worker", ver:"2.0.55-4ubuntu2.8", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-prefork-dev", ver:"2.0.55-4ubuntu2.8", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-threaded-dev", ver:"2.0.55-4ubuntu2.8", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-utils", ver:"2.0.55-4ubuntu2.8", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2", ver:"2.0.55-4ubuntu2.8", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libapr0-dev", ver:"2.0.55-4ubuntu2.8", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libapr0", ver:"2.0.55-4ubuntu2.8", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-doc", ver:"2.2.8-1ubuntu0.11", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-mpm-perchild", ver:"2.2.8-1ubuntu0.11", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-src", ver:"2.2.8-1ubuntu0.11", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2", ver:"2.2.8-1ubuntu0.11", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-mpm-event", ver:"2.2.8-1ubuntu0.11", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-mpm-prefork", ver:"2.2.8-1ubuntu0.11", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-mpm-worker", ver:"2.2.8-1ubuntu0.11", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-prefork-dev", ver:"2.2.8-1ubuntu0.11", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-threaded-dev", ver:"2.2.8-1ubuntu0.11", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-utils", ver:"2.2.8-1ubuntu0.11", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2.2-common", ver:"2.2.8-1ubuntu0.11", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-doc", ver:"2.2.9-7ubuntu3.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-src", ver:"2.2.9-7ubuntu3.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2", ver:"2.2.9-7ubuntu3.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-mpm-event", ver:"2.2.9-7ubuntu3.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-mpm-prefork", ver:"2.2.9-7ubuntu3.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-mpm-worker", ver:"2.2.9-7ubuntu3.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-prefork-dev", ver:"2.2.9-7ubuntu3.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-suexec-custom", ver:"2.2.9-7ubuntu3.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-suexec", ver:"2.2.9-7ubuntu3.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-threaded-dev", ver:"2.2.9-7ubuntu3.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-utils", ver:"2.2.9-7ubuntu3.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2.2-common", ver:"2.2.9-7ubuntu3.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-doc", ver:"2.2.11-2ubuntu2.3", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2", ver:"2.2.11-2ubuntu2.3", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-src", ver:"2.2.11-2ubuntu2.3", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-mpm-event", ver:"2.2.11-2ubuntu2.3", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-mpm-prefork", ver:"2.2.11-2ubuntu2.3", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-mpm-worker", ver:"2.2.11-2ubuntu2.3", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-prefork-dev", ver:"2.2.11-2ubuntu2.3", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-threaded-dev", ver:"2.2.11-2ubuntu2.3", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-utils", ver:"2.2.11-2ubuntu2.3", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2.2-common", ver:"2.2.11-2ubuntu2.3", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-suexec-custom", ver:"2.2.11-2ubuntu2.3", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"apache2-suexec", ver:"2.2.11-2ubuntu2.3", rls:"UBUNTU9.04")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/ubuntu_809_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/ubuntu_809_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/ubuntu_809_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,183 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory USN-809-1 (gnutls26) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64775); + script_cve_id("CVE-2009-2409", "CVE-2009-2730", "CVE-2008-4989"); + script_version ("$"); + script_name("Ubuntu USN-809-1 (gnutls26)"); + + desc = " +The remote host is missing an update to gnutls26 +announced via advisory USN-809-1. + +Details follow: + +Moxie Marlinspike and Dan Kaminsky independently discovered that GnuTLS did +not properly handle certificates with NULL characters in the certificate +name. An attacker could exploit this to perform a man in the middle attack +to view sensitive information or alter encrypted communications. +(CVE-2009-2730) + +Dan Kaminsky discovered GnuTLS would still accept certificates with MD2 +hash signatures. As a result, an attacker could potentially create a +malicious trusted certificate to impersonate another site. This issue only +affected Ubuntu 6.06 LTS and Ubuntu 8.10. (CVE-2009-2409) + +USN-678-1 fixed a vulnerability and USN-678-2 a regression in GnuTLS. The + upstream patches introduced a regression when validating certain certificate + chains that would report valid certificates as untrusted. This update + fixes the problem, and only affected Ubuntu 6.06 LTS and Ubuntu 8.10 (Ubuntu + 8.04 LTS and 9.04 were fixed at an earlier date). In an effort to maintain a + strong security stance and address all known regressions, this update + deprecates X.509 validation chains using MD2 and MD5 signatures. To accomodate + sites which must still use a deprected RSA-MD5 certificate, GnuTLS has been + updated to stop looking when it has found a trusted intermediary certificate. + This new handling of intermediary certificates is in accordance with other SSL + implementations. + +Original advisory details: + + Martin von Gagern discovered that GnuTLS did not properly verify + certificate chains when the last certificate in the chain was self-signed. + If a remote attacker were able to perform a man-in-the-middle attack, this + flaw could be exploited to view sensitive information. (CVE-2008-4989) + +Solution: +The problem can be corrected by upgrading your system to the +following package versions: + +Ubuntu 6.06 LTS: + libgnutls12 1.2.9-2ubuntu1.7 + +Ubuntu 8.04 LTS: + libgnutls13 2.0.4-1ubuntu2.6 + +Ubuntu 8.10: + libgnutls26 2.4.1-1ubuntu0.4 + +Ubuntu 9.04: + libgnutls26 2.4.2-6ubuntu0.1 + +In general, a standard system upgrade is sufficient to effect the +necessary changes. + +https://secure1.securityspace.com/smysecure/catid.html?in=USN-809-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Ubuntu USN-809-1 (gnutls26)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Ubuntu Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"libgnutls-dev", ver:"1.2.9-2ubuntu1.7", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libgnutls12", ver:"1.2.9-2ubuntu1.7", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"gnutls-bin", ver:"1.2.9-2ubuntu1.7", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libgnutls12-dbg", ver:"1.2.9-2ubuntu1.7", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"gnutls-doc", ver:"2.0.4-1ubuntu2.6", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libgnutls-dev", ver:"2.0.4-1ubuntu2.6", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libgnutls13-dbg", ver:"2.0.4-1ubuntu2.6", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libgnutls13", ver:"2.0.4-1ubuntu2.6", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libgnutlsxx13", ver:"2.0.4-1ubuntu2.6", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"gnutls-bin", ver:"2.0.4-1ubuntu2.6", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"gnutls-doc", ver:"2.4.1-1ubuntu0.4", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libgnutls-dev", ver:"2.4.1-1ubuntu0.4", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libgnutls26-dbg", ver:"2.4.1-1ubuntu0.4", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libgnutls26", ver:"2.4.1-1ubuntu0.4", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"gnutls-bin", ver:"2.4.1-1ubuntu0.4", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"guile-gnutls", ver:"2.4.1-1ubuntu0.4", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"gnutls-doc", ver:"2.4.2-6ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libgnutls-dev", ver:"2.4.2-6ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libgnutls26-dbg", ver:"2.4.2-6ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libgnutls26", ver:"2.4.2-6ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"gnutls-bin", ver:"2.4.2-6ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"guile-gnutls", ver:"2.4.2-6ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/ubuntu_817_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/ubuntu_817_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/ubuntu_817_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,133 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory USN-817-1 (thunderbird) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64777); + script_version ("$"); + script_name("Ubuntu USN-817-1 (thunderbird)"); + + desc = " +The remote host is missing an update to thunderbird +announced via advisory USN-817-1. + +Details follow: + +Several flaws were discovered in the rendering engine of Thunderbird. If +Javascript were enabled, an attacker could exploit these flaws to crash +Thunderbird. + +Solution: +The problem can be corrected by upgrading your system to the +following package versions: + +Ubuntu 8.04 LTS: + thunderbird 2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1 + +Ubuntu 8.10: + thunderbird 2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1 + +Ubuntu 9.04: + thunderbird 2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1 + +After a standard system upgrade you need to restart Thunderbird to effect +the necessary changes. + +https://secure1.securityspace.com/smysecure/catid.html?in=USN-817-1 +http://launchpad.net/bugs/416646 + +Risk factor : High"; + + script_description(desc); + + script_summary("Ubuntu USN-817-1 (thunderbird)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Ubuntu Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"mozilla-thunderbird-dev", ver:"2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mozilla-thunderbird", ver:"2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"thunderbird-dev", ver:"2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"thunderbird-gnome-support", ver:"2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"thunderbird", ver:"2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mozilla-thunderbird-dev", ver:"2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mozilla-thunderbird", ver:"2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"thunderbird-dev", ver:"2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"thunderbird-gnome-support", ver:"2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"thunderbird", ver:"2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mozilla-thunderbird-dev", ver:"2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mozilla-thunderbird", ver:"2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"thunderbird-dev", ver:"2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"thunderbird-gnome-support", ver:"2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"thunderbird", ver:"2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1", rls:"UBUNTU9.04")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/ubuntu_818_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/ubuntu_818_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/ubuntu_818_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,167 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory USN-818-1 (curl) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64773); + script_cve_id("CVE-2009-2417"); + script_version ("$"); + script_name("Ubuntu USN-818-1 (curl)"); + + desc = " +The remote host is missing an update to curl +announced via advisory USN-818-1. + +Details follow: + +Scott Cantor discovered that Curl did not correctly handle SSL +certificates with zero bytes in the Common Name. A remote attacker could +exploit this to perform a man in the middle attack to view sensitive +information or alter encrypted communications. + +Solution: +The problem can be corrected by upgrading your system to the +following package versions: + +Ubuntu 6.06 LTS: + libcurl3 7.15.1-1ubuntu3.2 + +Ubuntu 8.04 LTS: + libcurl3 7.18.0-1ubuntu2.2 + +Ubuntu 8.10: + libcurl3 7.18.2-1ubuntu4.4 + +Ubuntu 9.04: + libcurl3 7.18.2-8ubuntu4.1 + +In general, a standard system upgrade is sufficient to effect the +necessary changes. + +https://secure1.securityspace.com/smysecure/catid.html?in=USN-818-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Ubuntu USN-818-1 (curl)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Ubuntu Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"libcurl3-dev", ver:"7.15.1-1ubuntu3.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"curl", ver:"7.15.1-1ubuntu3.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl3-dbg", ver:"7.15.1-1ubuntu3.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl3-gnutls-dev", ver:"7.15.1-1ubuntu3.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl3-gnutls", ver:"7.15.1-1ubuntu3.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl3-openssl-dev", ver:"7.15.1-1ubuntu3.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl3", ver:"7.15.1-1ubuntu3.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"curl", ver:"7.18.0-1ubuntu2.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl3-dbg", ver:"7.18.0-1ubuntu2.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl3-gnutls", ver:"7.18.0-1ubuntu2.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl3", ver:"7.18.0-1ubuntu2.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl4-gnutls-dev", ver:"7.18.0-1ubuntu2.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl4-openssl-dev", ver:"7.18.0-1ubuntu2.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"curl", ver:"7.18.2-1ubuntu4.4", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl3-dbg", ver:"7.18.2-1ubuntu4.4", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl3-gnutls", ver:"7.18.2-1ubuntu4.4", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl3", ver:"7.18.2-1ubuntu4.4", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl4-gnutls-dev", ver:"7.18.2-1ubuntu4.4", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl4-openssl-dev", ver:"7.18.2-1ubuntu4.4", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"curl", ver:"7.18.2-8ubuntu4.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl3-dbg", ver:"7.18.2-8ubuntu4.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl3-gnutls", ver:"7.18.2-8ubuntu4.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl3", ver:"7.18.2-8ubuntu4.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl4-gnutls-dev", ver:"7.18.2-8ubuntu4.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libcurl4-openssl-dev", ver:"7.18.2-8ubuntu4.1", rls:"UBUNTU9.04")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/ubuntu_820_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/ubuntu_820_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/ubuntu_820_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,176 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory USN-820-1 (pidgin) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64776); + script_cve_id("CVE-2009-2694"); + script_version ("$"); + script_name("Ubuntu USN-820-1 (pidgin)"); + + desc = " +The remote host is missing an update to pidgin +announced via advisory USN-820-1. + +Details follow: + +Federico Muttis discovered that Pidgin did not properly handle certain +malformed messages in the MSN protocol handler. A remote attacker could +send a specially crafted message and possibly execute arbitrary code with +user privileges. + +Solution: +The problem can be corrected by upgrading your system to the +following package versions: + +Ubuntu 6.06 LTS: + libgnutls12 1.2.9-2ubuntu1.7 + +Ubuntu 8.04 LTS: + libgnutls13 2.0.4-1ubuntu2.6 + +Ubuntu 8.10: + libgnutls26 2.4.1-1ubuntu0.4 + +Ubuntu 9.04: + libgnutls26 2.4.2-6ubuntu0.1 + +In general, a standard system upgrade is sufficient to effect the +necessary changes. + +https://secure1.securityspace.com/smysecure/catid.html?in=USN-820-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Ubuntu USN-820-1 (pidgin)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Ubuntu Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"finch-dev", ver:"2.4.1-1ubuntu2.6", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libpurple-bin", ver:"2.4.1-1ubuntu2.6", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libpurple-dev", ver:"2.4.1-1ubuntu2.6", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"pidgin-data", ver:"2.4.1-1ubuntu2.6", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"pidgin-dev", ver:"2.4.1-1ubuntu2.6", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"gaim", ver:"2.4.1-1ubuntu2.6", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"finch", ver:"2.4.1-1ubuntu2.6", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libpurple0", ver:"2.4.1-1ubuntu2.6", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"pidgin-dbg", ver:"2.4.1-1ubuntu2.6", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"pidgin", ver:"2.4.1-1ubuntu2.6", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"finch-dev", ver:"2.5.2-0ubuntu1.4", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libpurple-bin", ver:"2.5.2-0ubuntu1.4", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libpurple-dev", ver:"2.5.2-0ubuntu1.4", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"pidgin-data", ver:"2.5.2-0ubuntu1.4", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"pidgin-dev", ver:"2.5.2-0ubuntu1.4", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"finch", ver:"2.5.2-0ubuntu1.4", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libpurple0", ver:"2.5.2-0ubuntu1.4", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"pidgin-dbg", ver:"2.5.2-0ubuntu1.4", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"pidgin", ver:"2.5.2-0ubuntu1.4", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"finch-dev", ver:"2.5.5-1ubuntu8.4", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libpurple-bin", ver:"2.5.5-1ubuntu8.4", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libpurple-dev", ver:"2.5.5-1ubuntu8.4", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"pidgin-data", ver:"2.5.5-1ubuntu8.4", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"pidgin-dev", ver:"2.5.5-1ubuntu8.4", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"finch", ver:"2.5.5-1ubuntu8.4", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libpurple0", ver:"2.5.5-1ubuntu8.4", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"pidgin-dbg", ver:"2.5.5-1ubuntu8.4", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"pidgin", ver:"2.5.5-1ubuntu8.4", rls:"UBUNTU9.04")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/ubuntu_822_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/ubuntu_822_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/ubuntu_822_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,199 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory USN-822-1 (kdelibs) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64778); + script_cve_id("CVE-2009-0945", "CVE-2009-1687", "CVE-2009-1690", "CVE-2009-1698"); + script_version ("$"); + script_name("Ubuntu USN-822-1 (kdelibs)"); + + desc = " +The remote host is missing an update to kdelibs +announced via advisory USN-822-1. + +Details follow: + +It was discovered that KDE-Libs did not properly handle certain malformed +SVG images. If a user were tricked into opening a specially crafted SVG +image, an attacker could cause a denial of service or possibly execute +arbitrary code with the privileges of the user invoking the program. This +issue only affected Ubuntu 9.04. (CVE-2009-0945) + +It was discovered that the KDE JavaScript garbage collector did not +properly handle memory allocation failures. If a user were tricked into +viewing a malicious website, an attacker could cause a denial of service or +possibly execute arbitrary code with the privileges of the user invoking +the program. (CVE-2009-1687) + +It was discovered that KDE-Libs did not properly handle HTML content in the +head element. If a user were tricked into viewing a malicious website, an +attacker could cause a denial of service or possibly execute arbitrary code +with the privileges of the user invoking the program. (CVE-2009-1690) + +It was discovered that KDE-Libs did not properly handle the Cascading Style +Sheets (CSS) attr function call. If a user were tricked into viewing a +malicious website, an attacker could cause a denial of service or possibly +execute arbitrary code with the privileges of the user invoking the +program. (CVE-2009-1698) + +Solution: +The problem can be corrected by upgrading your system to the +following package versions: + +Ubuntu 8.04 LTS: + kdelibs4c2a 4:3.5.10-0ubuntu1~hardy1.2 + +Ubuntu 8.10: + kdelibs4c2a 4:3.5.10-0ubuntu6.1 + kdelibs5 4:4.1.4-0ubuntu1~intrepid1.2 + +Ubuntu 9.04: + kdelibs4c2a 4:3.5.10.dfsg.1-1ubuntu8.1 + kdelibs5 4:4.2.2-0ubuntu5.1 + +After a standard system upgrade you need to restart your session to effect +the necessary changes. + +https://secure1.securityspace.com/smysecure/catid.html?in=USN-822-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Ubuntu USN-822-1 (kdelibs)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Ubuntu Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"kdelibs-data", ver:"3.5.10-0ubuntu1~hardy1.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs4-doc", ver:"3.5.10-0ubuntu1~hardy1.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs", ver:"3.5.10-0ubuntu1~hardy1.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs-dbg", ver:"3.5.10-0ubuntu1~hardy1.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs4-dev", ver:"3.5.10-0ubuntu1~hardy1.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs4c2a", ver:"3.5.10-0ubuntu1~hardy1.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs5-data", ver:"4.1.4-0ubuntu1~intrepid1.2", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs5-doc", ver:"4.1.4-0ubuntu1~intrepid1.2", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs-data", ver:"3.5.10-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs4-doc", ver:"3.5.10-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs", ver:"3.5.10-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs-bin", ver:"4.1.4-0ubuntu1~intrepid1.2", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs5-dbg", ver:"4.1.4-0ubuntu1~intrepid1.2", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs5-dev", ver:"4.1.4-0ubuntu1~intrepid1.2", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs5", ver:"4.1.4-0ubuntu1~intrepid1.2", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs-dbg", ver:"3.5.10-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs4-dev", ver:"3.5.10-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs4c2a", ver:"3.5.10-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs5-data", ver:"4.2.2-0ubuntu5.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs-data", ver:"3.5.10.dfsg.1-1ubuntu8.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs", ver:"3.5.10.dfsg.1-1ubuntu8.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs-bin", ver:"4.2.2-0ubuntu5.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs5-dbg", ver:"4.2.2-0ubuntu5.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs5-dev", ver:"4.2.2-0ubuntu5.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs5", ver:"4.2.2-0ubuntu5.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libplasma-dev", ver:"4.2.2-0ubuntu5.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libplasma3", ver:"4.2.2-0ubuntu5.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs-dbg", ver:"3.5.10.dfsg.1-1ubuntu8.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs4-dev", ver:"3.5.10.dfsg.1-1ubuntu8.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdelibs4c2a", ver:"3.5.10.dfsg.1-1ubuntu8.1", rls:"UBUNTU9.04")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/ubuntu_823_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/ubuntu_823_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/ubuntu_823_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,159 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory USN-823-1 (kdegraphics) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64779); + script_cve_id("CVE-2009-0945", "CVE-2009-1709"); + script_version ("$"); + script_name("Ubuntu USN-823-1 (kdegraphics)"); + + desc = " +The remote host is missing an update to kdegraphics +announced via advisory USN-823-1. + +Details follow: + +It was discovered that KDE-Graphics did not properly handle certain +malformed SVG images. If a user were tricked into opening a specially +crafted SVG image, an attacker could cause a denial of service or possibly +execute arbitrary code with the privileges of the user invoking the +program. + +Solution: +The problem can be corrected by upgrading your system to the +following package versions: + +Ubuntu 8.04 LTS: + ksvg 4:3.5.10-0ubuntu1~hardy1.1 + +After a standard system upgrade you need to restart your session to effect +the necessary changes. + +https://secure1.securityspace.com/smysecure/catid.html?in=USN-823-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Ubuntu USN-823-1 (kdegraphics)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Ubuntu Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"kdegraphics-doc-html", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdegraphics", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kamera", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdegraphics-dbg", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdegraphics-dev", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdegraphics-kfile-plugins", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kfaxview", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kghostview", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kmrml", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kooka", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kpdf", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kpovmodeler", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"ksnapshot", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"ksvg", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kview", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kviewshell", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libkscan-dev", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libkscan1", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kcoloredit", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kdvi", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kfax", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kgamma", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kiconedit", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kolourpaint", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"kruler", ver:"3.5.10-0ubuntu1~hardy1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/ubuntu_824_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/ubuntu_824_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/ubuntu_824_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,378 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory USN-824-1 (php5) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64780); + script_cve_id("CVE-2009-2687"); + script_version ("$"); + script_name("Ubuntu USN-824-1 (php5)"); + + desc = " +The remote host is missing an update to php5 +announced via advisory USN-824-1. + +Details follow: + +It was discovered that PHP did not properly handle certain malformed +JPEG images when being parsed by the Exif module. A remote attacker could +exploit this flaw and cause the PHP server to crash, resulting in a denial +of service. + +Solution: +The problem can be corrected by upgrading your system to the +following package versions: + +Ubuntu 6.06 LTS: + php5-cgi 5.1.2-1ubuntu3.15 + php5-cli 5.1.2-1ubuntu3.15 + +Ubuntu 8.04 LTS: + php5-cgi 5.2.4-2ubuntu5.7 + php5-cli 5.2.4-2ubuntu5.7 + +Ubuntu 8.10: + php5-cgi 5.2.6-2ubuntu4.3 + php5-cli 5.2.6-2ubuntu4.3 + +Ubuntu 9.04: + php5-cgi 5.2.6.dfsg.1-3ubuntu4.2 + php5-cli 5.2.6.dfsg.1-3ubuntu4.2 + +In general, a standard system upgrade is sufficient to effect the +necessary changes. + +https://secure1.securityspace.com/smysecure/catid.html?in=USN-824-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Ubuntu USN-824-1 (php5)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Ubuntu Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"php-pear", ver:"5.1.2-1ubuntu3.15", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5", ver:"5.1.2-1ubuntu3.15", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.1.2-1ubuntu3.15", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-cgi", ver:"5.1.2-1ubuntu3.15", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-cli", ver:"5.1.2-1ubuntu3.15", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-common", ver:"5.1.2-1ubuntu3.15", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-curl", ver:"5.1.2-1ubuntu3.15", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-dev", ver:"5.1.2-1ubuntu3.15", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-gd", ver:"5.1.2-1ubuntu3.15", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-ldap", ver:"5.1.2-1ubuntu3.15", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-mhash", ver:"5.1.2-1ubuntu3.15", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-mysql", ver:"5.1.2-1ubuntu3.15", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-mysqli", ver:"5.1.2-1ubuntu3.15", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-odbc", ver:"5.1.2-1ubuntu3.15", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-pgsql", ver:"5.1.2-1ubuntu3.15", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-recode", ver:"5.1.2-1ubuntu3.15", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-snmp", ver:"5.1.2-1ubuntu3.15", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-sqlite", ver:"5.1.2-1ubuntu3.15", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-sybase", ver:"5.1.2-1ubuntu3.15", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-xmlrpc", ver:"5.1.2-1ubuntu3.15", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-xsl", ver:"5.1.2-1ubuntu3.15", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php-pear", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-cgi", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-cli", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-common", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-curl", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-dev", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-gd", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-gmp", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-ldap", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-mhash", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-mysql", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-odbc", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-pgsql", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-pspell", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-recode", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-snmp", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-sqlite", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-sybase", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-tidy", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-xmlrpc", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-xsl", ver:"5.2.4-2ubuntu5.7", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php-pear", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libapache2-mod-php5filter", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-cgi", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-cli", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-common", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-curl", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-dbg", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-dev", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-gd", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-gmp", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-ldap", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-mhash", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-mysql", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-odbc", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-pgsql", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-pspell", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-recode", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-snmp", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-sqlite", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-sybase", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-tidy", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-xmlrpc", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-xsl", ver:"5.2.6-2ubuntu4.3", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php-pear", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-cgi", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-cli", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-common", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-curl", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-dbg", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-dev", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-gd", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-gmp", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-ldap", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-mhash", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-mysql", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-odbc", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-pgsql", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-pspell", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-recode", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-snmp", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-sqlite", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-sybase", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-tidy", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-xmlrpc", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"php5-xsl", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libapache2-mod-php5filter", ver:"5.2.6.dfsg.1-3ubuntu4.2", rls:"UBUNTU9.04")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/ubuntu_825_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/ubuntu_825_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/ubuntu_825_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,137 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory USN-825-1 (libvorbis) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64781); + script_cve_id("CVE-2008-1420", "CVE-2009-2663"); + script_version ("$"); + script_name("Ubuntu USN-825-1 (libvorbis)"); + + desc = " +The remote host is missing an update to libvorbis +announced via advisory USN-825-1. + +Details follow: + +It was discovered that libvorbis did not correctly handle certain malformed +ogg files. If a user were tricked into opening a specially crafted ogg file +with an application that uses libvorbis, an attacker could execute +arbitrary code with the user's privileges. (CVE-2009-2663) + +USN-682-1 provided updated libvorbis packages to fix multiple security +vulnerabilities. The upstream security patch to fix CVE-2008-1420 +introduced a regression when reading sound files encoded with libvorbis +1.0beta1. This update corrects the problem. + +Original advisory details: + + It was discovered that libvorbis did not correctly handle certain + malformed sound files. If a user were tricked into opening a specially + crafted sound file with an application that uses libvorbis, an attacker + could execute arbitrary code with the user's privileges. (CVE-2008-1420) + +Solution: +The problem can be corrected by upgrading your system to the +following package versions: + +Ubuntu 8.04 LTS: + libvorbis0a 1.2.0.dfsg-2ubuntu0.2 + +Ubuntu 8.10: + libvorbis0a 1.2.0.dfsg-3.1ubuntu0.8.10.1 + +Ubuntu 9.04: + libvorbis0a 1.2.0.dfsg-3.1ubuntu0.9.04.1 + +After a standard system upgrade you need to restart any applications that +use libvorbis, such as Totem and gtkpod, to effect the necessary changes. + +https://secure1.securityspace.com/smysecure/catid.html?in=USN-825-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Ubuntu USN-825-1 (libvorbis)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Ubuntu Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"libvorbis-dev", ver:"1.2.0.dfsg-2ubuntu0.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libvorbis0a", ver:"1.2.0.dfsg-2ubuntu0.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libvorbisenc2", ver:"1.2.0.dfsg-2ubuntu0.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libvorbisfile3", ver:"1.2.0.dfsg-2ubuntu0.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libvorbis-dev", ver:"1.2.0.dfsg-3.1ubuntu0.8.10.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libvorbis0a", ver:"1.2.0.dfsg-3.1ubuntu0.8.10.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libvorbisenc2", ver:"1.2.0.dfsg-3.1ubuntu0.8.10.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libvorbisfile3", ver:"1.2.0.dfsg-3.1ubuntu0.8.10.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libvorbis-dev", ver:"1.2.0.dfsg-3.1ubuntu0.9.04.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libvorbis0a", ver:"1.2.0.dfsg-3.1ubuntu0.9.04.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libvorbisenc2", ver:"1.2.0.dfsg-3.1ubuntu0.9.04.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libvorbisfile3", ver:"1.2.0.dfsg-3.1ubuntu0.9.04.1", rls:"UBUNTU9.04")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/ubuntu_826_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/ubuntu_826_1.nasl 2009-09-01 23:41:39 UTC (rev 4809) +++ trunk/openvas-plugins/scripts/ubuntu_826_1.nasl 2009-09-02 02:58:39 UTC (rev 4810) @@ -0,0 +1,855 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory USN-826-1 (mono) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(64782); + script_cve_id("CVE-2008-3422", "CVE-2008-3906", "CVE-2009-0217"); + script_version ("$"); + script_name("Ubuntu USN-826-1 (mono)"); + + desc = " +The remote host is missing an update to mono +announced via advisory USN-826-1. + +Details follow: + +It was discovered that the XML HMAC signature system did not correctly +check certain lengths. If an attacker sent a truncated HMAC, it could +bypass authentication, leading to potential privilege escalation. +(CVE-2009-0217) + +It was discovered that Mono did not properly escape certain attributes in +the ASP.net class libraries which could result in browsers becoming +vulnerable to cross-site scripting attacks when processing the output. With +cross-site scripting vulnerabilities, if a user were tricked into viewing +server output during a crafted server request, a remote attacker could +exploit this to modify the contents, or steal confidential data (such as +passwords), within the same domain. This issue only affected Ubuntu 8.04 +LTS. (CVE-2008-3422) + +It was discovered that Mono did not properly filter CRLF injections in the +query string. If a user were tricked into viewing server output during a +crafted server request, a remote attacker could exploit this to modify the +contents, steal confidential data (such as passwords), or perform +cross-site request forgeries. This issue only affected Ubuntu 8.04 LTS. +(CVE-2008-3906) + +Solution: +The problem can be corrected by upgrading your system to the +following package versions: + +Ubuntu 8.04 LTS: + libmono-security1.0-cil 1.2.6+dfsg-6ubuntu3.1 + libmono-security2.0-cil 1.2.6+dfsg-6ubuntu3.1 + libmono-system-web1.0-cil 1.2.6+dfsg-6ubuntu3.1 + libmono-system-web2.0-cil 1.2.6+dfsg-6ubuntu3.1 + +Ubuntu 8.10: + libmono-security1.0-cil 1.9.1+dfsg-4ubuntu2.1 + libmono-security2.0-cil 1.9.1+dfsg-4ubuntu2.1 + libmono-system-web1.0-cil 1.9.1+dfsg-4ubuntu2.1 + libmono-system-web2.0-cil 1.9.1+dfsg-4ubuntu2.1 + +Ubuntu 9.04: + libmono-security1.0-cil 2.0.1-4ubuntu0.1 + libmono-security2.0-cil 2.0.1-4ubuntu0.1 + libmono-system-web1.0-cil 2.0.1-4ubuntu0.1 + libmono-system-web2.0-cil 2.0.1-4ubuntu0.1 + +In general, a standard system upgrade is sufficient to effect the +necessary changes. + +https://secure1.securityspace.com/smysecure/catid.html?in=USN-826-1 + +Risk factor : High"; + + script_description(desc); + + script_summary("Ubuntu USN-826-1 (mono)"); + + script_category(ACT_GATHER_INFO); + + script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + script_family("Ubuntu Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"libmono-accessibility1.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-accessibility2.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-cairo1.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-cairo2.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-corlib1.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-corlib2.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-data-tds1.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-data-tds2.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-mozilla0.1-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-peapi1.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-peapi2.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-relaxng1.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-security1.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-security2.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-sharpzip0.84-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-sharpzip2.84-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-sqlite1.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-sqlite2.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-data1.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-data2.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-runtime1.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-runtime2.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-web1.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-web2.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system1.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system2.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-winforms1.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-winforms2.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono1.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono2.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-1.0-devel", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-2.0-devel", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-dbg", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-gac", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-gmcs", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-mcs", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-bytefx0.7.6.1-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-bytefx0.7.6.2-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-c5-1.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-corlib2.1-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-cscompmgd7.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-cscompmgd8.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-db2-1.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-firebirdsql1.7-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-i18n1.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-i18n2.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-ldap1.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-ldap2.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-microsoft-build2.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-microsoft7.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-microsoft8.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-npgsql1.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-npgsql2.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-oracle1.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-oracle2.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-relaxng2.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-sharpzip0.6-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-sharpzip2.6-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-ldap1.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-ldap2.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-messaging1.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-messaging2.0-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system2.1-cil", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-1.0-service", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-2.0-service", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-mjs", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-smcs", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-xbuild", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"prj2make-sharp", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-dev", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono0-dbg", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono0", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-common", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-jay", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-jit-dbg", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-jit", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-runtime", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-utils", ver:"1.2.6+dfsg-6ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-accessibility1.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-accessibility2.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-cairo1.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-cairo2.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-corlib1.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-corlib2.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-data-tds1.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-data-tds2.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-i18n1.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-i18n2.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-mozilla0.2-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-nunit2.2-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-peapi1.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-peapi2.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-relaxng1.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-security1.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-security2.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-sharpzip0.84-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-sharpzip2.84-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-sqlite1.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-sqlite2.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-data1.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-data2.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-runtime1.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-runtime2.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-web1.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-web2.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system1.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system2.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-winforms1.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-winforms2.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono1.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono2.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-1.0-devel", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-2.0-devel", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-dbg", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-gac", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-gmcs", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-mcs", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-bytefx0.7.6.1-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-bytefx0.7.6.2-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-c5-1.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-corlib2.1-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-cscompmgd7.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-cscompmgd8.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-db2-1.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-firebirdsql1.7-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-ldap1.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-ldap2.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-microsoft-build2.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-microsoft7.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-microsoft8.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-npgsql1.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-npgsql2.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-oracle1.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-oracle2.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-relaxng2.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-sharpzip0.6-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-sharpzip2.6-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-ldap1.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-ldap2.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-messaging1.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-messaging2.0-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system2.1-cil", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-1.0-service", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-2.0-service", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-mjs", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-smcs", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-xbuild", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"prj2make-sharp", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-dev", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono0-dbg", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono0", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-common", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-jay", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-jit-dbg", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-jit", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-runtime", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-utils", ver:"1.9.1+dfsg-4ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-accessibility2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-cairo2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-corlib1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-corlib2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-data-tds1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-data-tds2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-data1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-data2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-getoptions1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-getoptions2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-i18n1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-i18n2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-nunit2.2-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-peapi1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-peapi2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-posix1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-posix2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-relaxng1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-relaxng2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-security1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-security2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-sharpzip0.84-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-sharpzip2.84-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-sqlite1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-sqlite2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-data1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-data2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-runtime1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-runtime2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-web1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-web2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-webbrowser0.5-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-winforms2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-1.0-devel", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-1.0-gac", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-2.0-devel", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-2.0-gac", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-devel", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-gac", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-gmcs", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-mcs", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-accessibility1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-bytefx0.7.6.1-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-bytefx0.7.6.2-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-c5-1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-cairo1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-corlib2.1-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-cscompmgd7.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-cscompmgd8.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-db2-1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-firebirdsql1.7-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-ldap1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-ldap2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-microsoft-build2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-microsoft7.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-microsoft8.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-npgsql1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-npgsql2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-oracle1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-oracle2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-sharpzip0.6-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-sharpzip2.6-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-ldap1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-ldap2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-messaging1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system-messaging2.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-system2.1-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-winforms1.0-cil", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-1.0-service", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-2.0-service", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-dbg", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-mjs", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-smcs", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-xbuild", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"prj2make-sharp", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono-dev", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono0-dbg", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libmono0", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-2.0-runtime", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-common", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-jay", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-jit-dbg", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-jit", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-runtime", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-utils", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"mono-1.0-runtime", ver:"2.0.1-4ubuntu0.1", rls:"UBUNTU9.04")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} From scm-commit at wald.intevation.org Wed Sep 2 08:33:42 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 2 Sep 2009 08:33:42 +0200 (CEST) Subject: [Openvas-commits] r4811 - in trunk/openvas-plugins: . scripts Message-ID: <20090902063342.282B3852FD6D@pyrosoma.intevation.org> Author: timb Date: 2009-09-02 08:33:39 +0200 (Wed, 02 Sep 2009) New Revision: 4811 Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/scripts/microsoft-iis-nlst-stack-overflow.nasl Log: Fixed typos Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2009-09-02 02:58:39 UTC (rev 4810) +++ trunk/openvas-plugins/ChangeLog 2009-09-02 06:33:39 UTC (rev 4811) @@ -1,4 +1,9 @@ +2009-09-02 Tim Brown + + * scripts/microsoft-iis-nlst-stack-overflow.nasl: Fixed typo. + 2009-09-01 Thomas Reinke + * scripts/deb_1833_2.nasl, scripts/deb_1862_1.nasl, scripts/deb_1863_1.nasl, @@ -154,7 +159,7 @@ 2009-08-31 Michael Meyer * scripts/SolarWinds_TFTP.nasl: - Added newv plugin. + Added new plugin. 2009-08-28 Chandrashekhar B Modified: trunk/openvas-plugins/scripts/microsoft-iis-nlst-stack-overflow.nasl =================================================================== --- trunk/openvas-plugins/scripts/microsoft-iis-nlst-stack-overflow.nasl 2009-09-02 02:58:39 UTC (rev 4810) +++ trunk/openvas-plugins/scripts/microsoft-iis-nlst-stack-overflow.nasl 2009-09-02 06:33:39 UTC (rev 4811) @@ -34,7 +34,7 @@ We recommend you mitigate in the following manner: Filter inbound traffic to 21/tcp to only known management hosts -Consider removing directories writable by anonymous +Consider removing directories writable by 'anonymous' Solution: We are not aware of a vendor approved solution at the current time. @@ -79,7 +79,6 @@ if (!banner) { exit(0); } -display(banner); if ("Microsoft FTP Service (Version 5.0)" >< banner){ security_hole(port); } From scm-commit at wald.intevation.org Wed Sep 2 08:59:57 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 2 Sep 2009 08:59:57 +0200 (CEST) Subject: [Openvas-commits] r4812 - trunk/openvas-manager Message-ID: <20090902065957.6DC0385D919D@pyrosoma.intevation.org> Author: mwiegand Date: 2009-09-02 08:59:56 +0200 (Wed, 02 Sep 2009) New Revision: 4812 Modified: trunk/openvas-manager/CHANGES trunk/openvas-manager/CMakeLists.txt trunk/openvas-manager/ChangeLog trunk/openvas-manager/VERSION Log: Preparing the openvas-manager 0.8.0 relase. * VERSION: Set to 0.8.0. * CMakeLists.txt: CPACK_PACKAGE_VERSION_PATCH updated. * CHANGES: Updated. Modified: trunk/openvas-manager/CHANGES =================================================================== --- trunk/openvas-manager/CHANGES 2009-09-02 06:33:39 UTC (rev 4811) +++ trunk/openvas-manager/CHANGES 2009-09-02 06:59:56 UTC (rev 4812) @@ -1,3 +1,11 @@ +openvas-manager 0.8.0 (2009-09-02) + +This is a maintenance release of the openvas-manager module for the Open +Vulnerability Assessment System (OpenVAS). + +It contains a number of small improvements and bugfixes. + + openvas-manager 0.7.0 (2009-08-21) This is a maintenance release of the openvas-manager module for the Open Modified: trunk/openvas-manager/CMakeLists.txt =================================================================== --- trunk/openvas-manager/CMakeLists.txt 2009-09-02 06:33:39 UTC (rev 4811) +++ trunk/openvas-manager/CMakeLists.txt 2009-09-02 06:59:56 UTC (rev 4812) @@ -48,8 +48,8 @@ SET(CPACK_SYSTEM_NAME "") SET(CPACK_TOPLEVEL_TAG "") SET(CPACK_PACKAGE_VERSION_MAJOR "0") -SET(CPACK_PACKAGE_VERSION_MINOR "7") -SET(CPACK_PACKAGE_VERSION_PATCH "1.SVN") +SET(CPACK_PACKAGE_VERSION_MINOR "8") +SET(CPACK_PACKAGE_VERSION_PATCH "0") SET(CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}") SET(CPACK_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") SET(CPACK_SOURCE_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2009-09-02 06:33:39 UTC (rev 4811) +++ trunk/openvas-manager/ChangeLog 2009-09-02 06:59:56 UTC (rev 4812) @@ -1,3 +1,13 @@ +2009-09-02 Michael Wiegand + + Preparing the openvas-manager 0.8.0 relase. + + * VERSION: Set to 0.8.0. + + * CMakeLists.txt: CPACK_PACKAGE_VERSION_PATCH updated. + + * CHANGES: Updated. + 2009-09-01 Matthew Mundell Switch START_TASK response to an error if the task is active. Modified: trunk/openvas-manager/VERSION =================================================================== --- trunk/openvas-manager/VERSION 2009-09-02 06:33:39 UTC (rev 4811) +++ trunk/openvas-manager/VERSION 2009-09-02 06:59:56 UTC (rev 4812) @@ -1 +1 @@ -0.7.1.SVN +0.8.0 From scm-commit at wald.intevation.org Wed Sep 2 09:05:40 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 2 Sep 2009 09:05:40 +0200 (CEST) Subject: [Openvas-commits] r4813 - trunk/openvas-manager Message-ID: <20090902070540.731CE852FC10@pyrosoma.intevation.org> Author: mwiegand Date: 2009-09-02 09:05:40 +0200 (Wed, 02 Sep 2009) New Revision: 4813 Modified: trunk/openvas-manager/CMakeLists.txt trunk/openvas-manager/ChangeLog trunk/openvas-manager/VERSION Log: Post release version bump. * VERSION: Set to 0.8.1.SVN. * CMakeLists.txt: CPACK_PACKAGE_VERSION_PATCH updated. Modified: trunk/openvas-manager/CMakeLists.txt =================================================================== --- trunk/openvas-manager/CMakeLists.txt 2009-09-02 06:59:56 UTC (rev 4812) +++ trunk/openvas-manager/CMakeLists.txt 2009-09-02 07:05:40 UTC (rev 4813) @@ -49,7 +49,7 @@ SET(CPACK_TOPLEVEL_TAG "") SET(CPACK_PACKAGE_VERSION_MAJOR "0") SET(CPACK_PACKAGE_VERSION_MINOR "8") -SET(CPACK_PACKAGE_VERSION_PATCH "0") +SET(CPACK_PACKAGE_VERSION_PATCH "1.SVN") SET(CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}") SET(CPACK_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") SET(CPACK_SOURCE_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2009-09-02 06:59:56 UTC (rev 4812) +++ trunk/openvas-manager/ChangeLog 2009-09-02 07:05:40 UTC (rev 4813) @@ -1,5 +1,13 @@ 2009-09-02 Michael Wiegand + Post release version bump. + + * VERSION: Set to 0.8.1.SVN. + + * CMakeLists.txt: CPACK_PACKAGE_VERSION_PATCH updated. + +2009-09-02 Michael Wiegand + Preparing the openvas-manager 0.8.0 relase. * VERSION: Set to 0.8.0. Modified: trunk/openvas-manager/VERSION =================================================================== --- trunk/openvas-manager/VERSION 2009-09-02 06:59:56 UTC (rev 4812) +++ trunk/openvas-manager/VERSION 2009-09-02 07:05:40 UTC (rev 4813) @@ -1 +1 @@ -0.8.0 +0.8.1.SVN From scm-commit at wald.intevation.org Wed Sep 2 09:59:02 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 2 Sep 2009 09:59:02 +0200 (CEST) Subject: [Openvas-commits] r4814 - in trunk/openvas-plugins: . scripts Message-ID: <20090902075902.3524A85C731B@pyrosoma.intevation.org> Author: chandra Date: 2009-09-02 09:58:59 +0200 (Wed, 02 Sep 2009) New Revision: 4814 Added: trunk/openvas-plugins/scripts/gb_ms_win2k3_dos_vuln_sep09.nasl trunk/openvas-plugins/scripts/secpod_asterisk_sip_channel_driver_dos_vuln.nasl trunk/openvas-plugins/scripts/secpod_google_chrome_chromehtml_dos_vuln.nasl trunk/openvas-plugins/scripts/secpod_google_chrome_mult_vuln_aug09.nasl trunk/openvas-plugins/scripts/secpod_kvirc_arg_inj_vuln_win.nasl trunk/openvas-plugins/scripts/secpod_kvirc_detect_win.nasl trunk/openvas-plugins/scripts/secpod_ms_ie_addr_bar_spoofing_vuln.nasl trunk/openvas-plugins/scripts/secpod_php_sec_bypass_vuln_aug09.nasl Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/cve_current.txt trunk/openvas-plugins/scripts/secpod_asterisk_detect.nasl Log: Added new plugins Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2009-09-02 07:05:40 UTC (rev 4813) +++ trunk/openvas-plugins/ChangeLog 2009-09-02 07:58:59 UTC (rev 4814) @@ -1,3 +1,18 @@ +2009-09-02 Chandrashekhar B + + * scripts/secpod_php_sec_bypass_vuln_aug09.nasl + scripts/secpod_google_chrome_mult_vuln_aug09.nasl + scripts/secpod_asterisk_sip_channel_driver_dos_vuln.nasl + scripts/secpod_ms_ie_addr_bar_spoofing_vuln.nasl + scripts/gb_ms_win2k3_dos_vuln_sep09.nasl + scripts/secpod_kvirc_detect_win.nasl + scripts/secpod_kvirc_arg_inj_vuln_win.nasl + scripts/secpod_google_chrome_chromehtml_dos_vuln.nasl: + Added new plugins. + + * scripts/secpod_asterisk_detect.nasl: + Added detect for new version. + 2009-09-02 Tim Brown * scripts/microsoft-iis-nlst-stack-overflow.nasl: Fixed typo. Modified: trunk/openvas-plugins/cve_current.txt =================================================================== --- trunk/openvas-plugins/cve_current.txt 2009-09-02 07:05:40 UTC (rev 4813) +++ trunk/openvas-plugins/cve_current.txt 2009-09-02 07:58:59 UTC (rev 4814) @@ -172,7 +172,6 @@ CVE-2008-6907 SecPod svn R CVE-2009-2732 mime svn R CVE-2008-7016 SecPod svn R -CVE-2008-7017 SecPod CVE-2009-2918 SecPod svn L CVE-2009-2694 SecPod svn R CVE-2009-1879 SecPod svn L @@ -189,7 +188,7 @@ CVE-2008-7047 SecPod svn R CVE-2008-7049 SecPod svn R CVE-2008-7031 SecPod svn R -CVE-2008-7070 SecPod +CVE-2008-7070 SecPod svn L CVE-2008-7068 SecPod CVE-2008-7066 SecPod svn R CVE-2009-2234 SecPod svn R @@ -197,23 +196,35 @@ CVE-2008-0444 SecPod svn R CVE-2008-0445 SecPod svn R CVE-2009-2964 SecPod svn R -CVE-2008-7074 SecPod CVE-2009-2959 SecPod CVE-2009-2967 SecPod CVE-2008-7102 SecPod CVE-2008-7101 SecPod CVE-2008-7100 SecPod -CVE-2009-2935 SecPod +CVE-2009-2935 SecPod svn L CVE-2009-2975 SecPod svn L -CVE-2009-2974 SecPod -CVE-2009-2973 SecPod -CVE-2009-2726 SecPod -CVE-2008-7002 SecPod +CVE-2009-2974 SecPod svn L +CVE-2009-2973 SecPod svn L +CVE-2009-2726 SecPod svn R +CVE-2008-7002 SecPod svn R CVE-2008-7087 SecPod -CVE-2009-3008 -CVE-2009-3003 -CVE-2009-3004 -CVE-2009-3005 -CVE-2009-3006 -CVE-2009-3007 - +CVE-2009-3008 SecPod +CVE-2009-3003 SecPod svn L +CVE-2009-3004 SecPod +CVE-2009-3005 SecPod +CVE-2009-3006 SecPod +CVE-2009-3007 SecPod +CVE-2009-3016 SecPod +CVE-2009-3010 SecPod +CVE-2009-3014 SecPod +CVE-2009-3012 SecPod +CVE-2009-3013 SecPod +CVE-2009-3019 SecPod +CVE-2009-3015 SecPod +CVE-2009-3017 SecPod +CVE-2009-3011 SecPod +CVE-2009-3023 SecPod +CVE-2009-3026 SecPod +CVE-2009-3025 SecPod +CVE-2009-3020 SecPod +CVE-2009-2944 SecPod Added: trunk/openvas-plugins/scripts/gb_ms_win2k3_dos_vuln_sep09.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_ms_win2k3_dos_vuln_sep09.nasl 2009-09-02 07:05:40 UTC (rev 4813) +++ trunk/openvas-plugins/scripts/gb_ms_win2k3_dos_vuln_sep09.nasl 2009-09-02 07:58:59 UTC (rev 4814) @@ -0,0 +1,107 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_ms_win2k3_dos_vuln_sep09.nasl 4419 2009-09-01 12:54:254Z sep $ +# +# Microsoft Windows Server 2003 OpenType Font Engine DoS Vulnerability +# +# Authors: +# Antu Sanadi +# +# Copyright: +# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800687); + script_version("$Revision: 1.0 $"); + script_cve_id("CVE-2009-3020"); + script_bugtraq_id(36029); + script_name("Microsoft Windows Server 2003 OpenType Font Engine DoS Vulnerability"); + desc = " + Overview: This host is running Windows Server 2003 operating system and is + prone to Denial of Service vulnerability. + + Vulnerability Insight: + The vulnerability is caused due to an error in 'win32k.sys' when processing + Embedded OpenType font. + + Impact: + Successful exploitation will allow attakers to cause denial of service via + a specially-crafted file containing EOT font embedded in the document thus + crashing the operating system. + + Impact Level: System + + Affected Software/OS: + Microsoft Windows 2003 Service Pack 2 and prior. + + Fix: No solution or patch is available as on 1st Sep, 2009. Information + regarding this issue will be updated once the solution details are available. + For updates refer, http://www.microsoft.com/en/us/default.aspx + + References: + http://secunia.com/advisories/36250 + http://www.milw0rm.com/exploits/9417 + http://xforce.iss.net/xforce/xfdb/52403 + + CVSS Score: + CVSS Base Score : 4.7 (AV:L/AC:M/Au:NR/C:N/I:N/A:C) + CVSS Temporal Score : 4.2 + Risk factor : Medium"; + + script_description(desc); + script_summary("Check for the vulnerable File Version"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 Intevation GmbH"); + script_family("Windows"); + script_dependencies("secpod_reg_enum.nasl"); + script_require_ports(139, 445); + exit(0); +} + + +include("smb_nt.inc"); +include("secpod_reg.inc"); +include("version_func.inc"); +include("secpod_smb_func.inc"); + +if(hotfix_check_sp(win2003:3) <= 0){ + log_message(data:"gb_ms_win2k3_dos_vuln_sep09.nasl: + Installed OS is not vulnerable"); + exit(0); +} + +SP = get_kb_item("SMB/Win2003/ServicePack"); +if("Service Pack 1" >< SP || "Service Pack 2" >< SP) +{ + sysPath = registry_get_sz(key:"SOFTWARE\Microsoft\COM3\Setup", + item:"Install Path"); + if(sysPath != NULL) + { + share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:sysPath); + file = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1", + string:sysPath + "\Win32k.sys"); + sysVer = GetVer(file:file, share:share); + if(sysVer) + { + # Grep for Win32k.sys version <= 5.2.3790.4497 + if(version_is_less_equal(version:sysVer, test_version:"5.2.3790.4497")){ + security_warning(0); + } + } + } +} Property changes on: trunk/openvas-plugins/scripts/gb_ms_win2k3_dos_vuln_sep09.nasl ___________________________________________________________________ Name: svn:executable + * Modified: trunk/openvas-plugins/scripts/secpod_asterisk_detect.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_asterisk_detect.nasl 2009-09-02 07:05:40 UTC (rev 4813) +++ trunk/openvas-plugins/scripts/secpod_asterisk_detect.nasl 2009-09-02 07:58:59 UTC (rev 4814) @@ -3,13 +3,16 @@ # $Id: secpod_asterisk_detect.nasl 3742 2009-08-01 22:10:29Z jul $ # # Asterisk Version Detection -# +# # Authors: # Sharath S # # Copyright: # Copyright (c) 2009 SecPod, http://www.secpod.com # +# Updated to Set KB for Product Installation +# - By Sharath S On 2009-08-28 +# # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 # (or any later version), as published by the Free Software Foundation. @@ -27,7 +30,7 @@ if(description) { script_id(900811); - script_version("$Revision: 1.0 $"); + script_version("$Revision: 1.1 $"); script_name("Asterisk Version Detection"); desc = " @@ -65,7 +68,7 @@ "OPTIONS sip:user@", get_host_name(), " SIP/2.0", "\r\n", "Via: SIP/2.0/UDP ", this_host(), ":", asterisk_port, "\r\n", "To: User \r\n", - "From: OpenVAS \r\n", + "From: OpenVAS \r\n", "Call-ID: ", rand(), "\r\n", "CSeq: ", rand(), " OPTIONS\r\n", "Contact: OpenVAS \r\n", @@ -110,5 +113,7 @@ if(asteriskVer[1] != NULL){ set_kb_item(name:"Asterisk-PBX/Ver", value:asteriskVer[1]); } + else + set_kb_item(name:"Asterisk-PBX/Installed", value:TRUE); } } Added: trunk/openvas-plugins/scripts/secpod_asterisk_sip_channel_driver_dos_vuln.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_asterisk_sip_channel_driver_dos_vuln.nasl 2009-09-02 07:05:40 UTC (rev 4813) +++ trunk/openvas-plugins/scripts/secpod_asterisk_sip_channel_driver_dos_vuln.nasl 2009-09-02 07:58:59 UTC (rev 4814) @@ -0,0 +1,154 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: secpod_asterisk_sip_channel_driver_dos_vuln.nasl 3981 2009-08-28 19:33:24Z aug $ +# +# Asterisk SIP Channel Driver Denial Of Service Vulnerability (Linux) +# +# Authors: +# Sharath S +# +# Copyright: +# Copyright (c) 2009 SecPod, http://www.secpod.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(900834); + script_version("$Revision: 1.0 $"); + script_cve_id("CVE-2009-2726"); + script_bugtraq_id(36015); + script_name("Asterisk SIP Channel Driver Denial Of Service Vulnerability (Linux)"); + desc = " + + Overview: + This host has Asterisk installed and is prone to Denial of Service + vulnerability. + + Vulnerability Insight: + The flaw is due to an error in SIP channel driver which fails to use + maximum width when invoking 'sscanf' style functions. This can be exploited + via SIP packets containing large sequences of ASCII decimal characters as + demonstrated via vectors related to the CSeq value in a SIP header, large + Content-Length value and SDP. + + Impact: + Successful exploitation will let the attacker cause Denial of Service + in the victim's system. + + Impact Level: Application + + Affected Software/OS: + Asterisk version 1.2.x before 1.2.34, 1.4.x before 1.4.26.1, + 1.6.0.x before 1.6.0.12, and 1.6.1.x before 1.6.1.4 on Linux. + + Fix: Upgrade to version 1.2.34, 1.4.26.1, 1.6.0.12, 1.6.1.4 or apply the patch + http://www.asterisk.org/downloads + http://downloads.digium.com/pub/security/AST-2009-005-1.2.diff.txt + http://downloads.digium.com/pub/security/AST-2009-005-1.4.diff.txt + http://downloads.digium.com/pub/security/AST-2009-005-trunk.diff.txt + http://downloads.digium.com/pub/security/AST-2009-005-1.6.0.diff.txt + http://downloads.digium.com/pub/security/AST-2009-005-1.6.1.diff.txt + http://downloads.digium.com/pub/security/AST-2009-005-1.6.2.diff.txt + + ***** + NOTE: Please ignore the warning if the patch is applied. + ***** + + References: + http://secunia.com/advisories/36227/ + http://www.vupen.com/english/advisories/2009/2229 + http://labs.mudynamics.com/advisories/MU-200908-01.txt + http://downloads.asterisk.org/pub/security/AST-2009-005.html + + CVSS Score: + CVSS Base Score : 7.8 (AV:N/AC:L/Au:NR/C:N/I:N/A:C) + CVSS Temporal Score : 5.8 + Risk factor: High"; + + script_description(desc); + script_summary("Check for the Version of Asterisk"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 SecPod"); + script_family("Denial of Service"); + script_dependencies("secpod_asterisk_detect.nasl"); + script_require_keys("Asterisk-PBX/Ver", "Asterisk-PBX/Installed"); + exit(0); +} + + + + +include("ssh_func.inc"); +include("version_func.inc"); + +function asterisk_check(ver) +{ + # Check for Asterisk version 1.2 < 1.2.34, 1.4 < 1.4.26.1, 1.6.0 < 1.6.0.12 and + # 1.6.1 < 1.6.1.4 + if(version_in_range(version:ver, test_version:"1.2", test_version2:"1.2.33")|| + version_in_range(version:ver, test_version:"1.4", test_version2:"1.4.26")|| + version_in_range(version:ver, test_version:"1.6.0", test_version2:"1.6.0.11")|| + version_in_range(version:ver, test_version:"1.6.1", test_version2:"1.6.1.3")){ + return TRUE; + } +} + + +msg = "Asterisk is Running on 5060/udp and Installed version is Vulnerable"; + +asteriskVer = get_kb_item("Asterisk-PBX/Ver"); + +if(asteriskVer) +{ + if(asterisk_check(ver:asteriskVer)) + { + security_hole(port:5060, proto:"udp"); + log_message(port:5060, data:msg); + } +} +else if(get_kb_item("Asterisk-PBX/Installed")) +{ + astk_sock = ssh_login_or_reuse_connection(); + if(!astk_sock) + { + log_message(data:"secpod_asterisk_sip_channel_driver_dos_vuln.nasl: + Unable to login over ssh"); + exit(0); + } + + paths = find_file(file_name:"asterisk", file_path:"/", useregex:TRUE, + regexpar:"$", sock:astk_sock); + + foreach binName (paths) + { + asteriskVer = get_bin_version(full_prog_name:chomp(binName), sock:astk_sock, + version_argv:"-V", + ver_pattern:"Asterisk ([0-9.]+(.?[a-z0-9]+)?)"); + asteriskVer[1] = ereg_replace(pattern:"-", replace:".", string:asteriskVer[1]); + + if(asteriskVer[1] != NULL) + { + if(asterisk_check(ver:asteriskVer[1])) + { + security_hole(port:5060, proto:"udp"); + ssh_close_connection(); + log_message(port:5060, data:msg); + exit(0); + } + } + } + ssh_close_connection(); +} Property changes on: trunk/openvas-plugins/scripts/secpod_asterisk_sip_channel_driver_dos_vuln.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/secpod_google_chrome_chromehtml_dos_vuln.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_google_chrome_chromehtml_dos_vuln.nasl 2009-09-02 07:05:40 UTC (rev 4813) +++ trunk/openvas-plugins/scripts/secpod_google_chrome_chromehtml_dos_vuln.nasl 2009-09-02 07:58:59 UTC (rev 4814) @@ -0,0 +1,90 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: secpod_google_chrome_chromehtml_dos_vuln.nasl 4347 2009-08-28 12:52:29Z aug $ +# +# Google Chrome 'chromehtml: URI Denial Of Service Vulnerability +# +# Authors: +# Sharath S +# +# Copyright: +# Copyright (c) 2009 SecPod, http://www.secpod.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(900833); + script_version("$Revision: 1.0 $"); + script_cve_id("CVE-2009-2974"); + script_name("Google Chrome 'chromehtml: URI' Denial Of Service Vulnerability"); + desc = " + Overview: This host is installed with Google Chrome and is prone to Denial + of Service vulnerability. + + Vulnerability Insight: + Error occurs when vectors involving a series of function calls that set a + 'chromehtml:' URI value for the document.location property. + + Impact: + Successful attacks could allows remote attackers to cause application hang + and CPU consumption which may result in Denial of Service condition. + + Impact Level: Application + + Affected Software/OS: + Google Chrome version 1.0.154.65 and prior on Windows. + + Fix: No solution or patch is available as on 28th August, 2009. Information + regarding this issue will be updated once the solution details are available. + For updates refer, http://www.google.com/chrome + + References: + http://websecurity.com.ua/3435/ + http://archives.neohapsis.com/archives/bugtraq/2009-08/0236.html + http://archives.neohapsis.com/archives/bugtraq/2009-08/0217.html + + CVSS Score: + CVSS Base Score : 7.1 (AV:N/AC:M/Au:NR/C:N/I:N/A:C) + CVSS Temporal Score : 6.4 + Risk factor: High"; + + script_description(desc); + script_summary("Check for the Version of Google Chrome"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 SecPod"); + script_family("Denial of Service"); + script_dependencies("gb_google_chrome_detect_win.nasl"); + script_require_keys("GoogleChrome/Win/Ver"); + exit(0); +} + + +include("version_func.inc"); + +# Get for Chrome Version +chromeVer = get_kb_item("GoogleChrome/Win/Ver"); + +if(isnull(chromeVer)){ + log_message(data:"secpod_google_chrome_chromehtml_dos_vuln.nasl: + Google Chrome is not installed"); + exit(0); +} + +# Check for Google Chrome version < 1.0.154.65 +if(version_is_less_equal(version:chromeVer, test_version:"1.0.154.65")){ + security_hole(0); + exit(0); +} Property changes on: trunk/openvas-plugins/scripts/secpod_google_chrome_chromehtml_dos_vuln.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/secpod_google_chrome_mult_vuln_aug09.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_google_chrome_mult_vuln_aug09.nasl 2009-09-02 07:05:40 UTC (rev 4813) +++ trunk/openvas-plugins/scripts/secpod_google_chrome_mult_vuln_aug09.nasl 2009-09-02 07:58:59 UTC (rev 4814) @@ -0,0 +1,94 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: secpod_google_chrome_mult_vuln_aug09.nasl 4347 2009-08-28 12:52:29Z aug $ +# +# Google Chrome 'JavaScript' And 'HTTPS' Multiple Vulnerabilities - Aug09 +# +# Authors: +# Sharath S +# +# Copyright: +# Copyright (c) 2009 SecPod, http://www.secpod.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(900832); + script_version("$Revision: 1.0 $"); + script_cve_id("CVE-2009-2935", "CVE-2009-2973"); + script_bugtraq_id(36149); + script_name("Google Chrome 'JavaScript' And 'HTTPS' Multiple Vulnerabilities - Aug09"); + desc = " + Overview: This host is installed with Google Chrome and is prone to multiple + vulnerabilities. + + Vulnerability Insight: + - When 'Google V8' is used in the application, it allows to bypass intended + restrictions on reading memory, and possibly obtain sensitive information + in the Chrome sandbox, via crafted JavaScript. + - Application fails to prevent SSL connections to a site with an X.509 + certificate signed with the MD2 or MD4 algorithm, which makes it easier for + man-in-the-middle attackers to spoof arbitrary HTTPS servers via a crafted + certificate. + + Impact: + Successful exploitation will let the attacker to spoof the X.509 certificate. + + Impact Level: Application + + Affected Software/OS: + Google Chrome version prior to 2.0.172.43 on Windows. + + Fix: Upgrade to version 2.0.172.43 or later + http://www.google.com/chrome + + References: + http://secunia.com/advisories/36417 + http://www.vupen.com/english/advisories/2009/2420 + http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html + + CVSS Score: + CVSS Base Score : 6.8 (AV:N/AC:M/Au:NR/C:P/I:P/A:P) + CVSS Temporal Score : 5.0 + Risk factor: Medium"; + + script_description(desc); + script_summary("Check for the Version of Google Chrome"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 SecPod"); + script_family("General"); + script_dependencies("gb_google_chrome_detect_win.nasl"); + script_require_keys("GoogleChrome/Win/Ver"); + exit(0); +} + + +include("version_func.inc"); + +# Get for Chrome Version +chromeVer = get_kb_item("GoogleChrome/Win/Ver"); + +if(isnull(chromeVer)){ + log_message(data:"secpod_google_chrome_mult_vuln_aug09.nasl: + Google Chrome is not installed"); + exit(0); +} + +# Check for Google Chrome version < 2.0.172.43 +if(version_is_less(version:chromeVer, test_version:"2.0.172.43")){ + security_warning(0); + exit(0); +} Property changes on: trunk/openvas-plugins/scripts/secpod_google_chrome_mult_vuln_aug09.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/secpod_kvirc_arg_inj_vuln_win.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_kvirc_arg_inj_vuln_win.nasl 2009-09-02 07:05:40 UTC (rev 4813) +++ trunk/openvas-plugins/scripts/secpod_kvirc_arg_inj_vuln_win.nasl 2009-09-02 07:58:59 UTC (rev 4814) @@ -0,0 +1,85 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: secpod_kvirc_arg_inj_vuln_win.nasl 4293 2009-08-28 13:24:24Z aug $ +# +# KVIrc URI Handler Argument Injection Vulnerability +# +# Authors: +# Antu Sanadi +# +# Copyright (c) 2009 SecPod, http://www.secpod.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(901011); + script_version("$Revision: 1.0 $"); + script_cve_id("CVE-2008-7070"); + script_bugtraq_id(32410); + script_name("KVIrc URI Handler Argument Injection Vulnerability"); + desc = " + Overview: This host has KVIrc installed and is prone to Argument Injection + vulnerability. + + Vulnerability Insight: + The flaw is caused due to an improper validation of user supplied input, which + can be exploited by persuading a victim to open a specially-crafted 'irc:///', + 'irc6:///', 'ircs:///', or 'ircs6:///' URI. + + Impact: + Successful exploitation will let the attackers to execute arbitrary commands. + + Impact Level: Application + + Affected Software/OS: + KVirc version 3.4.2 and prior on Windows + + Fix: No solution or patch is available as on 28th August, 2009. Information + regarding this issue will be updated once the solution details are available. + For updates refer, http://www.kvirc.net/?lang=en + + References: + http://www.milw0rm.com/exploits/7181 + http://xforce.iss.net/xforce/xfdb/46779 + + CVSS Score: + CVSS Base Score : 9.3 (AV:N/AC:M/Au:NR/C:C/I:C/A:C) + CVSS Temporal Score : 8.4 + Risk factor: Critical"; + + script_description(desc); + script_summary("Check for the version of KVIrc"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 SecPod"); + script_family("General"); + script_dependencies("secpod_kvirc_detect_win.nasl"); + script_require_keys("Kvirc/Win/Ver"); + exit(0); +} + + +include("version_func.inc"); + +# Get for KVIrc Version +kvircVer = get_kb_item("Kvirc/Win/Ver"); + +if(kvircVer != NULL) +{ + # Check for KVirc version <= 3.4.2 + if(version_is_less_equal(version:kvircVer, test_version:"3.4.2")){ + security_hole(0); + } +} Added: trunk/openvas-plugins/scripts/secpod_kvirc_detect_win.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_kvirc_detect_win.nasl 2009-09-02 07:05:40 UTC (rev 4813) +++ trunk/openvas-plugins/scripts/secpod_kvirc_detect_win.nasl 2009-09-02 07:58:59 UTC (rev 4814) @@ -0,0 +1,112 @@ +############################################################################## +# OpenVAS Vulnerability Test +# $Id: secpod_kvirc_detect_win.nasl 4293 2009-08-28 12:20:24Z aug $ +# +# KVIrc Version Detection (Win) +# +# Authors: +# Antu Sanadi +# +# Copyright: +# Copyright (c) 2009 SecPod, http://www.secpod.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(901010); + script_version("$Revision: 1.0 $"); + script_name("KVIrc Version Detection (Win)"); + desc = " + Overview: This script detects the installed version of KVIrc and sets + the result in KB. + + Risk factor: Informational"; + + script_description(desc); + script_summary("Set the KB for the Version of KVIrc"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 SecPod"); + script_family("Service detection"); + script_dependencies("secpod_reg_enum.nasl"); + script_require_keys("SMB/WindowsVersion"); + script_require_ports(139, 445); + exit(0); +} + + +include("smb_nt.inc"); +include("secpod_smb_func.inc"); + +# Check for Windows OS +if(!get_kb_item("SMB/WindowsVersion")){ + log_message(data:"secpod_kvirc_detect_win.nasl:Target Machine is not a Windows OS"); + exit(0); +} + +key = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\"; +foreach item (registry_enum_keys(key:key)) +{ + kvireName = registry_get_sz(key:key + item, item:"DisplayName"); + + if("KVIrc" >< kvireName) + { + # Grep Version from Registry + kvircVer = eregmatch(pattern:"KVIrc ([0-9.]+)", string:kvireName); + + if(kvircVer[1] != NULL){ + kvircVer = kvircVer[1]; + } + else + { + # Grep Version from .EXE File + path = registry_get_sz(key:"SOFTWARE\Microsoft\Windows\CurrentVersion\", + item:"ProgramFilesDir"); + exePath = path + "\kvirc\kvirc.exe"; + share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:exePath); + file = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1", string:exePath); + kvircVer = GetVer(file:file, share:share); + + if(kvircVer == NULL) + { + # Taking Version From README File + exePath = exePath -"kvirc.exe" + "README.txt"; + + share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:exePath); + file = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1", string:exePath); + readmeText = read_file(share:share, file:file, offset:0, count:500); + + if(readmeText) + { + kvircVer = eregmatch(pattern:"Release ([0-9.]+)", string:readmeText); + + if(kvircVer != NULL){ + kvircVer = kvircVer[1]; + } + else + { + log_message(data:"Version is not Found in Readme.txt File"); + exit(0); + } + } + } + } + + # Set KB for KVIrc + if(kvircVer != NULL){ + set_kb_item(name:"Kvirc/Win/Ver", value:kvircVer); + } + } +} Added: trunk/openvas-plugins/scripts/secpod_ms_ie_addr_bar_spoofing_vuln.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_ms_ie_addr_bar_spoofing_vuln.nasl 2009-09-02 07:05:40 UTC (rev 4813) +++ trunk/openvas-plugins/scripts/secpod_ms_ie_addr_bar_spoofing_vuln.nasl 2009-09-02 07:58:59 UTC (rev 4814) @@ -0,0 +1,91 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: secpod_ms_ie_addr_bar_spoofing_vuln.nasl 4379 2009-09-01 15:09:29Z sep $ +# +# Microsoft Internet Explorer Address Bar Spoofing Vulnerability +# +# Authors: +# Sharath S +# +# Copyright: +# Copyright (c) 2009 SecPod, http://www.secpod.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(900836); + script_version("$Revision: 1.0 $"); + script_cve_id("CVE-2009-3003"); + script_name("Microsoft Internet Explorer Address Bar Spoofing Vulnerability"); + desc = " + Overview: This host is installed with Internet Explorer and is prone to + Address Bar Spoofing vulnerability. + + Vulnerability Insight: + Error exists when opening a new window using 'window.open()' which can be + exploited to display spoofed content in the browser window while the address + bar shows an arbitrary path on a possibly trusted host. + + Impact: + Successful exploitation lets the attackers to spoof parts of the address bar + and modify page content on a host that a user may consider partly trusted. + + Impact Level: Application + + Affected Software/OS: + Microsoft Internet Explorer version 6.x, 7.x and 8.x + + Fix: No solution or patch is available as on 01st Sep 2009, Information + regarding this issue will be updated once the solution details are available. + For updates refer, + http://www.microsoft.com/windows/internet-explorer/download-ie.aspx + + References: + http://secunia.com/advisories/36334 + http://lostmon.blogspot.com/2009/08/multiple-browsers-fake-url-folder-file.html + + CVSS Score: + CVSS Base Score : 4.3 (AV:N/AC:M/Au:NR/C:N/I:P/A:N) + CVSS Temporal Score : 3.9 + Risk factor : Medium"; + + script_description(desc); + script_summary("Check for the version of Internet Explorer"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 SecPod"); + script_family("General"); + script_dependencies("gb_ms_ie_detect.nasl"); + script_require_keys("MS/IE/EXE/Ver"); + exit(0); +} + + +include("version_func.inc"); + +ieVer = get_kb_item("MS/IE/EXE/Ver"); +if(!ieVer) +{ + log_message(data:"secpod_ms_ie_addr_bar_spoofing_vuln:Internet Explorer is not installed"); + exit(0); +} + +# Check for Microsoft Internet Explorer version 6.0 <= 6.0.3790.3959, +# 7.0 <= 7.0.6000.16876 and 8.0 <= 8.0.6001.18702 +if(version_in_range(version:ieVer, test_version:"6.0", test_version2:"6.0.3790.3959") || + version_in_range(version:ieVer, test_version:"7.0", test_version2:"7.0.6000.16876")|| + version_in_range(version:ieVer, test_version:"8.0", test_version2:"8.0.6001.18702")){ + security_warning(0); +} Property changes on: trunk/openvas-plugins/scripts/secpod_ms_ie_addr_bar_spoofing_vuln.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/secpod_php_sec_bypass_vuln_aug09.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_php_sec_bypass_vuln_aug09.nasl 2009-09-02 07:05:40 UTC (rev 4813) +++ trunk/openvas-plugins/scripts/secpod_php_sec_bypass_vuln_aug09.nasl 2009-09-02 07:58:59 UTC (rev 4814) @@ -0,0 +1,94 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: secpod_php_sec_bypass_vuln_aug09.nasl 4136 2009-08-28 21:30:29Z aug $ +# +# PHP Security Bypass Vulnerability - Aug09 +# +# Authors: +# Sharath S +# +# Copyright: +# Copyright (c) 2009 SecPod, http://www.secpod.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(900835); + script_version("$Revision: 1.0 $"); + script_cve_id("CVE-2008-7002"); + script_bugtraq_id(31064); + script_name("PHP Security Bypass Vulnerability - Aug09"); + desc = " + Overview: + This host is running PHP and is prone to Security Bypas vulnerability. + + Vulnerability Insight: + Error exists when application fails to enforce 'safe_mode_exec_dir' and + 'open_basedir' restrictions for certain functions, which can be caused via + the exec, system, shell_exec, passthru, or popen functions, possibly + involving pathnames such as 'C:' drive notation. + + Impact: + Successful exploitation will let the local attacker execute arbitrary code and + can bypass security restriction in the context of the web application. + + Impact Level: Application + + Affected Software/OS: + PHP version 5.2.5 + + Fix: No solution or patch is available as on 28th August, 2009. Information + regarding this issue will be updated once the solution details are available. + For updates refer, http://www.php.net/ + + References: + http://en.securitylab.ru/nvd/383831.php + http://downloads.securityfocus.com/vulnerabilities/exploits/31064.php + + CVSS Score: + CVSS Base Score : 7.2 (AV:L/AC:L/Au:NR/C:C/I:C/A:C) + CVSS Temporal Score : 6.4 + Risk factor: High"; + + script_description(desc); + script_summary("Check for the version of PHP"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 SecPod"); + script_family("Web application abuses"); + script_dependencies("gb_php_detect.nasl"); + script_require_ports("Services/www", 80); + exit(0); +} + + +include("http_func.inc"); +include("version_func.inc"); + +phpPort = get_http_port(default:80); +if(!phpPort) +{ + log_message(data:"secpod_php_sec_bypass_vuln_aug09.nasl: HTTP port is not open"); + exit(0); +} + +phpVer = get_kb_item("www/" + phpPort + "/PHP"); +if(!isnull(phpVer)) +{ + # Check for PHP version 5.2.5 + if(version_is_equal(version:phpVer, test_version:"5.2.5")){ + security_hole(phpPort); + } +} Property changes on: trunk/openvas-plugins/scripts/secpod_php_sec_bypass_vuln_aug09.nasl ___________________________________________________________________ Name: svn:executable + * From scm-commit at wald.intevation.org Wed Sep 2 11:12:59 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 2 Sep 2009 11:12:59 +0200 (CEST) Subject: [Openvas-commits] r4815 - in trunk/openvas-plugins: . scripts Message-ID: <20090902091259.32B94852FD6D@pyrosoma.intevation.org> Author: mime Date: 2009-09-02 11:12:57 +0200 (Wed, 02 Sep 2009) New Revision: 4815 Added: trunk/openvas-plugins/scripts/dnsmasq_tftp.nasl Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/cve_current.txt Log: Added new plugin Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2009-09-02 07:58:59 UTC (rev 4814) +++ trunk/openvas-plugins/ChangeLog 2009-09-02 09:12:57 UTC (rev 4815) @@ -1,3 +1,8 @@ +2009-09-02 Michael Meyer + + * scripts/dnsmasq_tftp.nasl: + Added new plugin. + 2009-09-02 Chandrashekhar B * scripts/secpod_php_sec_bypass_vuln_aug09.nasl Modified: trunk/openvas-plugins/cve_current.txt =================================================================== --- trunk/openvas-plugins/cve_current.txt 2009-09-02 07:58:59 UTC (rev 4814) +++ trunk/openvas-plugins/cve_current.txt 2009-09-02 09:12:57 UTC (rev 4815) @@ -228,3 +228,5 @@ CVE-2009-3025 SecPod CVE-2009-3020 SecPod CVE-2009-2944 SecPod +CVE-2009-2957 mime svn R +CVE-2009-2958 mime svn R Added: trunk/openvas-plugins/scripts/dnsmasq_tftp.nasl =================================================================== --- trunk/openvas-plugins/scripts/dnsmasq_tftp.nasl 2009-09-02 07:58:59 UTC (rev 4814) +++ trunk/openvas-plugins/scripts/dnsmasq_tftp.nasl 2009-09-02 09:12:57 UTC (rev 4815) @@ -0,0 +1,105 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id$ +# +# Dnsmasq TFTP Service multiple vulnerabilities +# +# Authors: +# Michael Meyer +# +# Copyright: +# Copyright (c) 2009 Michael Meyer +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +desc = "Overview: +Dnsmasq is prone to a remotely exploitable heap-overflow vulnerability +because the software fails to properly bounds-check user-supplied +input before copying it into an insufficiently sized memory buffer. + +Remote attackers can exploit this issue to execute arbitrary machine +code in the context of the vulnerable software on the targeted +user's computer. + +Dnsmasq is also prone to a NULL-pointer dereference vulnerability. +An attacker can exploit this issue to crash the affected application, denying +service to legitimate users. + +NOTE: The TFTP service must be enabled for this issue to be exploitable; this +is not the default. + +Versions *prior to* Dnsmasq 2.50 are vulnerable. + +Solution: +Updates are available. Please see the references for more information. + +References: +http://www.securityfocus.com/bid/36121 +http://www.securityfocus.com/bid/36120 +http://www.thekelleys.org.uk/dnsmasq/doc.html +http://www.coresecurity.com/content/dnsmasq-vulnerabilities + +Risk factor : High"; + +if (description) +{ + script_id(100267); + script_bugtraq_id(36121,36120); + script_cve_id("CVE-2009-2957","CVE-2009-2958"); + script_version ("1.0"); + + script_name("Dnsmasq TFTP Service multiple vulnerabilities"); + + script_description(desc); + script_summary("Determine if dnsmasq version is < 2.50"); + script_category(ACT_GATHER_INFO); + script_family("Buffer overflow"); + script_copyright("This script is Copyright (C) 2009 Michael Meyer"); + script_dependencies("dnsmasq_version.nasl"); + script_require_keys("dnsmasq/version"); + exit(0); +} + + +include("tftp.inc"); +include("version_func.inc"); + +port = get_kb_item('Services/udp/tftp'); +if (! port) port = 69; + +dnsPort = 53; +if(!get_udp_port_state(dnsPort)){ + exit(0); +} + +if(!version = get_kb_item("dnsmasq/version"))exit(0); + +if(version_is_less(version: version, test_version: "2.50")) { + + if (tftp_alive(port:port)) { + info = string("High\n\nINFO: OpenVAs found a running TFTPD at this host. If this is the\ndnsmasq-tftpd, you should disable it immediately until you have\nswitched to the latest version of dnsmasq.\n"); + desc = ereg_replace( + string:desc, + pattern:"High$", + replace:info + ); + } + + security_hole(port:dnsPort,data: desc); + exit(0); + +} + +exit(0); Property changes on: trunk/openvas-plugins/scripts/dnsmasq_tftp.nasl ___________________________________________________________________ Name: svn:keywords + ID From scm-commit at wald.intevation.org Wed Sep 2 11:15:06 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 2 Sep 2009 11:15:06 +0200 (CEST) Subject: [Openvas-commits] r4816 - in trunk/openvas-plugins: . scripts Message-ID: <20090902091506.1BE7C852F98D@pyrosoma.intevation.org> Author: felix Date: 2009-09-02 11:15:03 +0200 (Wed, 02 Sep 2009) New Revision: 4816 Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/scripts/toolcheck.nasl Log: * scripts/toolcheck.nasl: Removed ovaldi version number output, set kb-entry 'Missing' as well if sufficient ovaldi found. Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2009-09-02 09:12:57 UTC (rev 4815) +++ trunk/openvas-plugins/ChangeLog 2009-09-02 09:15:03 UTC (rev 4816) @@ -1,3 +1,8 @@ +2009-09-02 Felix Wolfsteller + + * scripts/toolcheck.nasl: Removed ovaldi version number output, + set kb-entry 'Missing' as well if sufficient ovaldi found. + 2009-09-02 Michael Meyer * scripts/dnsmasq_tftp.nasl: Modified: trunk/openvas-plugins/scripts/toolcheck.nasl =================================================================== --- trunk/openvas-plugins/scripts/toolcheck.nasl 2009-09-02 09:12:57 UTC (rev 4815) +++ trunk/openvas-plugins/scripts/toolcheck.nasl 2009-09-02 09:15:03 UTC (rev 4816) @@ -167,10 +167,10 @@ if (! isnull(v)){ found_version = v[1] + '.'; found_version = found_version + v[2]; - summary = summary + found_version; if (version_is_greater_equal (version:found_version, test_version: "5.5.23")){ set_kb_item(name: "Tools/Present/ovaldi", value: TRUE); + set_kb_item(name: "Tools/Missing/ovaldi", value: FALSE); sufficient_ovaldi_found = TRUE; break; } From scm-commit at wald.intevation.org Wed Sep 2 11:50:48 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 2 Sep 2009 11:50:48 +0200 (CEST) Subject: [Openvas-commits] r4817 - in trunk/openvas-plugins: . scripts Message-ID: <20090902095048.9CA6B852F532@pyrosoma.intevation.org> Author: chandra Date: 2009-09-02 11:50:45 +0200 (Wed, 02 Sep 2009) New Revision: 4817 Added: trunk/openvas-plugins/scripts/gb_apple_safari_js_uri_xss_vuln_sep09.nasl trunk/openvas-plugins/scripts/gb_avant_browser_addr_bar_spoofing_vuln.nasl trunk/openvas-plugins/scripts/gb_avant_browser_detect.nasl trunk/openvas-plugins/scripts/gb_flock_addr_bar_spoofing_vuln_lin.nasl trunk/openvas-plugins/scripts/gb_flock_addr_bar_spoofing_vuln_win.nasl trunk/openvas-plugins/scripts/gb_flock_detect_lin.nasl trunk/openvas-plugins/scripts/gb_flock_detect_win.nasl trunk/openvas-plugins/scripts/gb_mozilla_prdts_addr_bar_spoofing_vuln_lin.nasl trunk/openvas-plugins/scripts/gb_mozilla_prdts_addr_bar_spoofing_vuln_win.nasl trunk/openvas-plugins/scripts/gb_ms_ie_li_element_dos_vuln_sep09.nasl Modified: trunk/openvas-plugins/ChangeLog Log: Added new plugins Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2009-09-02 09:15:03 UTC (rev 4816) +++ trunk/openvas-plugins/ChangeLog 2009-09-02 09:50:45 UTC (rev 4817) @@ -1,3 +1,17 @@ +2009-09-02 Chandrashekhar B + + * scripts/gb_flock_detect_win.nasl, + scripts/gb_apple_safari_js_uri_xss_vuln_sep09.nasl, + scripts/gb_mozilla_prdts_addr_bar_spoofing_vuln_lin.nasl, + scripts/gb_flock_detect_lin.nasl, + scripts/gb_flock_addr_bar_spoofing_vuln_win.nasl, + scripts/gb_mozilla_prdts_addr_bar_spoofing_vuln_win.nasl, + scripts/gb_avant_browser_addr_bar_spoofing_vuln.nasl, + scripts/gb_flock_addr_bar_spoofing_vuln_lin.nasl, + scripts/gb_ms_ie_li_element_dos_vuln_sep09.nasl, + scripts/gb_avant_browser_detect.nasl: + Added new plugins. + 2009-09-02 Felix Wolfsteller * scripts/toolcheck.nasl: Removed ovaldi version number output, Added: trunk/openvas-plugins/scripts/gb_apple_safari_js_uri_xss_vuln_sep09.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_apple_safari_js_uri_xss_vuln_sep09.nasl 2009-09-02 09:15:03 UTC (rev 4816) +++ trunk/openvas-plugins/scripts/gb_apple_safari_js_uri_xss_vuln_sep09.nasl 2009-09-02 09:50:45 UTC (rev 4817) @@ -0,0 +1,86 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_apple_safari_js_uri_xss_vuln_sep09.nasl 4417 2009-09-02 18:35:26Z sep $ +# +# Apple Safari 'javascript: URI' XSS Vulnerability - Sep09 +# +# Authors: +# Sharath S +# +# Copyright: +# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800873); + script_version("$Revision: 1.0 $"); + script_cve_id("CVE-2009-3016"); + script_name("Apple Safari 'javascript: URI' XSS Vulnerability - Sep09"); + desc = " + Overview: This host is installed with Apple Safari Web Browser and is prone + to Cross-Site Scripting vulnerability. + + Vulnerability Insight: + Error occurs when application fails to sanitise the 'javascript:' and 'data:' + URIs in Refresh headers in HTTP responses, which can be exploited via vectors + related to injecting a Refresh header. + + Impact: + Successful exploitation will let the attackers to conduct Cross-Site Scripting + attacks in the victim's system. + + Impact Level: Application + + Affected Software/OS: + Apple Safari version 4.0.3 on Windows. + + Fix: No solution or patch is available as on 02nd September, 2009. Information + regarding this issue will be updated once the solution details are available. + For updates refer, http://www.apple.com/support/downloads + + References: + http://websecurity.com.ua/3386/ + + CVSS Score: + CVSS Base Score : 4.3 (AV:N/AC:M/Au:NR/C:N/I:P/A:N) + CVSS Temporal Score : 3.9 + Risk factor: Medium"; + + script_description(desc); + script_summary("Check for the version of Apple Safari"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 Intevation GmbH"); + script_family("General"); + script_dependencies("secpod_apple_safari_detect_win_900003.nasl"); + script_require_keys("AppleSafari/Version"); + exit(0); +} + + +include("version_func.inc"); + +safariVer = get_kb_item("AppleSafari/Version"); +if(isnull(safariVer)) +{ + log_message(data:"gb_apple_safari_js_uri_xss_vuln_sep09.nasl:Exit due to NULL value return from KB for Apple Safari"); + exit(0); +} + +# Check for Apple Safari Version < 4.0.3 (4.31.9.1) +if(version_is_equal(version:safariVer, test_version:"4.31.9.1")){ + security_warning(0); +} Property changes on: trunk/openvas-plugins/scripts/gb_apple_safari_js_uri_xss_vuln_sep09.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/gb_avant_browser_addr_bar_spoofing_vuln.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_avant_browser_addr_bar_spoofing_vuln.nasl 2009-09-02 09:15:03 UTC (rev 4816) +++ trunk/openvas-plugins/scripts/gb_avant_browser_addr_bar_spoofing_vuln.nasl 2009-09-02 09:50:45 UTC (rev 4817) @@ -0,0 +1,87 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_avant_browser_addr_bar_spoofing_vuln.nasl 4378 2009-09-02 11:59:29Z sep $ +# +# Avant Browser Address Bar Spoofing Vulnerability +# +# Authors: +# Sharath S +# +# Copyright: +# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800871); + script_version("$Revision: 1.0 $"); + script_cve_id("CVE-2009-3004"); + script_name("Avant Browser Address Bar Spoofing Vulnerability"); + desc = " + Overview: This host is installed with Avant Browser and is prone to Address + Bar Spoofing vulnerability. + + Vulnerability Insight: + Address bar can be spoofed via 'window.open()' with a relative URI, to + show an arbitrary URL on the web site visited by the victim, as demonstrated + by a visit to an attacker-controlled web page, which triggers a spoofed login + form for the site containing that page. + + Impact: + Successful exploitation lets the attackers to spoof parts of the address bar + and modify page content on a host that a user may consider partly trusted. + + Impact Level: Application + + Affected Software/OS: + Avant Browser version 11.7 Build 35 and 36 on Windows. + + Fix: No solution or patch is available as on 2nd September 2009, Information + regarding this issue will be updated once the solution details are available. + For updates refer, http://www.avantbrowser.com/ + + References: + http://lostmon.blogspot.com/2009/08/multiple-browsers-fake-url-folder-file.html + + CVSS Score: + CVSS Base Score : 4.3 (AV:N/AC:M/Au:NR/C:N/I:P/A:N) + CVSS Temporal Score : 3.9 + Risk factor: Medium"; + + script_description(desc); + script_summary("Check for the version of Avant Browser"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 Intevation GmbH"); + script_family("General"); + script_dependencies("gb_avant_browser_detect.nasl"); + script_require_keys("AvantBrowser/Ver"); + exit(0); +} + + +include("version_func.inc"); + +abVer = get_kb_item("AvantBrowser/Ver"); +if(!abVer){ + log_message(data:"gb_avant_browser_addr_bar_spoofing_vuln.nasl:Avant Browser is not installed"); + exit(0); +} + +# Check for Avant Browser version 11.7 Build 35 and 36 +if(version_is_equal(version:abVer, test_version:"11.7.0.35")|| + version_is_equal(version:abVer, test_version:"11.7.0.36")){ + security_warning(0); +} Property changes on: trunk/openvas-plugins/scripts/gb_avant_browser_addr_bar_spoofing_vuln.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/gb_avant_browser_detect.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_avant_browser_detect.nasl 2009-09-02 09:15:03 UTC (rev 4816) +++ trunk/openvas-plugins/scripts/gb_avant_browser_detect.nasl 2009-09-02 09:50:45 UTC (rev 4817) @@ -0,0 +1,145 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_avant_browser_detect.nasl 4378 2009-09-02 10:50:29Z sep $ +# +# Avant Browser Version Detection +# +# Authors: +# Sharath S +# +# Copyright: +# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800870); + script_version("$Revision: 1.0 $"); + script_name("Avant Browser Version Detection"); + desc = " + Overview: This script detects the installed version of Avant Browser + and sets the result in KB. + + Risk Factor: Informational"; + + script_description(desc); + script_summary("Set KB for the version of Avant Browser"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 Intevation GmbH"); + script_family("Service detection"); + script_dependencies("secpod_reg_enum.nasl"); + script_require_keys("SMB/WindowsVersion"); + script_require_ports(139, 445); + return NULL; +} + + +include("smb_nt.inc"); +include("secpod_smb_func.inc"); + + +function AvantGetVersion(file, share) +{ + file = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1", string:file); + + soc = open_sock_tcp(port); + if(!soc){ + return NULL; + } + + r = smb_session_request(soc:soc, remote:name); + if(!r) + { + close(soc); + return NULL; + } + + prot = smb_neg_prot(soc:soc); + if(!prot) + { + close(soc); + return NULL; + } + + r = smb_session_setup(soc:soc, login:login, password:pass, + domain:domain, prot:prot); + if(!r) + { + close(soc); + return NULL; + } + + uid = session_extract_uid(reply:r); + r = smb_tconx(soc:soc, name:name, uid:uid, share:share); + + tid = tconx_extract_tid(reply:r); + if(!tid) + { + close(soc); + return NULL; + } + + fid = OpenAndX(socket:soc, uid:uid, tid:tid, file:file); + if(!fid) + { + close(soc); + return NULL; + } + avantVer = GetVersion(socket:soc, uid:uid, tid:tid, fid:fid, offset:250000); + + if(avantVer) + return avantVer; + else + return NULL; +} + + +if(!get_kb_item("SMB/WindowsVersion")){ + exit(0); +} + +path = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AvantBrowser"; +avantName = registry_get_sz(key:path, item:"DisplayName"); + +if("Avant Browser" >< avantName) +{ + avantPath = registry_get_sz(key:path, item:"UninstallString"); + avantPath = eregmatch(pattern:'\"(.*)\"', string:avantPath); + share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:avantPath[1]); + + foreach item (make_list("avant.exe", "iexplore.exe", "abrowser.exe")) + { + path1 = avantPath[1] - "uninst.exe" + item; + avantVer = AvantGetVersion(file:path1, share:share); + + if(!isnull(avantVer) && avantVer =~ "^0\.0\..*") + { + path2 = avantPath[1] - "uninst.exe" + "abrowser.ini"; + file = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1", string:path2); + read = read_file(file:file, share:share, offset:0, count:20000); + avantVer = eregmatch(pattern:"VersionInfo=([0-9.]+)", string:read); + + if(!isnull(avantVer[1])) + avantVer = avantVer[1]; + } + + if(!isnull(avantVer)) + { + set_kb_item(name:"AvantBrowser/Ver", value:avantVer); + exit(0); + } + } +} Property changes on: trunk/openvas-plugins/scripts/gb_avant_browser_detect.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/gb_flock_addr_bar_spoofing_vuln_lin.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_flock_addr_bar_spoofing_vuln_lin.nasl 2009-09-02 09:15:03 UTC (rev 4816) +++ trunk/openvas-plugins/scripts/gb_flock_addr_bar_spoofing_vuln_lin.nasl 2009-09-02 09:50:45 UTC (rev 4817) @@ -0,0 +1,85 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_flock_addr_bar_spoofing_vuln_lin.nasl 4375 2009-08-31 17:03:29Z aug $ +# +# Flock Address Bar Spoofing Vulnerability (Linux) +# +# Authors: +# Sharath S +# +# Copyright: +# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800880); + script_version("$Revision: 1.0 $"); + script_cve_id("CVE-2009-3007"); + script_name("Flock Address Bar Spoofing Vulnerability (Linux)"); + desc = " + Overview: This host is installed with Flock Browser and is prone to Address + Bar Spoofing vulnerability. + + Vulnerability Insight: + Error exists when opening a new window using 'window.open()', which can be + exploited to display spoofed content in the browser window while the address + bar shows an arbitrary path on a possibly trusted host. + + Impact: + Successful exploitation lets the attackers to spoof parts of the address bar + and modify page content on a host that a user may consider partly trusted. + + Impact Level: Application + + Affected Software/OS: + Flock version 2.5.1 on Linux. + + Fix: No solution or patch is available as on 02nd September, 2009. Information + regarding this issue will be updated once the solution details are available. + For updates refer, http://www.mozilla.com/en-US/ + + References: + http://lostmon.blogspot.com/2009/08/multiple-browsers-fake-url-folder-file.html + + CVSS Score: + CVSS Base Score : 4.3 (AV:N/AC:M/Au:NR/C:N/I:P/A:N) + CVSS Temporal Score : 3.9 + Risk factor: Medium"; + + script_description(desc); + script_summary("Check for the version of Flock Browser"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 Intevation GmbH"); + script_family("General"); + script_dependencies("gb_flock_detect_lin.nasl"); + script_require_keys("Flock/Linux/Ver"); + exit(0); +} + + +include("version_func.inc"); + +# Flock Check +flockVer = get_kb_item("Flock/Linux/Ver"); + +if(flockVer != NULL) +{ + # Grep for Flock version 2.5.1 + if(version_is_equal(version:flockVer, test_version:"2.5.1")){ + security_warning(0); + } +} Property changes on: trunk/openvas-plugins/scripts/gb_flock_addr_bar_spoofing_vuln_lin.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/gb_flock_addr_bar_spoofing_vuln_win.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_flock_addr_bar_spoofing_vuln_win.nasl 2009-09-02 09:15:03 UTC (rev 4816) +++ trunk/openvas-plugins/scripts/gb_flock_addr_bar_spoofing_vuln_win.nasl 2009-09-02 09:50:45 UTC (rev 4817) @@ -0,0 +1,85 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_flock_addr_bar_spoofing_vuln_win.nasl 4375 2009-08-31 16:23:29Z aug $ +# +# Flock Address Bar Spoofing Vulnerability (Win) +# +# Authors: +# Sharath S +# +# Copyright: +# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800879); + script_version("$Revision: 1.0 $"); + script_cve_id("CVE-2009-3007"); + script_name("Flock Address Bar Spoofing Vulnerability (Win)"); + desc = " + Overview: This host is installed with Flock Browser and is prone to Address + Bar Spoofing vulnerability. + + Vulnerability Insight: + Error exists when opening a new window using 'window.open()', which can be + exploited to display spoofed content in the browser window while the address + bar shows an arbitrary path on a possibly trusted host. + + Impact: + Successful exploitation lets the attackers to spoof parts of the address bar + and modify page content on a host that a user may consider partly trusted. + + Impact Level: Application + + Affected Software/OS: + Flock version 2.5.1 on Windows. + + Fix: No solution or patch is available as on 02nd September, 2009. Information + regarding this issue will be updated once the solution details are available. + For updates refer, http://www.mozilla.com/en-US/ + + References: + http://lostmon.blogspot.com/2009/08/multiple-browsers-fake-url-folder-file.html + + CVSS Score: + CVSS Base Score : 4.3 (AV:N/AC:M/Au:NR/C:N/I:P/A:N) + CVSS Temporal Score : 3.9 + Risk factor: Medium"; + + script_description(desc); + script_summary("Check for the version of Flock Browser"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 Intevation GmbH"); + script_family("General"); + script_dependencies("gb_flock_detect_win.nasl"); + script_require_keys("Flock/Win/Ver"); + exit(0); +} + + +include("version_func.inc"); + +# Flock Check +flockVer = get_kb_item("Flock/Win/Ver"); + +if(flockVer != NULL) +{ + # Grep for Flock version 2.5.1 + if(version_is_equal(version:flockVer, test_version:"2.5.1")){ + security_warning(0); + } +} Property changes on: trunk/openvas-plugins/scripts/gb_flock_addr_bar_spoofing_vuln_win.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/gb_flock_detect_lin.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_flock_detect_lin.nasl 2009-09-02 09:15:03 UTC (rev 4816) +++ trunk/openvas-plugins/scripts/gb_flock_detect_lin.nasl 2009-09-02 09:50:45 UTC (rev 4817) @@ -0,0 +1,73 @@ +############################################################################## +# OpenVAS Vulnerability Test +# $Id: gb_flock_detect_lin.nasl 4375 2009-08-31 18:02:24Z aug $ +# +# Flock Version Detection (Linux) +# +# Authors: +# Sharath S +# +# Copyright: +# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800878); + script_version("$Revision: 1.0 $"); + script_name("Flock Version Detection (Linux)"); + desc = " + Overview: This script detects the installed version of Flock Browser and + sets the result in KB. + + Risk Factor: Informational"; + + script_description(desc); + script_summary("Set KB for the version of Flock Browser"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 Intevation GmbH"); + script_family("Service detection"); + exit(0); +} + + +include("ssh_func.inc"); +include("version_func.inc"); + +f_soc = ssh_login_or_reuse_connection(); +if(isnull(f_soc)){ + log_message(data:"gb_flock_detect_win.nasl:SSH login failed"); + exit(0); +} + +foreach item (make_list("flock-browser", "flock")) +{ + flock_paths = find_file(file_name:item, file_path:"/", useregex:TRUE, + regexpar:"$", sock:f_soc); + if(!isnull(flock_paths)) + { + foreach binaryName (flock_paths) + { + flockVer = get_bin_version(full_prog_name:chomp(binaryName), sock:f_soc, + version_argv:"--version", ver_pattern:"Flock "+ + "Browser ([0-9]\.[0-9.]+((b|rc)[0-9])?)"); + if(!isnull(flockVer[1])){ + set_kb_item(name:"Flock/Linux/Ver", value:flockVer[1]); + } + } + } +} +ssh_close_connection(); Added: trunk/openvas-plugins/scripts/gb_flock_detect_win.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_flock_detect_win.nasl 2009-09-02 09:15:03 UTC (rev 4816) +++ trunk/openvas-plugins/scripts/gb_flock_detect_win.nasl 2009-09-02 09:50:45 UTC (rev 4817) @@ -0,0 +1,71 @@ +############################################################################## +# OpenVAS Vulnerability Test +# $Id: gb_flock_detect_win.nasl 4375 2009-08-31 17:38:24Z aug $ +# +# Flock Version Detection (Win) +# +# Authors: +# Sharath S +# +# Copyright: +# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800877); + script_version("$Revision: 1.0 $"); + script_name("Flock Version Detection (Win)"); + desc = " + Overview: This script detects the installed version of Flock Browser and + sets the result in KB. + + Risk Factor: Informational"; + + script_description(desc); + script_summary("Set KB for the version of Flock Browser"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 Intevation GmbH"); + script_family("Service detection"); + script_dependencies("secpod_reg_enum.nasl"); + script_require_keys("SMB/WindowsVersion"); + script_require_ports(139, 445); + exit(0); +} + + +include("smb_nt.inc"); +include("secpod_smb_func.inc"); + +if(!get_kb_item("SMB/WindowsVersion")) +{ + log_message(data:"gb_flock_detect_win.nasl:Non-Windows Platform found"); + exit(0); +} + +if(!registry_key_exists(key:"SOFTWARE\Flock\Flock")){ + log_message(data:"gb_flock_detect_win.nasl:Flock is not installed"); + exit(0); +} + +foreach item (registry_enum_keys(key:"SOFTWARE\Flock\Flock")) +{ + flockVer = eregmatch(pattern:"([0-9]\.[0-9.]+((b|rc)[0-9])?)", string:item); + + if(!isnull(flockVer[1])){ + set_kb_item(name:"Flock/Win/Ver", value:flockVer[1]); + } +} Property changes on: trunk/openvas-plugins/scripts/gb_flock_detect_win.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/gb_mozilla_prdts_addr_bar_spoofing_vuln_lin.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_mozilla_prdts_addr_bar_spoofing_vuln_lin.nasl 2009-09-02 09:15:03 UTC (rev 4816) +++ trunk/openvas-plugins/scripts/gb_mozilla_prdts_addr_bar_spoofing_vuln_lin.nasl 2009-09-02 09:50:45 UTC (rev 4817) @@ -0,0 +1,101 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_mozilla_prdts_addr_bar_spoofing_vuln_lin.nasl 4375 2009-08-31 20:03:29Z aug $ +# +# Mozilla Products Address Bar Spoofing Vulnerability (Linux) +# +# Authors: +# Sharath S +# +# Copyright: +# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800876); + script_version("$Revision: 1.0 $"); + script_cve_id("CVE-2009-3007"); + script_name("Mozilla Products Address Bar Spoofing Vulnerability (Linux)"); + desc = " + Overview: This host is installed with Mozilla Products and is prone to Address + Bar Spoofing vulnerability. + + Vulnerability Insight: + Error exists when opening a new window using 'window.open()', which can be + exploited to display spoofed content in the browser window while the address + bar shows an arbitrary path on a possibly trusted host. + + Impact: + Successful exploitation lets the attackers to spoof parts of the address bar + and modify page content on a host that a user may consider partly trusted. + + Impact Level: Application + + Affected Software/OS: + Mozilla Firefox version 3.5.1 and 3.5.2, Seamonkey 1.1.17 and on Linux. + + Fix: No solution or patch is available as on 02nd September, 2009. Information + regarding this issue will be updated once the solution details are available. + For updates refer, http://www.mozilla.com/en-US/ + + References: + http://lostmon.blogspot.com/2009/08/multiple-browsers-fake-url-folder-file.html + + CVSS Score: + CVSS Base Score : 4.3 (AV:N/AC:M/Au:NR/C:N/I:P/A:N) + CVSS Temporal Score : 3.9 + Risk factor: Medium"; + + script_description(desc); + script_summary("Check for the version of Mozilla Products"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 Intevation GmbH"); + script_family("General"); + script_dependencies("gb_firefox_detect_lin.nasl", + "gb_seamonkey_detect_lin.nasl"); + script_require_keys("Firefox/Linux/Ver", "Seamonkey/Linux/Ver"); + exit(0); +} + + +include("version_func.inc"); + +# Firefox Check +ffVer = get_kb_item("Firefox/Linux/Ver"); + +if(ffVer) +{ + # Grep for Firefox version 3.5.1 and 3.5.2 + if(version_is_equal(version:ffVer, test_version:"3.5.1")|| + version_is_equal(version:ffVer, test_version:"3.5.2")) + { + security_warning(0); + log_message(data:"Exit due to Firefox Vulnerable version is Found"); + exit(0); + } +} + +# Seamonkey Check +smVer = get_kb_item("Seamonkey/Linux/Ver"); + +if(smVer != NULL) +{ + # Grep for Seamonkey version 1.1.17 + if(version_is_equal(version:smVer, test_version:"1.1.17")){ + security_warning(0); + } +} Property changes on: trunk/openvas-plugins/scripts/gb_mozilla_prdts_addr_bar_spoofing_vuln_lin.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/gb_mozilla_prdts_addr_bar_spoofing_vuln_win.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_mozilla_prdts_addr_bar_spoofing_vuln_win.nasl 2009-09-02 09:15:03 UTC (rev 4816) +++ trunk/openvas-plugins/scripts/gb_mozilla_prdts_addr_bar_spoofing_vuln_win.nasl 2009-09-02 09:50:45 UTC (rev 4817) @@ -0,0 +1,101 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_mozilla_prdts_addr_bar_spoofing_vuln_win.nasl 4375 2009-08-31 16:23:29Z aug $ +# +# Mozilla Products Address Bar Spoofing Vulnerability (Win) +# +# Authors: +# Sharath S +# +# Copyright: +# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800875); + script_version("$Revision: 1.0 $"); + script_cve_id("CVE-2009-3007"); + script_name("Mozilla Products Address Bar Spoofing Vulnerability (Win)"); + desc = " + Overview: This host is installed with Mozilla Products and is prone to Address + Bar Spoofing vulnerability. + + Vulnerability Insight: + Error exists when opening a new window using 'window.open()', which can be + exploited to display spoofed content in the browser window while the address + bar shows an arbitrary path on a possibly trusted host. + + Impact: + Successful exploitation lets the attackers to spoof parts of the address bar + and modify page content on a host that a user may consider partly trusted. + + Impact Level: Application + + Affected Software/OS: + Mozilla Firefox version 3.5.1 and 3.5.2, Seamonkey 1.1.17 and on Windows. + + Fix: No solution or patch is available as on 02nd September, 2009. Information + regarding this issue will be updated once the solution details are available. + For updates refer, http://www.mozilla.com/en-US/ + + References: + http://lostmon.blogspot.com/2009/08/multiple-browsers-fake-url-folder-file.html + + CVSS Score: + CVSS Base Score : 4.3 (AV:N/AC:M/Au:NR/C:N/I:P/A:N) + CVSS Temporal Score : 3.9 + Risk factor: Medium"; + + script_description(desc); + script_summary("Check for the version of Mozilla Products"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 Intevation GmbH"); + script_family("General"); + script_dependencies("gb_firefox_detect_win.nasl", + "gb_seamonkey_detect_win.nasl"); + script_require_keys("Firefox/Win/Ver", "Seamonkey/Win/Ver"); + exit(0); +} + + +include("version_func.inc"); + +# Firefox Check +ffVer = get_kb_item("Firefox/Win/Ver"); + +if(ffVer) +{ + # Grep for Firefox version 3.5.1 and 3.5.2 + if(version_is_equal(version:ffVer, test_version:"3.5.1")|| + version_is_equal(version:ffVer, test_version:"3.5.2")) + { + security_warning(0); + log_message(data:"Exit due to Firefox Vulnerable version is Found"); + exit(0); + } +} + +# Seamonkey Check +smVer = get_kb_item("Seamonkey/Win/Ver"); + +if(smVer != NULL) +{ + # Grep for Seamonkey version 1.1.17 + if(version_is_equal(version:smVer, test_version:"1.1.17")){ + security_warning(0); + } +} Property changes on: trunk/openvas-plugins/scripts/gb_mozilla_prdts_addr_bar_spoofing_vuln_win.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/gb_ms_ie_li_element_dos_vuln_sep09.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_ms_ie_li_element_dos_vuln_sep09.nasl 2009-09-02 09:15:03 UTC (rev 4816) +++ trunk/openvas-plugins/scripts/gb_ms_ie_li_element_dos_vuln_sep09.nasl 2009-09-02 09:50:45 UTC (rev 4817) @@ -0,0 +1,91 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_ms_ie_li_element_dos_vuln_sep09.nasl 4415 2009-08-31 17:09:24Z aug $ +# +# Microsoft Internet Explorer 'li' Element DoS Vulnerability - Sep09 +# +# Authors: +# Sharath S +# +# Copyright: +# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800872); + script_version("$Revision: 1.0 $"); + script_cve_id("CVE-2009-3019"); + script_bugtraq_id(36070); + script_name("Microsoft Internet Explorer 'li' Element DoS Vulnerability - Sep09"); + desc = " + Overview: This host has Internet Explorer installed and is prone to Denial + of Service vulnerability. + + Vulnerability Insight: + Error exists when application fails to handle a crafted JavaScript code, that + calls 'createElement' to create an instance of the 'li' element, and then + calls 'setAttribute' to set the value attribute. + + Impact: + Successful exploitation could allow remote attackers can cause the application + to crash. + + Impact Level: Application + + Affected Software/OS: + Microsoft, Internet Explorer version 6.x on Windows XP SP2/SP3 + + Fix: Upgrade to Internet Explorer version 8 or 8 beta 2 + http://www.microsoft.com/windows/internet-explorer/default.aspx + + References: + http://www.milw0rm.com/exploits/9455 + http://downloads.securityfocus.com/vulnerabilities/exploits/36070-1.html + http://downloads.securityfocus.com/vulnerabilities/exploits/36070-3.txt + https://connect.microsoft.com/IE/feedback/ViewFeedback.aspx?FeedbackID=338599 + + CVSS Score: + CVSS Base Score : 5.0 (AV:N/AC:L/Au:NR/C:N/I:N/A:P) + CVSS Temporal Score : 3.9 + Risk factor: Medium"; + + script_description(desc); + script_summary("Check for the Version of Internet Explorer"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 Intevation GmbH"); + script_family("Denial of Service"); + script_dependencies("gb_ms_ie_detect.nasl"); + script_require_keys("MS/IE/Version"); + script_require_ports(139, 445); + exit(0); +} + + +include("smb_nt.inc"); +include("secpod_smb_func.inc"); + +# Check for XP SP3 +SP = get_kb_item("SMB/WinXP/ServicePack"); +if(("Service Pack 3" >< SP) || ("Service Pack 2" >< SP)) +{ + # Get for Internet Explorer Version + ieVer = get_kb_item("MS/IE/Version"); + # Check for IE 6 + if(ieVer =~ "^6\..*"){ + security_warning(0); + } +} Property changes on: trunk/openvas-plugins/scripts/gb_ms_ie_li_element_dos_vuln_sep09.nasl ___________________________________________________________________ Name: svn:executable + * From scm-commit at wald.intevation.org Wed Sep 2 12:26:58 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 2 Sep 2009 12:26:58 +0200 (CEST) Subject: [Openvas-commits] r4818 - trunk/doc/website Message-ID: <20090902102658.B4E5A85C7319@pyrosoma.intevation.org> Author: mwiegand Date: 2009-09-02 12:26:57 +0200 (Wed, 02 Sep 2009) New Revision: 4818 Modified: trunk/doc/website/index.htm4 Log: Updated plugin count and release information. Modified: trunk/doc/website/index.htm4 =================================================================== --- trunk/doc/website/index.htm4 2009-09-02 09:50:45 UTC (rev 4817) +++ trunk/doc/website/index.htm4 2009-09-02 10:26:57 UTC (rev 4818) @@ -43,20 +43,19 @@ The OpenVAS structure

-Status: (as of June 10th, 2009) +Status: (as of September 2nd, 2009)

  • The OpenVAS NVT Feed service offers more -than 12,100 signed scripts. +than 13,100 signed scripts.
  • A small number of NVTs inherited from Nessus are still broken because they depend on a non-free component.
  • The latest releases:
      -
    • openvas-libraries 2.0.3 (June 10th, 2009) -
    • openvas-client 2.0.4 (June 5th, 2009) -
    • openvas-server 2.0.2 (June 3rd, 2009) -
    • openvas-plugins 1.0.7 (May 28th, 2009) -
    • openvas-libnasl 2.0.1 (February 12th, 2009) +
    • openvas-server 2.0.3 (August 19th, 2009) +
    • openvas-libnasl 2.0.2 (August 18th, 2009) +
    • openvas-libraries 2.0.4 (August 17th, 2009) +
    • openvas-client 2.0.5 (August 13th, 2009)
From scm-commit at wald.intevation.org Wed Sep 2 16:15:53 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 2 Sep 2009 16:15:53 +0200 (CEST) Subject: [Openvas-commits] r4819 - in trunk/openvas-manager: . src Message-ID: <20090902141553.4E3A3852FD64@pyrosoma.intevation.org> Author: mattm Date: 2009-09-02 16:15:52 +0200 (Wed, 02 Sep 2009) New Revision: 4819 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/otp.c Log: Add OTP ERROR handling. * src/otp.c (server_state_t): Add new state. (sync_buffer): Move up in file. (parse_server_error): New function. (process_otp_server_input): Handle OTP ERROR. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2009-09-02 10:26:57 UTC (rev 4818) +++ trunk/openvas-manager/ChangeLog 2009-09-02 14:15:52 UTC (rev 4819) @@ -1,3 +1,12 @@ +2009-09-02 Matthew Mundell + + Add OTP ERROR handling. + + * src/otp.c (server_state_t): Add new state. + (sync_buffer): Move up in file. + (parse_server_error): New function. + (process_otp_server_input): Handle OTP ERROR. + 2009-09-02 Michael Wiegand Post release version bump. Modified: trunk/openvas-manager/src/otp.c =================================================================== --- trunk/openvas-manager/src/otp.c 2009-09-02 10:26:57 UTC (rev 4818) +++ trunk/openvas-manager/src/otp.c 2009-09-02 14:15:52 UTC (rev 4819) @@ -623,6 +623,7 @@ SERVER_DEBUG_HOST, SERVER_DEBUG_NUMBER, SERVER_DEBUG_OID, + SERVER_ERROR, SERVER_HOLE_DESCRIPTION, SERVER_HOLE_HOST, SERVER_HOLE_NUMBER, @@ -735,6 +736,58 @@ extern buffer_size_t from_server_end; /** + * @brief "Synchronise" the \ref from_server buffer. + * + * Move any OTP in the \ref from_server buffer to the front of the buffer. + * + * @return 0 success, -1 \ref from_server is full. + */ +static int +sync_buffer () +{ + if (from_server_start > 0 && from_server_start == from_server_end) + { + from_server_start = from_server_end = 0; + tracef (" server start caught end\n"); + } + else if (from_server_start == 0) + { + if (from_server_end == from_buffer_size) + { + // FIX if the buffer is entirely full here then exit + // (or will hang waiting for buffer to empty) + // this could happen if the server sends a field with length >= buffer length + // could realloc buffer + // which may eventually use all mem and bring down manager + // would only bring down the process serving the client + // may lead to out of mem in other processes? + // could realloc to an upper limit within avail mem + tracef (" server buffer full\n"); + return -1; + } + } + else + { + /* Move the remaining partial line to the front of the buffer. This + * ensures that there is space after the partial line into which + * serve_omp can read the rest of the line. */ + char* start = from_server + from_server_start; + from_server_end -= from_server_start; + memmove (from_server, start, from_server_end); + from_server_start = 0; +#if TRACE + from_server[from_server_end] = '\0'; + //tracef (" new from_server: %s\n", from_server); + tracef (" new from_server_start: %" BUFFER_SIZE_T_FORMAT "\n", + from_server_start); + tracef (" new from_server_end: %" BUFFER_SIZE_T_FORMAT "\n", + from_server_end); +#endif + } + return 0; +} + +/** * @brief Parse the final field of a certificate in a certificate list. * * @param messages A pointer into the OTP input buffer. @@ -831,6 +884,103 @@ } /** + * @brief Parse the description in an ERROR message. + * + * @param messages A pointer into the OTP input buffer. + * + * @return 0 success, -1 fail, -2 too few characters (need more input). + */ +static int +parse_server_error (char** messages) +{ + char err; + char *end = *messages + from_server_end - from_server_start; + + /* OTP has two error messages. One ends with a newline, the other ends + * with a "<|> SERVER" field (and a newline). The GTK client is + * hardcoded to handle these two error types. */ + + while (*messages < end && ((*messages)[0] == ' ' || (*messages)[0] == '\n')) + { (*messages)++; from_server_start++; } + if ((int) (end - *messages) < 5) + /* Too few characters to be the error number, return to select to + * wait for more input. */ + return -2; + if (sscanf (*messages, "E00%c ", &err) != 1) + { + tracef (" server fail: failed to parse error message number\n"); + return -1; + } + from_server_start += 5; + (*messages) += 5; + switch (err) + { + case '1': + { + int length = strlen ("- Invalid port range <|>"); + + /* Parse "- Invalid port range". */ + + if ((int) (end - *messages) < length) + /* Too few characters, return to select to wait for more input. */ + return -2; + + if (strncmp (*messages, "- Invalid port range <|>", length)) + { + tracef (" server fail: failed to parse error description\n"); + tracef (" server fail: messages was: %.*s\n", + length, + *messages); + return -1; + } + + g_warning ("%s: Received \"invalid port range\" ERROR message\n", + __FUNCTION__); + + from_server_start += length; + (*messages) += length; + + /* TODO: Somehow show that the scan had an error. The server has + * stopped the task anyway -- the next message is SCAN_END. */ + + set_server_state (SERVER_DONE); + switch (parse_server_done (messages)) + { + case -1: return -1; + case -2: + /* Need more input. */ + if (sync_buffer ()) return -1; + return -1; + } + } + break; + + case '2': + { + char *match; + if ((match = memchr (*messages, + (int) '\n', + from_server_end - from_server_start))) + { + from_server_start += match - *messages; + *messages = match; + + /* TODO: Parse the list of hosts and note that permissions + * prevented those scans. */ + + set_server_state (SERVER_TOP); + } + else + /* Need more input for a newline. */ + return -2; + } + break; + } + + return 0; +} + +/** * @brief FIX Parse the final SERVER field of an OTP message. * * @param messages A pointer into the OTP input buffer. @@ -1076,58 +1226,6 @@ } /** - * @brief "Synchronise" the \ref from_server buffer. - * - * Move any OTP in the \ref from_server buffer to the front of the buffer. - * - * @return 0 success, -1 \ref from_server is full. - */ -static int -sync_buffer () -{ - if (from_server_start > 0 && from_server_start == from_server_end) - { - from_server_start = from_server_end = 0; - tracef (" server start caught end\n"); - } - else if (from_server_start == 0) - { - if (from_server_end == from_buffer_size) - { - // FIX if the buffer is entirely full here then exit - // (or will hang waiting for buffer to empty) - // this could happen if the server sends a field with length >= buffer length - // could realloc buffer - // which may eventually use all mem and bring down manager - // would only bring down the process serving the client - // may lead to out of mem in other processes? - // could realloc to an upper limit within avail mem - tracef (" server buffer full\n"); - return -1; - } - } - else - { - /* Move the remaining partial line to the front of the buffer. This - * ensures that there is space after the partial line into which - * serve_omp can read the rest of the line. */ - char* start = from_server + from_server_start; - from_server_end -= from_server_start; - memmove (from_server, start, from_server_end); - from_server_start = 0; -#if TRACE - from_server[from_server_end] = '\0'; - //tracef (" new from_server: %s\n", from_server); - tracef (" new from_server_start: %" BUFFER_SIZE_T_FORMAT "\n", - from_server_start); - tracef (" new from_server_end: %" BUFFER_SIZE_T_FORMAT "\n", - from_server_end); -#endif - } - return 0; -} - -/** * @brief Process any lines available in \ref from_server. * * Update server information according to the input from the server. @@ -1513,6 +1611,9 @@ } break; } + case SERVER_ERROR: + assert (0); + break; case SERVER_HOLE_DESCRIPTION: { if (current_message) @@ -2050,6 +2151,25 @@ set_server_state (SERVER_BYE); else if (strcasecmp ("DEBUG", field) == 0) set_server_state (SERVER_HOLE_HOST); + else if (strcasecmp ("ERROR", field) == 0) + { + set_server_state (SERVER_ERROR); + switch (parse_server_error (&messages)) + { + case 0: + /* parse_server_error can read across a <|>, + * because one ERROR case is newline terminated + * while the other is "<|> SERVER" terminated, + * so adjust input. */ + input = messages; + break; + case -1: return -1; + case -2: + /* Need more input. */ + if (sync_buffer ()) return -1; + return 0; + } + } else if (strcasecmp ("HOLE", field) == 0) set_server_state (SERVER_HOLE_HOST); else if (strcasecmp ("INFO", field) == 0) From scm-commit at wald.intevation.org Wed Sep 2 16:40:58 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 2 Sep 2009 16:40:58 +0200 (CEST) Subject: [Openvas-commits] r4820 - in trunk/openvas-manager: . src Message-ID: <20090902144058.7B2CA85C7306@pyrosoma.intevation.org> Author: mattm Date: 2009-09-02 16:40:57 +0200 (Wed, 02 Sep 2009) New Revision: 4820 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/otp.c Log: * src/otp.c (parse_server_error): Set the task state to Internal Error for E001. (process_otp_server_input): In SERVER_TIME_SCAN_END leave the task state as Internal Error when it is Internal Error. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2009-09-02 14:15:52 UTC (rev 4819) +++ trunk/openvas-manager/ChangeLog 2009-09-02 14:40:57 UTC (rev 4820) @@ -1,5 +1,12 @@ 2009-09-02 Matthew Mundell + * src/otp.c (parse_server_error): Set the task state to Internal Error + for E001. + (process_otp_server_input): In SERVER_TIME_SCAN_END leave the task state + as Internal Error when it is Internal Error. + +2009-09-02 Matthew Mundell + Add OTP ERROR handling. * src/otp.c (server_state_t): Add new state. Modified: trunk/openvas-manager/src/otp.c =================================================================== --- trunk/openvas-manager/src/otp.c 2009-09-02 14:15:52 UTC (rev 4819) +++ trunk/openvas-manager/src/otp.c 2009-09-02 14:40:57 UTC (rev 4820) @@ -940,8 +940,9 @@ from_server_start += length; (*messages) += length; - /* TODO: Somehow show that the scan had an error. The server has - * stopped the task anyway -- the next message is SCAN_END. */ + if (current_server_task) + set_task_run_status (current_server_task, + TASK_STATUS_INTERNAL_ERROR); set_server_state (SERVER_DONE); switch (parse_server_done (messages)) @@ -2404,6 +2405,8 @@ { switch (task_run_status (current_server_task)) { + case TASK_STATUS_INTERNAL_ERROR: + break; case TASK_STATUS_STOP_REQUESTED: set_task_run_status (current_server_task, TASK_STATUS_STOPPED); From scm-commit at wald.intevation.org Wed Sep 2 18:11:41 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 2 Sep 2009 18:11:41 +0200 (CEST) Subject: [Openvas-commits] r4821 - in trunk/openvas-manager: . src Message-ID: <20090902161141.10AA985C7312@pyrosoma.intevation.org> Author: mattm Date: 2009-09-02 18:11:40 +0200 (Wed, 02 Sep 2009) New Revision: 4821 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/tasks_sql.h Log: * src/tasks_sql.h (task_second_last_report_id): Use scan_run_status as "finished" criterion, as task_last_report_id does. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2009-09-02 14:40:57 UTC (rev 4820) +++ trunk/openvas-manager/ChangeLog 2009-09-02 16:11:40 UTC (rev 4821) @@ -1,5 +1,10 @@ 2009-09-02 Matthew Mundell + * src/tasks_sql.h (task_second_last_report_id): Use scan_run_status as + "finished" criterion, as task_last_report_id does. + +2009-09-02 Matthew Mundell + * src/otp.c (parse_server_error): Set the task state to Internal Error for E001. (process_otp_server_input): In SERVER_TIME_SCAN_END leave the task state Modified: trunk/openvas-manager/src/tasks_sql.h =================================================================== --- trunk/openvas-manager/src/tasks_sql.h 2009-09-02 14:40:57 UTC (rev 4820) +++ trunk/openvas-manager/src/tasks_sql.h 2009-09-02 16:11:40 UTC (rev 4821) @@ -1247,9 +1247,10 @@ { return sql_string (0, 1, "SELECT uuid FROM reports WHERE task = %llu" - " AND LENGTH(end_time) > 0" + " AND scan_run_status = %u" " ORDER BY date DESC LIMIT 2;", - task); + task, + TASK_STATUS_DONE); } From scm-commit at wald.intevation.org Wed Sep 2 21:52:25 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 2 Sep 2009 21:52:25 +0200 (CEST) Subject: [Openvas-commits] r4822 - in trunk/openvas-manager: . src Message-ID: <20090902195225.03DD485C730C@pyrosoma.intevation.org> Author: mattm Date: 2009-09-02 21:52:24 +0200 (Wed, 02 Sep 2009) New Revision: 4822 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/manage.h trunk/openvas-manager/src/openvasmd.c trunk/openvas-manager/src/tasks_sql.h Log: Add database migration support. * src/openvasmd.c (main): Add a migrate option. Add the supported database version to the version string. * src/tasks_sql.h (backup_db, restore_db, manage_db_supported_version) (manage_db_version, migrate_is_available, manage_migrate): New functions. (migrator_t): New type. (database_migrators): New variable. * src/manage.h: Update headers. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2009-09-02 16:11:40 UTC (rev 4821) +++ trunk/openvas-manager/ChangeLog 2009-09-02 19:52:24 UTC (rev 4822) @@ -1,5 +1,18 @@ 2009-09-02 Matthew Mundell + Add database migration support. + + * src/openvasmd.c (main): Add a migrate option. Add the supported + database version to the version string. + + * src/tasks_sql.h (backup_db, restore_db, manage_db_supported_version) + (manage_db_version, migrate_is_available, manage_migrate): New functions. + (migrator_t): New type. + (database_migrators): New variable. + * src/manage.h: Update headers. + +2009-09-02 Matthew Mundell + * src/tasks_sql.h (task_second_last_report_id): Use scan_run_status as "finished" criterion, as task_last_report_id does. Modified: trunk/openvas-manager/src/manage.h =================================================================== --- trunk/openvas-manager/src/manage.h 2009-09-02 16:11:40 UTC (rev 4821) +++ trunk/openvas-manager/src/manage.h 2009-09-02 19:52:24 UTC (rev 4822) @@ -88,6 +88,18 @@ authenticate (credentials_t*); +/* Database migration. */ + +int +manage_db_supported_version (); + +int +manage_db_version (); + +int +manage_migrate (GSList *log_config); + + /* Task structures. */ short server_active; Modified: trunk/openvas-manager/src/openvasmd.c =================================================================== --- trunk/openvas-manager/src/openvasmd.c 2009-09-02 16:11:40 UTC (rev 4821) +++ trunk/openvas-manager/src/openvasmd.c 2009-09-02 19:52:24 UTC (rev 4822) @@ -499,6 +499,7 @@ /* Process options. */ + static gboolean migrate_database = FALSE; static gboolean update_nvt_cache = FALSE; static gboolean foreground = FALSE; static gboolean print_version = FALSE; @@ -513,6 +514,7 @@ = { { "foreground", 'f', 0, G_OPTION_ARG_NONE, &foreground, "Run in foreground.", NULL }, { "listen", 'a', 0, G_OPTION_ARG_STRING, &manager_address_string, "Listen on
.", "
" }, + { "migrate", 'm', 0, G_OPTION_ARG_NONE, &migrate_database, "Migrate the database and exit.", NULL }, { "port", 'p', 0, G_OPTION_ARG_STRING, &manager_port_string, "Use port number .", "" }, { "slisten", 'l', 0, G_OPTION_ARG_STRING, &server_address_string, "Server (openvasd) address.", "
" }, { "sport", 's', 0, G_OPTION_ARG_STRING, &server_port_string, "Server (openvasd) port number.", "" }, @@ -532,8 +534,11 @@ if (print_version) { - printf ("openvasmd (%s) %s for %s\n", - PROGNAME, OPENVASMD_VERSION, OPENVAS_OS_NAME); + printf ("openvasmd (%s) %s with db %i for %s\n", + PROGNAME, + OPENVASMD_VERSION, + manage_db_supported_version (), + OPENVAS_OS_NAME); printf ("Copyright (C) 2009 Greenbone Networks GmbH\n\n"); exit (EXIT_SUCCESS); } @@ -570,6 +575,36 @@ tracef (" OpenVAS Manager\n"); + if (migrate_database) + { + tracef (" Migrating database.\n"); + + /* Migrate the database to the version supported by this manager. */ + switch (manage_migrate (log_config)) + { + case 0: + tracef (" Migration succeeded.\n"); + return EXIT_SUCCESS; + case 1: + g_warning ("%s: database is already at the supported version\n", + __FUNCTION__); + return EXIT_SUCCESS; + case 2: + g_warning ("%s: database migration too hard\n", + __FUNCTION__); + return EXIT_FAILURE; + case -1: + g_critical ("%s: database migration failed\n", + __FUNCTION__); + return EXIT_FAILURE; + default: + assert (0); + g_critical ("%s: strange return from manage_migrate\n", + __FUNCTION__); + return EXIT_FAILURE; + } + } + /* Complete option processing. */ if (server_address_string == NULL) Modified: trunk/openvas-manager/src/tasks_sql.h =================================================================== --- trunk/openvas-manager/src/tasks_sql.h 2009-09-02 16:11:40 UTC (rev 4821) +++ trunk/openvas-manager/src/tasks_sql.h 2009-09-02 19:52:24 UTC (rev 4822) @@ -321,6 +321,207 @@ } +/* Migration. */ + +/** + * @brief Backup the database to a file. + * + * @return Name of backup file. + */ +gchar * +backup_db () +{ + // FIX ensure lock on db and db synced first + return NULL; +} + +/** + * @brief Restore the database from a file. + * + * @param Name of backup file. + * + * @return 0 success, -1 fail. + */ +int +restore_db () +{ + // FIX ensure lock on db and db synced first + return -1; +} + +/** + * @brief Return the database version supported by this manager. + * + * @return Database version supported by this manager. + */ +int +manage_db_supported_version () +{ + return DATABASE_VERSION; +} + +/** + * @brief Return the database version supported by this manager. + * + * @return Database version supported by this manager if found, else -1. + */ +int +manage_db_version () +{ + int number; + char *version = sql_string (0, 0, + "SELECT value FROM meta" + " WHERE name = 'database_version' LIMIT 1;"); + if (number) + { + number = atoi (version); + free (version); + return number; + } + return -1; +} + +/** + * @brief A migrator. + */ +typedef struct +{ + int version; ///< Version that the migrator produces. + int (*function) (); ///< Function that does the migration. NULL if too hard. +} migrator_t; + +#if 0 +/** + * @brief Migrate the database from version 0 to version 1. + * + * @return 0 success, -1 error. + */ +int +migrate_0_to_1 () +{ + /* Ensure that the database is currently version 0. */ + if (manage_db_version () != 0) return -1; + + /* Update the database. */ + + return 0; +} +#endif + +/** + * @brief Array of database version migrators. + */ +static migrator_t database_migrators[] + = {{0, NULL}, +#if 0 + {1, migrate_0_to_1}, +#endif + /* End marker. */ + {-1, NULL}}; + +/** + * @brief Check whether a migration is available. + * + * @return 1 yes, 0 no, -1 error. + */ +static int +migrate_is_available (int old_version, int new_version) +{ + migrator_t *migrators; + + migrators = database_migrators + old_version + 1; + + while ((migrators->version >= 0) && (migrators->version <= new_version)) + { + if (migrators->function == NULL) return 0; + if (migrators->version == new_version) return 1; + migrators++; + } + + return -1; +} + +/** + * @brief Migrate database to version supported by this manager. + * + * @return 0 success, 1 already on supported version, 2 too hard, -1 error. + */ +int +manage_migrate (GSList *log_config) +{ + gchar *backup_file; + migrator_t *migrators; + /* The version on the disk. */ + int old_version; + /* The version that this program requires. */ + int new_version; + + g_log_set_handler (G_LOG_DOMAIN, + ALL_LOG_LEVELS, + (GLogFunc) openvas_log_func, + log_config); + + init_manage_process (0); + + old_version = manage_db_version (); + new_version = manage_db_supported_version (); + + if (old_version == -1) + { + cleanup_manage_process (); + return -1; + } + + if (old_version == new_version) + { + cleanup_manage_process (); + return 1; + } + + switch (migrate_is_available (old_version, new_version)) + { + case -1: + cleanup_manage_process (); + return -1; + case 0: + cleanup_manage_process (); + return 2; + } + + backup_file = backup_db (); + // FIX check return + + /* Call the migrators to take the DB from the old version to the new. */ + + migrators = database_migrators + old_version + 1; + + while ((migrators->version >= 0) && (migrators->version <= new_version)) + { + if (migrators->function == NULL) + { + restore_db (backup_file); + g_free (backup_file); + cleanup_manage_process (); + return -1; + } + + if (migrators->function ()) + { + restore_db (backup_file); + g_free (backup_file); + cleanup_manage_process (); + return -1; + } + migrators++; + } + + // FIX remove backup_file + g_free (backup_file); + cleanup_manage_process (); + return 0; +} + + /* Task functions. */ void From scm-commit at wald.intevation.org Thu Sep 3 08:46:11 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 3 Sep 2009 08:46:11 +0200 (CEST) Subject: [Openvas-commits] r4823 - trunk/doc/website Message-ID: <20090903064611.92366852FD67@pyrosoma.intevation.org> Author: jan Date: 2009-09-03 08:46:10 +0200 (Thu, 03 Sep 2009) New Revision: 4823 Modified: trunk/doc/website/openvas-server.htm4 Log: SVN version: no -plugins nor -libnasl needed anymore for scan server. Modified: trunk/doc/website/openvas-server.htm4 =================================================================== --- trunk/doc/website/openvas-server.htm4 2009-09-02 19:52:24 UTC (rev 4822) +++ trunk/doc/website/openvas-server.htm4 2009-09-03 06:46:10 UTC (rev 4823) @@ -424,10 +424,7 @@

$ svn checkout https://svn.wald.intevation.org/svn/openvas/trunk/openvas-libraries
-$ svn checkout https://svn.wald.intevation.org/svn/openvas/trunk/openvas-libnasl
$ svn checkout https://svn.wald.intevation.org/svn/openvas/trunk/openvas-server
-$ svn checkout -https://svn.wald.intevation.org/svn/openvas/trunk/openvas-plugins

@@ -437,7 +434,7 @@

-Repeat for each module and read the corresponding INSTALL or README files. +Do the same openvas-server module and read the corresponding INSTALL or README files.

From scm-commit at wald.intevation.org Thu Sep 3 09:31:53 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 3 Sep 2009 09:31:53 +0200 (CEST) Subject: [Openvas-commits] r4824 - trunk/doc Message-ID: <20090903073153.105E6852FC1D@pyrosoma.intevation.org> Author: felix Date: 2009-09-03 09:31:52 +0200 (Thu, 03 Sep 2009) New Revision: 4824 Modified: trunk/doc/howto-release.txt Log: Add instructions on how to change version infos on index.htm4 on releases. Modified: trunk/doc/howto-release.txt =================================================================== --- trunk/doc/howto-release.txt 2009-09-03 06:46:10 UTC (rev 4823) +++ trunk/doc/howto-release.txt 2009-09-03 07:31:52 UTC (rev 4824) @@ -53,6 +53,8 @@ 12. Update doc/website/template_header.m4 with the URL to the new release, commit and "make online". +12a. Update doc/website/index.htm4 with latest release version numbers (and + mabye the plugin count), commit and "make online". 13. Update doc/website/code-quality.htm4 with the new numbers, commit and "make online". From scm-commit at wald.intevation.org Thu Sep 3 11:42:10 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 3 Sep 2009 11:42:10 +0200 (CEST) Subject: [Openvas-commits] r4825 - in trunk/openvas-plugins: . scripts Message-ID: <20090903094210.BCF03852E8C2@pyrosoma.intevation.org> Author: felix Date: 2009-09-03 11:42:08 +0200 (Thu, 03 Sep 2009) New Revision: 4825 Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/scripts/toolcheck.nasl Log: * scripts/toolcheck.nasl: Removed initial nmap check as more concrete check (with version comparison) is done later within script. Corrected version check. Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2009-09-03 07:31:52 UTC (rev 4824) +++ trunk/openvas-plugins/ChangeLog 2009-09-03 09:42:08 UTC (rev 4825) @@ -1,3 +1,9 @@ +2009-09-02 Felix Wolfsteller + + * scripts/toolcheck.nasl: Removed initial nmap check as more concrete + check (with version comparison) is done later within script. + Corrected version check. + 2009-09-02 Chandrashekhar B * scripts/gb_flock_detect_win.nasl, Modified: trunk/openvas-plugins/scripts/toolcheck.nasl =================================================================== --- trunk/openvas-plugins/scripts/toolcheck.nasl 2009-09-03 07:31:52 UTC (rev 4824) +++ trunk/openvas-plugins/scripts/toolcheck.nasl 2009-09-03 09:42:08 UTC (rev 4825) @@ -124,22 +124,6 @@ #} # -# Test for presence of Nmap -# - -if ( find_in_path("nmap") ){ - set_kb_item(name: "Tools/Present/nmap", value: TRUE); -} else { - set_kb_item(name: "Tools/Missing/nmap", value: TRUE); - summary = summary + " -Tool: nmap -Effect: Port scanning with nmap will not be available - in the port scanners selection. -"; - all_tools_available = FALSE; -} - -# # Test for presence of Ovaldi # @@ -260,10 +244,9 @@ nmap_v_out = pread(cmd: "nmap", argv: make_list("nmap", "-V")); if (nmap_v_out != NULL) { - ver = ereg_replace(pattern: ".*nmap version ([0-9.]+).*", string: v, replace: "\1", icase: TRUE); - if (ver == v) ver = NULL; + ver = ereg_replace(pattern: ".*nmap version ([0-9.]+).*", string: nmap_v_out, replace: "\1", icase: TRUE); + if (ver == nmap_v_out) ver = NULL; } - if (ver =~ "^[4-9]\.") { sufficient_nmap_found = TRUE; @@ -285,6 +268,7 @@ } + # # Send final summary as log information # From scm-commit at wald.intevation.org Thu Sep 3 12:01:03 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 3 Sep 2009 12:01:03 +0200 (CEST) Subject: [Openvas-commits] r4826 - in trunk/openvas-plugins: . scripts Message-ID: <20090903100103.9CC88852FD67@pyrosoma.intevation.org> Author: mwiegand Date: 2009-09-03 12:01:01 +0200 (Thu, 03 Sep 2009) New Revision: 4826 Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/scripts/toolcheck.nasl Log: * scripts/toolcheck.nasl: Added initial check for smbclient. Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2009-09-03 09:42:08 UTC (rev 4825) +++ trunk/openvas-plugins/ChangeLog 2009-09-03 10:01:01 UTC (rev 4826) @@ -1,5 +1,9 @@ -2009-09-02 Felix Wolfsteller +2009-09-03 Michael Wiegand + * scripts/toolcheck.nasl: Added initial check for smbclient. + +2009-09-03 Felix Wolfsteller + * scripts/toolcheck.nasl: Removed initial nmap check as more concrete check (with version comparison) is done later within script. Corrected version check. Modified: trunk/openvas-plugins/scripts/toolcheck.nasl =================================================================== --- trunk/openvas-plugins/scripts/toolcheck.nasl 2009-09-03 09:42:08 UTC (rev 4825) +++ trunk/openvas-plugins/scripts/toolcheck.nasl 2009-09-03 10:01:01 UTC (rev 4826) @@ -267,7 +267,20 @@ all_tools_available = FALSE; } +# +# Test for presence of smbclient +# +if ( find_in_path("smbclient") ){ + set_kb_item(name: "Tools/Present/smbclient", value: TRUE); +} else { + set_kb_item(name: "Tools/Missing/smbclient", value: TRUE); + summary = summary + " +Tool: smbclient +Effect: Access to SMB/CIFS servers via smbclient is not available. +"; + all_tools_available = FALSE; +} # # Send final summary as log information From scm-commit at wald.intevation.org Thu Sep 3 12:27:43 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 3 Sep 2009 12:27:43 +0200 (CEST) Subject: [Openvas-commits] r4827 - in trunk/openvas-libraries: . nasl Message-ID: <20090903102743.E70C285D91BD@pyrosoma.intevation.org> Author: felix Date: 2009-09-03 12:27:42 +0200 (Thu, 03 Sep 2009) New Revision: 4827 Modified: trunk/openvas-libraries/ChangeLog trunk/openvas-libraries/nasl/nasl_smb.c trunk/openvas-libraries/nasl/nasl_wmi.c Log: * nasl/nasl_smb.c, nasl/nasl_wmi.c: Return NULL if no version info is available, as stated in the documentation. This avoid segfaults by unguarded calls strdup and strlen. Minor reformatting. * nasl/nasl_smb.c, nasl/nasl_wmi.c: Added TODOs about possible memleaks. Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2009-09-03 10:01:01 UTC (rev 4826) +++ trunk/openvas-libraries/ChangeLog 2009-09-03 10:27:42 UTC (rev 4827) @@ -1,3 +1,11 @@ +2009-09-03 Felix Wolfsteller + + * nasl/nasl_smb.c, nasl/nasl_wmi.c: Return NULL if no version info is + available, as stated in the documentation. This avoid segfaults by + unguarded calls strdup and strlen. Minor reformatting. + + * nasl/nasl_smb.c, nasl/nasl_wmi.c: Added TODOs about possible memleaks. + 2009-09-01 Felix Wolfsteller * configure: Regenerated. Modified: trunk/openvas-libraries/nasl/nasl_smb.c =================================================================== --- trunk/openvas-libraries/nasl/nasl_smb.c 2009-09-03 10:01:01 UTC (rev 4826) +++ trunk/openvas-libraries/nasl/nasl_smb.c 2009-09-03 10:27:42 UTC (rev 4827) @@ -34,6 +34,13 @@ * via WMI. */ +/** + * @TODO Check for memleak and document reference counting in tree cells. + * In some cases, after a tree_cell (typically retc) has been allocated + * with alloc_tree_cell, it is not later freed or deref_tree_cell'ed. It + * has to evaluated if that is okay or leads to memory leaks. + */ + #include #include @@ -51,13 +58,18 @@ tree_cell * nasl_smb_versioninfo (lex_ctxt * lexic) { - char * version = smb_versioninfo(); - tree_cell *retc = alloc_tree_cell (0, NULL); + char * version = smb_versioninfo (); + tree_cell * retc = alloc_tree_cell (0, NULL); if (!retc) return NULL; + if (!version) + { + return NULL; + } + retc->type = CONST_DATA; - retc->x.str_val = strdup(version); + retc->x.str_val = strdup (version); retc->size = strlen (version); return retc; Modified: trunk/openvas-libraries/nasl/nasl_wmi.c =================================================================== --- trunk/openvas-libraries/nasl/nasl_wmi.c 2009-09-03 10:01:01 UTC (rev 4826) +++ trunk/openvas-libraries/nasl/nasl_wmi.c 2009-09-03 10:27:42 UTC (rev 4827) @@ -36,6 +36,13 @@ * 3. WMI_REGISTRY_FUNCTIONS */ +/** + * @TODO Check for memleak and document reference counting in tree cells. + * In some cases, after a tree_cell (typically retc) has been allocated + * with alloc_tree_cell, it is not later freed or deref_tree_cell'ed. It + * has to evaluated if that is okay or leads to memory leaks. + */ + #include #include @@ -53,13 +60,19 @@ tree_cell * nasl_wmi_versioninfo (lex_ctxt * lexic) { - char * version = wmi_versioninfo(); - tree_cell *retc = alloc_tree_cell (0, NULL); + char * version = wmi_versioninfo (); + tree_cell * retc = alloc_tree_cell (0, NULL); - if (!retc) return NULL; + if (!retc) + return NULL; + if (!version) + { + return NULL; + } + retc->type = CONST_DATA; - retc->x.str_val = strdup(version); + retc->x.str_val = strdup (version); retc->size = strlen (version); return retc; From scm-commit at wald.intevation.org Thu Sep 3 14:33:01 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 3 Sep 2009 14:33:01 +0200 (CEST) Subject: [Openvas-commits] r4828 - trunk/openvas-libraries Message-ID: <20090903123301.56B98852E8F8@pyrosoma.intevation.org> Author: mwiegand Date: 2009-09-03 14:32:59 +0200 (Thu, 03 Sep 2009) New Revision: 4828 Modified: trunk/openvas-libraries/ChangeLog trunk/openvas-libraries/configure trunk/openvas-libraries/configure.in trunk/openvas-libraries/openvas-libraries.tmpl.in Log: * configure.in, openvas-libraries.tmpl.in: Added support for libwmiclient detection. * configure: Regenerated. Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2009-09-03 10:27:42 UTC (rev 4827) +++ trunk/openvas-libraries/ChangeLog 2009-09-03 12:32:59 UTC (rev 4828) @@ -1,3 +1,10 @@ +2009-09-03 Michael Wiegand + + * configure.in, openvas-libraries.tmpl.in: Added support for + libwmiclient detection. + + * configure: Regenerated. + 2009-09-03 Felix Wolfsteller * nasl/nasl_smb.c, nasl/nasl_wmi.c: Return NULL if no version info is Modified: trunk/openvas-libraries/configure =================================================================== --- trunk/openvas-libraries/configure 2009-09-03 10:27:42 UTC (rev 4827) +++ trunk/openvas-libraries/configure 2009-09-03 12:32:59 UTC (rev 4828) @@ -869,6 +869,7 @@ OPENVASLIBS_PATCH OPENVASLIBS_DATE VERSION +HAVE_WMI ac_configure_args LIBOBJS LTLIBOBJS' @@ -3713,7 +3714,7 @@ ;; *-*-irix6*) # Find out which ABI we are using. - echo '#line 3716 "configure"' > conftest.$ac_ext + echo '#line 3717 "configure"' > conftest.$ac_ext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? @@ -6621,11 +6622,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:6624: $lt_compile\"" >&5) + (eval echo "\"\$as_me:6625: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:6628: \$? = $ac_status" >&5 + echo "$as_me:6629: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -6889,11 +6890,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:6892: $lt_compile\"" >&5) + (eval echo "\"\$as_me:6893: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:6896: \$? = $ac_status" >&5 + echo "$as_me:6897: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -6993,11 +6994,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:6996: $lt_compile\"" >&5) + (eval echo "\"\$as_me:6997: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:7000: \$? = $ac_status" >&5 + echo "$as_me:7001: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -9290,7 +9291,7 @@ lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext < conftest.$ac_ext <&5) + (eval echo "\"\$as_me:11730: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:11733: \$? = $ac_status" >&5 + echo "$as_me:11734: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -11830,11 +11831,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:11833: $lt_compile\"" >&5) + (eval echo "\"\$as_me:11834: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:11837: \$? = $ac_status" >&5 + echo "$as_me:11838: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -13391,11 +13392,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:13394: $lt_compile\"" >&5) + (eval echo "\"\$as_me:13395: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:13398: \$? = $ac_status" >&5 + echo "$as_me:13399: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -13495,11 +13496,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:13498: $lt_compile\"" >&5) + (eval echo "\"\$as_me:13499: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:13502: \$? = $ac_status" >&5 + echo "$as_me:13503: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -15682,11 +15683,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:15685: $lt_compile\"" >&5) + (eval echo "\"\$as_me:15686: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:15689: \$? = $ac_status" >&5 + echo "$as_me:15690: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -15950,11 +15951,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:15953: $lt_compile\"" >&5) + (eval echo "\"\$as_me:15954: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:15957: \$? = $ac_status" >&5 + echo "$as_me:15958: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -16054,11 +16055,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:16057: $lt_compile\"" >&5) + (eval echo "\"\$as_me:16058: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:16061: \$? = $ac_status" >&5 + echo "$as_me:16062: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -24331,6 +24332,74 @@ fi +{ echo "$as_me:$LINENO: checking for wmi_connect in -lwmiclient" >&5 +echo $ECHO_N "checking for wmi_connect in -lwmiclient... $ECHO_C" >&6; } +if test "${ac_cv_lib_wmiclient_wmi_connect+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lwmiclient $LIBS" +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char wmi_connect (); +int +main () +{ +return wmi_connect (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then + ac_cv_lib_wmiclient_wmi_connect=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_cv_lib_wmiclient_wmi_connect=no +fi + +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ echo "$as_me:$LINENO: result: $ac_cv_lib_wmiclient_wmi_connect" >&5 +echo "${ECHO_T}$ac_cv_lib_wmiclient_wmi_connect" >&6; } +if test $ac_cv_lib_wmiclient_wmi_connect = yes; then + HAVE_WMI="YES" +else + HAVE_WMI="NO" +fi + + llib=""; { echo "$as_me:$LINENO: checking for yylex in -ll" >&5 echo $ECHO_N "checking for yylex in -ll... $ECHO_C" >&6; } @@ -25485,6 +25554,7 @@ + ac_config_files="$ac_config_files openvas-libraries.tmpl libopenvas-config include/libvers.h" cat >confcache <<\_ACEOF @@ -26246,12 +26316,13 @@ OPENVASLIBS_PATCH!$OPENVASLIBS_PATCH$ac_delim OPENVASLIBS_DATE!$OPENVASLIBS_DATE$ac_delim VERSION!$VERSION$ac_delim +HAVE_WMI!$HAVE_WMI$ac_delim ac_configure_args!$ac_configure_args$ac_delim LIBOBJS!$LIBOBJS$ac_delim LTLIBOBJS!$LTLIBOBJS$ac_delim _ACEOF - if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 6; then + if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 7; then break elif $ac_last_try; then { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5 Modified: trunk/openvas-libraries/configure.in =================================================================== --- trunk/openvas-libraries/configure.in 2009-09-03 10:27:42 UTC (rev 4827) +++ trunk/openvas-libraries/configure.in 2009-09-03 12:32:59 UTC (rev 4828) @@ -334,6 +334,8 @@ AC_CHECK_LIB(resolv, inet_aton, AC_DEFINE(HAVE_INET_ATON)) AC_CHECK_LIB(nsl, inet_aton, AC_DEFINE(HAVE_INET_ATON)) +AC_CHECK_LIB(wmiclient, wmi_connect, HAVE_WMI="YES", HAVE_WMI="NO") + llib=""; AC_CHECK_LIB(l, yylex, llib=-ll) test -z "$llib" && @@ -566,6 +568,7 @@ AC_SUBST(OPENVASLIBS_PATCH) AC_SUBST(OPENVASLIBS_DATE) AC_SUBST(VERSION) +AC_SUBST(HAVE_WMI) AC_SUBST(ac_configure_args) dnl And we put everything in THREE files Modified: trunk/openvas-libraries/openvas-libraries.tmpl.in =================================================================== --- trunk/openvas-libraries/openvas-libraries.tmpl.in 2009-09-03 10:27:42 UTC (rev 4827) +++ trunk/openvas-libraries/openvas-libraries.tmpl.in 2009-09-03 12:32:59 UTC (rev 4828) @@ -75,4 +75,4 @@ #libraries GLIB_CFLAGS=@GLIB_CFLAGS@ GLIB_LIBS=@GLIB_LIBS@ - +HAVE_WMI=@HAVE_WMI@ From scm-commit at wald.intevation.org Thu Sep 3 15:04:18 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 3 Sep 2009 15:04:18 +0200 (CEST) Subject: [Openvas-commits] r4829 - in trunk/openvas-libraries: . nasl Message-ID: <20090903130418.A47AA852F532@pyrosoma.intevation.org> Author: felix Date: 2009-09-03 15:04:17 +0200 (Thu, 03 Sep 2009) New Revision: 4829 Modified: trunk/openvas-libraries/ChangeLog trunk/openvas-libraries/Makefile trunk/openvas-libraries/libopenvas-config.in trunk/openvas-libraries/nasl/CMakeLists.txt Log: * Makefile: Pass HAVE_WMI client to cmake if libwmiclient was found during configure step. * libopenvas-config.in: Add -lwmiclient to linker flags if libwmiclient found during configure step. * nasl/CMakeLists.txt: Link against wmiclient if libwmiclient was found during configure step. Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2009-09-03 12:32:59 UTC (rev 4828) +++ trunk/openvas-libraries/ChangeLog 2009-09-03 13:04:17 UTC (rev 4829) @@ -1,3 +1,14 @@ +2009-09-03 Felix Wolfsteller + + * Makefile: Pass HAVE_WMI client to cmake if libwmiclient was found + during configure step. + + * libopenvas-config.in: Add -lwmiclient to linker flags if libwmiclient + found during configure step. + + * nasl/CMakeLists.txt: Link against wmiclient if libwmiclient was found + during configure step. + 2009-09-03 Michael Wiegand * configure.in, openvas-libraries.tmpl.in: Added support for Modified: trunk/openvas-libraries/Makefile =================================================================== --- trunk/openvas-libraries/Makefile 2009-09-03 12:32:59 UTC (rev 4828) +++ trunk/openvas-libraries/Makefile 2009-09-03 13:04:17 UTC (rev 4829) @@ -30,7 +30,7 @@ ALLDEPS = openvas-libraries.tmpl all: $(ALLDEPS) - cd base && cmake -DCMAKE_INSTALL_PREFIX=$(DESTDIR)${prefix} && ${MAKE} + cd base && cmake -DCMAKE_INSTALL_PREFIX=$(DESTDIR)${prefix} -DHAVE_WMI=$(HAVE_WMI) && ${MAKE} cd hg && ${MAKE} cd misc && ${MAKE} cd nasl && cmake -DCMAKE_INSTALL_PREFIX=$(DESTDIR)${prefix} && ${MAKE} Modified: trunk/openvas-libraries/libopenvas-config.in =================================================================== --- trunk/openvas-libraries/libopenvas-config.in 2009-09-03 12:32:59 UTC (rev 4828) +++ trunk/openvas-libraries/libopenvas-config.in 2009-09-03 13:04:17 UTC (rev 4829) @@ -38,8 +38,8 @@ EXTRA="@EXTRA@ @llib@" EGDPATH="@egdpath@" NASLLIBS="@NASLLIBS@" +HAVE_WMI="@HAVE_WMI@" - usage() { echo "Usage : libopenvas-config [ --cflags | --libs | --version | --egd ]" @@ -64,7 +64,11 @@ exit 0 ;; --libs) - echo $Xn "-L$LIBDIR -lopenvasmisc -lopenvashg -lopenvas_base $EXTRA -lopenvas_nasl $NASLLIBS $Xc" + if [ HAVE_WMI = "NO" ]; then + echo $Xn "-L$LIBDIR -lopenvasmisc -lopenvashg -lopenvas_base -lwmiclient $EXTRA -lopenvas_nasl $NASLLIBS $Xc" + else + echo $Xn "-L$LIBDIR -lopenvasmisc -lopenvashg -lopenvas_base $EXTRA -lopenvas_nasl $NASLLIBS $Xc" + fi ;; --cflags) echo $Xn "$DEFS -I$INCLUDEDIR/openvas $Xc" Modified: trunk/openvas-libraries/nasl/CMakeLists.txt =================================================================== --- trunk/openvas-libraries/nasl/CMakeLists.txt 2009-09-03 12:32:59 UTC (rev 4828) +++ trunk/openvas-libraries/nasl/CMakeLists.txt 2009-09-03 13:04:17 UTC (rev 4829) @@ -143,9 +143,15 @@ nasl_grammar.tab.c nasl_host.c nasl_http.c nasl_init.c nasl_lex_ctxt.c nasl_misc_funcs.c nasl_nessusd_glue.c nasl_packet_forgery.c nasl_signature.c nasl_smb.c nasl_socket.c nasl_text_utils.c nasl_tree.c - nasl_var.c nasl_wmi.c preparse.c regex.c smb_interface_stub.c strutils.c - wmi_interface_stub.c) + nasl_var.c nasl_wmi.c preparse.c regex.c strutils.c) +if (NOT HAVE_WMI) + set (FILES smb_interface_stub.c wmi_interface_stub.c ${FILES}) +else (NOT HAVE_WMI) + set (WMI_LIBS -lwmiclient) +endif (NOT HAVE_WMI) + + SET_SOURCE_FILES_PROPERTIES(nasl_grammar.tab.c GENERATED) ## Pass-throughs @@ -158,12 +164,14 @@ include_directories (../include) add_library (openvas_nasl_static STATIC ${FILES}) -set_target_properties (openvas_nasl_static PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") +target_link_libraries (openvas_nasl_static LINK_INTERFACE_LIBRARIES GLIB-2.0) + +set_target_properties (openvas_nasl_static PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS} ${WMI_LIBS}") set_target_properties (openvas_nasl_static PROPERTIES OUTPUT_NAME "openvas_nasl") set_target_properties (openvas_nasl_static PROPERTIES CLEAN_DIRECT_OUTPUT 1) add_library (openvas_nasl_shared SHARED ${FILES}) -set_target_properties (openvas_nasl_shared PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS}") +set_target_properties (openvas_nasl_shared PROPERTIES COMPILE_FLAGS "${GLIB_CFLAGS} ${WMI_LIBS}") set_target_properties (openvas_nasl_shared PROPERTIES OUTPUT_NAME "openvas_nasl") set_target_properties (openvas_nasl_shared PROPERTIES CLEAN_DIRECT_OUTPUT 1) From scm-commit at wald.intevation.org Thu Sep 3 15:26:47 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 3 Sep 2009 15:26:47 +0200 (CEST) Subject: [Openvas-commits] r4830 - trunk/openvas-libraries Message-ID: <20090903132647.65DB685D91B0@pyrosoma.intevation.org> Author: felix Date: 2009-09-03 15:26:46 +0200 (Thu, 03 Sep 2009) New Revision: 4830 Modified: trunk/openvas-libraries/ChangeLog trunk/openvas-libraries/libopenvas-config.in Log: * libopenvas-config.in: Corrected inverted logic: Add -lwmiclient to linker flags if libwmiclient found during configure step. Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2009-09-03 13:04:17 UTC (rev 4829) +++ trunk/openvas-libraries/ChangeLog 2009-09-03 13:26:46 UTC (rev 4830) @@ -1,5 +1,10 @@ 2009-09-03 Felix Wolfsteller + * libopenvas-config.in: Corrected inverted logic: Add -lwmiclient to + linker flags if libwmiclient found during configure step. + +2009-09-03 Felix Wolfsteller + * Makefile: Pass HAVE_WMI client to cmake if libwmiclient was found during configure step. Modified: trunk/openvas-libraries/libopenvas-config.in =================================================================== --- trunk/openvas-libraries/libopenvas-config.in 2009-09-03 13:04:17 UTC (rev 4829) +++ trunk/openvas-libraries/libopenvas-config.in 2009-09-03 13:26:46 UTC (rev 4830) @@ -65,9 +65,9 @@ ;; --libs) if [ HAVE_WMI = "NO" ]; then + echo $Xn "-L$LIBDIR -lopenvasmisc -lopenvashg -lopenvas_base $EXTRA -lopenvas_nasl $NASLLIBS $Xc" + else echo $Xn "-L$LIBDIR -lopenvasmisc -lopenvashg -lopenvas_base -lwmiclient $EXTRA -lopenvas_nasl $NASLLIBS $Xc" - else - echo $Xn "-L$LIBDIR -lopenvasmisc -lopenvashg -lopenvas_base $EXTRA -lopenvas_nasl $NASLLIBS $Xc" fi ;; --cflags) From scm-commit at wald.intevation.org Thu Sep 3 15:30:41 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 3 Sep 2009 15:30:41 +0200 (CEST) Subject: [Openvas-commits] r4831 - trunk/openvas-libraries Message-ID: <20090903133041.4086D85D91B0@pyrosoma.intevation.org> Author: felix Date: 2009-09-03 15:30:40 +0200 (Thu, 03 Sep 2009) New Revision: 4831 Modified: trunk/openvas-libraries/ChangeLog trunk/openvas-libraries/Makefile Log: * Makefile: Install nasl.h header. Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2009-09-03 13:26:46 UTC (rev 4830) +++ trunk/openvas-libraries/ChangeLog 2009-09-03 13:30:40 UTC (rev 4831) @@ -1,5 +1,9 @@ 2009-09-03 Felix Wolfsteller + * Makefile: Install nasl.h header. + +2009-09-03 Felix Wolfsteller + * libopenvas-config.in: Corrected inverted logic: Add -lwmiclient to linker flags if libwmiclient found during configure step. Modified: trunk/openvas-libraries/Makefile =================================================================== --- trunk/openvas-libraries/Makefile 2009-09-03 13:26:46 UTC (rev 4830) +++ trunk/openvas-libraries/Makefile 2009-09-03 13:30:40 UTC (rev 4831) @@ -74,6 +74,7 @@ $(INSTALL) -m 0444 misc/store.h $(DESTDIR)${includedir}/openvas $(INSTALL) -m 0444 misc/system.h $(DESTDIR)${includedir}/openvas $(INSTALL) -m 0444 misc/www_funcs.h $(DESTDIR)${includedir}/openvas + $(INSTALL) -m 0444 nasl/nasl.h $(DESTDIR)${includedir}/openvas $(INSTALL) -m 0444 base/nvti.h $(DESTDIR)${includedir}/openvas $(INSTALL) -m 0444 base/certificate.h $(DESTDIR)${includedir}/openvas test -d $(DESTDIR)${bindir} || ${INSTALL_DIR} -m 755 $(DESTDIR)${bindir} From scm-commit at wald.intevation.org Thu Sep 3 16:18:04 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Thu, 3 Sep 2009 16:18:04 +0200 (CEST) Subject: [Openvas-commits] r4832 - in trunk/openvas-plugins: . scripts Message-ID: <20090903141804.A6F0D852FD67@pyrosoma.intevation.org> Author: chandra Date: 2009-09-03 16:18:01 +0200 (Thu, 03 Sep 2009) New Revision: 4832 Added: trunk/openvas-plugins/scripts/gb_dotnetnuke_auth_bypass_vuln.nasl trunk/openvas-plugins/scripts/gb_dotnetnuke_detect.nasl trunk/openvas-plugins/scripts/gb_dotnetnuke_installwizard_info_disc_vuln.nasl trunk/openvas-plugins/scripts/gb_dotnetnuke_skin_sec_bypass_vuln.nasl trunk/openvas-plugins/scripts/gb_google_chrome_js_uri_xss_vuln_sep09.nasl trunk/openvas-plugins/scripts/gb_ikiwiki_detect.nasl trunk/openvas-plugins/scripts/gb_ikiwiki_teximg_info_disclosure_vuln.nasl trunk/openvas-plugins/scripts/gb_pidgin_mult_vuln_sep09_lin.nasl trunk/openvas-plugins/scripts/gb_pidgin_mult_vuln_sep09_win.nasl Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/cve_current.txt Log: Added new plugins Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2009-09-03 13:30:40 UTC (rev 4831) +++ trunk/openvas-plugins/ChangeLog 2009-09-03 14:18:01 UTC (rev 4832) @@ -1,3 +1,16 @@ +2009-09-03 Chandrashekhar B + + * scripts/gb_google_chrome_js_uri_xss_vuln_sep09.nasl, + scripts/gb_pidgin_mult_vuln_sep09_win.nasl, + scripts/gb_dotnetnuke_skin_sec_bypass_vuln.nasl, + scripts/gb_ikiwiki_detect.nasl, + scripts/gb_dotnetnuke_installwizard_info_disc_vuln.nasl, + scripts/gb_dotnetnuke_detect.nasl, + scripts/gb_pidgin_mult_vuln_sep09_lin.nasl, + scripts/gb_dotnetnuke_auth_bypass_vuln.nasl, + scripts/gb_ikiwiki_teximg_info_disclosure_vuln.nasl: + Added new plugins. + 2009-09-03 Michael Wiegand * scripts/toolcheck.nasl: Added initial check for smbclient. Modified: trunk/openvas-plugins/cve_current.txt =================================================================== --- trunk/openvas-plugins/cve_current.txt 2009-09-03 13:30:40 UTC (rev 4831) +++ trunk/openvas-plugins/cve_current.txt 2009-09-03 14:18:01 UTC (rev 4832) @@ -198,9 +198,9 @@ CVE-2009-2964 SecPod svn R CVE-2009-2959 SecPod CVE-2009-2967 SecPod -CVE-2008-7102 SecPod -CVE-2008-7101 SecPod -CVE-2008-7100 SecPod +CVE-2008-7102 SecPod svn R +CVE-2008-7101 SecPod svn R +CVE-2008-7100 SecPod svn R CVE-2009-2935 SecPod svn L CVE-2009-2975 SecPod svn L CVE-2009-2974 SecPod svn L @@ -210,23 +210,40 @@ CVE-2008-7087 SecPod CVE-2009-3008 SecPod CVE-2009-3003 SecPod svn L -CVE-2009-3004 SecPod +CVE-2009-3004 SecPod svn L CVE-2009-3005 SecPod CVE-2009-3006 SecPod -CVE-2009-3007 SecPod -CVE-2009-3016 SecPod +CVE-2009-3007 SecPod svn L +CVE-2009-3016 SecPod svn L CVE-2009-3010 SecPod CVE-2009-3014 SecPod CVE-2009-3012 SecPod CVE-2009-3013 SecPod -CVE-2009-3019 SecPod +CVE-2009-3019 SecPod svn L CVE-2009-3015 SecPod CVE-2009-3017 SecPod -CVE-2009-3011 SecPod +CVE-2009-3011 SecPod svn L CVE-2009-3023 SecPod -CVE-2009-3026 SecPod -CVE-2009-3025 SecPod -CVE-2009-3020 SecPod -CVE-2009-2944 SecPod +CVE-2009-3026 SecPod svn L +CVE-2009-3025 SecPod svn L +CVE-2009-3020 SecPod svn L +CVE-2009-2944 SecPod svn R CVE-2009-2957 mime svn R CVE-2009-2958 mime svn R +CVE-2008-7082 SecPod +CVE-2008-7135 SecPod +CVE-2008-7136 SecPod +CVE-2009-3046 SecPod +CVE-2009-3045 SecPod +CVE-2009-3044 SecPod +CVE-2009-2968 SecPod +CVE-2009-3049 SecPod +CVE-2009-3048 SecPod +CVE-2009-3047 SecPod +CVE-2009-0201 SecPod +CVE-2009-0200 SecPod +CVE-2009-3042 SecPod +CVE-2009-3040 SecPod + + + Added: trunk/openvas-plugins/scripts/gb_dotnetnuke_auth_bypass_vuln.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_dotnetnuke_auth_bypass_vuln.nasl 2009-09-03 13:30:40 UTC (rev 4831) +++ trunk/openvas-plugins/scripts/gb_dotnetnuke_auth_bypass_vuln.nasl 2009-09-03 14:18:01 UTC (rev 4832) @@ -0,0 +1,96 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_dotnetnuke_auth_bypass_vuln.nasl 4349 2009-09-02 19:06:24Z sep $ +# +# DotNetNuke Identity Authentication Bypass Vulnerability +# +# Authors: +# Antu Sanadi +# +# Copyright: +# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800684); + script_version("$Revision: 1.0$"); + script_cve_id("CVE-2008-7100"); + script_bugtraq_id(31145); + script_name("DotNetNuke Identity Authentication Bypass Vulnerability"); + desc = " + Overview: The host is installed with DotNetNuke and is prone to Authentication + Bypass vulnerability. + + Vulnerability Insight: + The vulnerability is caused due improper validation of a user identity. + + Impact: + Successful exploitation could allows remote attackers to bypass security + restrictions via unknown vectors related to a 'unique id' and impersonate + other users and possibly gain elevated pivileges. + + Impact Level: Application + + Affected Software/OS: + DotNetNuke versions 4.4.1 to 4.8.4. + + Fix: Upgrade to DotNetNuke version 4.9.0 or latest + For Updates Refer, http://www.dotnetnuke.com/ + + References: + http://xforce.iss.net/xforce/xfdb/45081 + http://www.dotnetnuke.com/News/SecurityPolicy/Securitybulletinno21/tabid/1174/Default.aspx + + CVSS Score: + CVSS Base Score : 6.5 (AV:N/AC:L/Au:SI/C:P/I:P/A:P) + CVSS Temporal Score : 4.8 + Risk factor: Medium"; + + script_description(desc); + script_summary("Check for the vVersion of DotNetNuke"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 Intevation GmbH "); + script_family("Web application abuses"); + script_dependencies("gb_dotnetnuke_detect.nasl"); + script_require_ports("Services/www", 80); + exit(0); +} + + +include("http_func.inc"); +include("version_func.inc"); + +dnnPort = get_http_port(default:80); +if(!dnnPort){ + log_message(data:"gb_dotnetnuke_auth_bypass_vuln.nasl: Required port is not open."); + exit(0); +} + +dnnVer = get_kb_item("www/" + dnnPort + "/DotNetNuke"); +if(!dnnVer){ + log_message(data:"gb_dotnetnuke_auth_bypass_vuln.nasl: + DotNetNuke is not installed."); + exit(0); +} + +dnnVer = eregmatch(pattern:"^(.+) under (/.*)$", string:dnnVer); +if(dnnVer[1] != NULL) +{ + if(version_in_range(version:dnnVer[1], test_version:"4.4.1", test_version2:"4.8.4")){ + security_warning(dnnPort); + } +} Added: trunk/openvas-plugins/scripts/gb_dotnetnuke_detect.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_dotnetnuke_detect.nasl 2009-09-03 13:30:40 UTC (rev 4831) +++ trunk/openvas-plugins/scripts/gb_dotnetnuke_detect.nasl 2009-09-03 14:18:01 UTC (rev 4832) @@ -0,0 +1,74 @@ +############################################################################## +# OpenVAS Vulnerability Test +# $Id: gb_dotnetnuke_detect.nasl 4349 2009-09-02 16:04:29Z sep $ +# +# DotNetNuke Version Detection +# +# Authors: +# Antu Sanadi +# +# Copyright: +# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +################################################################################ + +if(description) +{ + script_id(800683); + script_version("$Revision: 1.0$"); + script_name("DotNetNuke Version Detection"); + desc = " + Overview: This script detects the installed version of DotNetNuke and sets the + result in KB. + + Risk factor: Informational"; + + script_description(desc); + script_summary("Set KB for the version of DotNetNuke"); + script_category(ACT_GATHER_INFO); + script_copyright("Copyright (C) 2009 Intevation GmbH"); + script_family("Service detection"); + script_dependencies("http_version.nasl"); +