[Openvas-commits] r8923 - in trunk/openvas-plugins: . scripts
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Mon Aug 30 16:59:37 CEST 2010
Author: veerendragg
Date: 2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)
New Revision: 8923
Added:
trunk/openvas-plugins/scripts/gb_CESA-2010_0474_kernel_centos4_i386.nasl
trunk/openvas-plugins/scripts/gb_CESA-2010_0606_kernel_centos4_i386.nasl
trunk/openvas-plugins/scripts/gb_CESA-2010_0625_wireshark_centos4_i386.nasl
trunk/openvas-plugins/scripts/gb_CESA-2010_0643_openoffice.org_centos3_i386.nasl
trunk/openvas-plugins/scripts/gb_CESA-2010_0643_openoffice.org_centos4_i386.nasl
trunk/openvas-plugins/scripts/gb_CESA-2010_0653_ImageMagick_centos4_i386.nasl
trunk/openvas-plugins/scripts/gb_CESA-2010_0657_gdm_centos4_i386.nasl
trunk/openvas-plugins/scripts/gb_RHSA-2010_0643-01_openoffice.org.nasl
trunk/openvas-plugins/scripts/gb_RHSA-2010_0652-01_ImageMagick.nasl
trunk/openvas-plugins/scripts/gb_RHSA-2010_0653-01_ImageMagick.nasl
trunk/openvas-plugins/scripts/gb_RHSA-2010_0657-02_gdm.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_11343_openldap_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_11428_maniadrive_fc12.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_11428_php-eaccelerator_fc12.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_11428_php_fc12.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_11481_maniadrive_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_11481_php-eaccelerator_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_11481_php_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_12266_mapserver_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_12752_zabbix_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_13058_kernel_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_13072_bugzilla_fc12.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_13086_bugzilla_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_13110_kernel_fc12.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_13341_ruby_fc12.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_13387_ruby_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_13629_kdegraphics_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_13661_kdegraphics_fc12.nasl
trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_158.nasl
trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_159.nasl
trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_160.nasl
trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_161.nasl
trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_162.nasl
trunk/openvas-plugins/scripts/gb_ubuntu_USN_974_2.nasl
trunk/openvas-plugins/scripts/gb_ubuntu_USN_976_1.nasl
trunk/openvas-plugins/scripts/gb_ubuntu_USN_977_1.nasl
trunk/openvas-plugins/scripts/gb_ubuntu_USN_979_1.nasl
Modified:
trunk/openvas-plugins/ChangeLog
Log:
Added new LSC's
Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/ChangeLog 2010-08-30 14:59:25 UTC (rev 8923)
@@ -1,3 +1,44 @@
+2010-08-30 Veerendra G.G <veerendragg at secpod.com>
+
+ * scripts/gb_CESA-2010_0474_kernel_centos4_i386.nasl,
+ scripts/gb_fedora_2010_11428_php-eaccelerator_fc12.nasl,
+ scripts/gb_ubuntu_USN_979_1.nasl,
+ scripts/gb_ubuntu_USN_974_2.nasl,
+ scripts/gb_ubuntu_USN_976_1.nasl,
+ scripts/gb_CESA-2010_0657_gdm_centos4_i386.nasl,
+ scripts/gb_fedora_2010_11481_maniadrive_fc13.nasl,
+ scripts/gb_CESA-2010_0643_openoffice.org_centos4_i386.nasl,
+ scripts/gb_fedora_2010_13629_kdegraphics_fc13.nasl,
+ scripts/gb_fedora_2010_11428_php_fc12.nasl,
+ scripts/gb_CESA-2010_0653_ImageMagick_centos4_i386.nasl,
+ scripts/gb_mandriva_MDVSA_2010_160.nasl,
+ scripts/gb_fedora_2010_13086_bugzilla_fc13.nasl,
+ scripts/gb_fedora_2010_11481_php_fc13.nasl,
+ scripts/gb_mandriva_MDVSA_2010_158.nasl,
+ scripts/gb_fedora_2010_11343_openldap_fc13.nasl,
+ scripts/gb_RHSA-2010_0653-01_ImageMagick.nasl,
+ scripts/gb_CESA-2010_0625_wireshark_centos4_i386.nasl,
+ scripts/gb_RHSA-2010_0652-01_ImageMagick.nasl,
+ scripts/gb_fedora_2010_11481_php-eaccelerator_fc13.nasl,
+ scripts/gb_fedora_2010_13110_kernel_fc12.nasl,
+ scripts/gb_fedora_2010_11428_maniadrive_fc12.nasl,
+ scripts/gb_fedora_2010_12752_zabbix_fc13.nasl,
+ scripts/gb_CESA-2010_0606_kernel_centos4_i386.nasl,
+ scripts/gb_fedora_2010_13341_ruby_fc12.nasl,
+ scripts/gb_fedora_2010_13072_bugzilla_fc12.nasl,
+ scripts/gb_RHSA-2010_0657-02_gdm.nasl,
+ scripts/gb_mandriva_MDVSA_2010_161.nasl,
+ scripts/gb_fedora_2010_13661_kdegraphics_fc12.nasl,
+ scripts/gb_fedora_2010_12266_mapserver_fc13.nasl,
+ scripts/gb_mandriva_MDVSA_2010_159.nasl,
+ scripts/gb_RHSA-2010_0643-01_openoffice.org.nasl,
+ scripts/gb_fedora_2010_13387_ruby_fc13.nasl,
+ scripts/gb_fedora_2010_13058_kernel_fc13.nasl,
+ scripts/gb_ubuntu_USN_977_1.nasl,
+ scripts/gb_CESA-2010_0643_openoffice.org_centos3_i386.nasl,
+ scripts/gb_mandriva_MDVSA_2010_162.nasl:
+ Added new LSC's.
+
2010-08-30 Chandrashekhar B <bchandra at secpod.com>
* scripts/nmap_nse/gb_nmap_ftp_brute.nasl,
Added: trunk/openvas-plugins/scripts/gb_CESA-2010_0474_kernel_centos4_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2010_0474_kernel_centos4_i386.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_CESA-2010_0474_kernel_centos4_i386.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,180 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for kernel CESA-2010:0474 centos4 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(880414);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"7.8");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "CESA", value: "2010:0474");
+ script_cve_id("CVE-2009-3726", "CVE-2010-1173", "CVE-2010-1437");
+ script_name("CentOS Update for kernel CESA-2010:0474 centos4 i386");
+ desc = "
+
+ Vulnerability Insight:
+ The kernel packages contain the Linux kernel, the core of any Linux
+ operating system.
+
+ Security fixes:
+
+ * a NULL pointer dereference flaw was found in the Linux kernel NFSv4
+ implementation. Several of the NFSv4 file locking functions failed to check
+ whether a file had been opened on the server before performing locking
+ operations on it. A local, unprivileged user on a system with an NFSv4
+ share mounted could possibly use this flaw to cause a kernel panic (denial
+ of service) or escalate their privileges. (CVE-2009-3726, Important)
+
+ * a flaw was found in the sctp_process_unk_param() function in the Linux
+ kernel Stream Control Transmission Protocol (SCTP) implementation. A remote
+ attacker could send a specially-crafted SCTP packet to an SCTP listening
+ port on a target system, causing a kernel panic (denial of service).
+ (CVE-2010-1173, Important)
+
+ * a race condition between finding a keyring by name and destroying a freed
+ keyring was found in the Linux kernel key management facility. A local,
+ unprivileged user could use this flaw to cause a kernel panic (denial of
+ service) or escalate their privileges. (CVE-2010-1437, Important)
+
+ Red Hat would like to thank Simon Vallet for responsibly reporting
+ CVE-2009-3726; and Jukka Taimisto and Olli Jarva of Codenomicon Ltd, Nokia
+ Siemens Networks, and Wind River on behalf of their customer, for
+ responsibly reporting CVE-2010-1173.
+
+ Bug fixes:
+
+ * RHBA-2007:0791 introduced a regression in the Journaling Block Device
+ (JBD). Under certain circumstances, removing a large file (such as 300 MB
+ or more) did not result in inactive memory being freed, leading to the
+ system having a large amount of inactive memory. Now, the memory is
+ correctly freed. (BZ#589155)
+
+ * the timer_interrupt() routine did not scale lost real ticks to logical
+ ticks correctly, possibly causing time drift for 64-bit Red Hat Enterprise
+ Linux 4 KVM (Kernel-based Virtual Machine) guests that were booted with the
+ "divider=x" kernel parameter set to a value greater than 1. "warning: many
+ lost ticks" messages may have been logged on the affected guest systems.
+ (BZ#590551)
+
+ * a bug could have prevented NFSv3 clients from having the most up-to-date
+ file attributes for files on a given NFSv3 file system. In cases where a
+ file type changed, such as if a file was removed and replaced with a
+ directory of the same name, the NFSv3 client may not have noticed this
+ change until stat(2) was called (for example, by running "ls -l").
+ (BZ#596372)
+
+ * RHBA-2007:0791 introduced bugs in the Li ...
+
+ Description truncated, for more information please check the Reference URL
+
+ Affected Software/OS:
+ kernel on CentOS 4
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.centos.org/pipermail/centos-announce/2010-August/016934.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of kernel");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("CentOS Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "CentOS4")
+{
+
+ if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.9~89.0.28.EL", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.9~89.0.28.EL", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kernel-hugemem", rpm:"kernel-hugemem~2.6.9~89.0.28.EL", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kernel-hugemem-devel", rpm:"kernel-hugemem-devel~2.6.9~89.0.28.EL", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.6.9~89.0.28.EL", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kernel-smp-devel", rpm:"kernel-smp-devel~2.6.9~89.0.28.EL", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kernel-xenU", rpm:"kernel-xenU~2.6.9~89.0.28.EL", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kernel-xenU-devel", rpm:"kernel-xenU-devel~2.6.9~89.0.28.EL", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.9~89.0.28.EL", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_CESA-2010_0606_kernel_centos4_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2010_0606_kernel_centos4_i386.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_CESA-2010_0606_kernel_centos4_i386.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,156 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for kernel CESA-2010:0606 centos4 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(880417);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "CESA", value: "2010:0606");
+ script_cve_id("CVE-2010-2248", "CVE-2010-2521");
+ script_name("CentOS Update for kernel CESA-2010:0606 centos4 i386");
+ desc = "
+
+ Vulnerability Insight:
+ The kernel packages contain the Linux kernel, the core of any Linux
+ operating system.
+
+ This update fixes the following security issues:
+
+ * a flaw was found in the CIFSSMBWrite() function in the Linux kernel
+ Common Internet File System (CIFS) implementation. A remote attacker could
+ send a specially-crafted SMB response packet to a target CIFS client,
+ resulting in a kernel panic (denial of service). (CVE-2010-2248, Important)
+
+ * buffer overflow flaws were found in the Linux kernel's implementation of
+ the server-side External Data Representation (XDR) for the Network File
+ System (NFS) version 4. An attacker on the local network could send a
+ specially-crafted large compound request to the NFSv4 server, which could
+ possibly result in a kernel panic (denial of service) or, potentially, code
+ execution. (CVE-2010-2521, Important)
+
+ This update also fixes the following bug:
+
+ * the rpc_call_async() function in the SUN Remote Procedure Call (RPC)
+ subsystem in the Linux kernel had a reference counting bug. In certain
+ situations, some Network Lock Manager (NLM) messages may have triggered
+ this bug on NFSv2 and NFSv3 servers, leading to a kernel panic (with
+ "kernel BUG at fs/lockd/host.c:[xxx]!" logged to "/var/log/messages").
+ (BZ#612962)
+
+ Users should upgrade to these updated packages, which contain backported
+ patches to correct these issues. The system must be rebooted for this
+ update to take effect.
+
+
+ Affected Software/OS:
+ kernel on CentOS 4
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.centos.org/pipermail/centos-announce/2010-August/016953.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of kernel");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("CentOS Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "CentOS4")
+{
+
+ if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.9~89.0.28.EL", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.9~89.0.28.EL", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kernel-hugemem", rpm:"kernel-hugemem~2.6.9~89.0.28.EL", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kernel-hugemem-devel", rpm:"kernel-hugemem-devel~2.6.9~89.0.28.EL", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.6.9~89.0.28.EL", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kernel-smp-devel", rpm:"kernel-smp-devel~2.6.9~89.0.28.EL", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kernel-xenU", rpm:"kernel-xenU~2.6.9~89.0.28.EL", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kernel-xenU-devel", rpm:"kernel-xenU-devel~2.6.9~89.0.28.EL", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.9~89.0.28.EL", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_CESA-2010_0625_wireshark_centos4_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2010_0625_wireshark_centos4_i386.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_CESA-2010_0625_wireshark_centos4_i386.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,103 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for wireshark CESA-2010:0625 centos4 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(880413);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"10.0");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_xref(name: "CESA", value: "2010:0625");
+ script_cve_id("CVE-2010-1455", "CVE-2010-2283", "CVE-2010-2284", "CVE-2010-2286", "CVE-2010-2287", "CVE-2010-2995");
+ script_name("CentOS Update for wireshark CESA-2010:0625 centos4 i386");
+ desc = "
+
+ Vulnerability Insight:
+ Wireshark is a program for monitoring network traffic. Wireshark was
+ previously known as Ethereal.
+
+ Multiple buffer overflow flaws were found in the Wireshark SigComp
+ Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read
+ a malformed packet off a network or opened a malicious dump file, it could
+ crash or, possibly, execute arbitrary code as the user running Wireshark.
+ (CVE-2010-2287, CVE-2010-2995)
+
+ Several denial of service flaws were found in Wireshark. Wireshark could
+ crash or stop responding if it read a malformed packet off a network, or
+ opened a malicious dump file. (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284,
+ CVE-2010-2286)
+
+ Users of Wireshark should upgrade to these updated packages, which contain
+ Wireshark version 1.0.15, and resolve these issues. All running instances
+ of Wireshark must be restarted for the update to take effect.
+
+
+ Affected Software/OS:
+ wireshark on CentOS 4
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.centos.org/pipermail/centos-announce/2010-August/016932.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of wireshark");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("CentOS Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "CentOS4")
+{
+
+ if(isrpmvuln(pkg:"wireshark", rpm:"wireshark~1.0.15~1.el4_8.1", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"wireshark-gnome", rpm:"wireshark-gnome~1.0.15~1.el4_8.1", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_CESA-2010_0643_openoffice.org_centos3_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2010_0643_openoffice.org_centos3_i386.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_CESA-2010_0643_openoffice.org_centos3_i386.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,117 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for openoffice.org CESA-2010:0643 centos3 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(880412);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "CESA", value: "2010:0643");
+ script_cve_id("CVE-2010-2935", "CVE-2010-2936");
+ script_name("CentOS Update for openoffice.org CESA-2010:0643 centos3 i386");
+ desc = "
+
+ Vulnerability Insight:
+ OpenOffice.org is an office productivity suite that includes desktop
+ applications, such as a word processor, spreadsheet application,
+ presentation manager, formula editor, and a drawing program.
+
+ An integer truncation error, leading to a heap-based buffer overflow, was
+ found in the way the OpenOffice.org Impress presentation application
+ sanitized a file's dictionary property items. An attacker could use this
+ flaw to create a specially-crafted Microsoft Office PowerPoint file that,
+ when opened, would cause OpenOffice.org Impress to crash or, possibly,
+ execute arbitrary code with the privileges of the user running
+ OpenOffice.org Impress. (CVE-2010-2935)
+
+ An integer overflow flaw, leading to a heap-based buffer overflow, was
+ found in the way OpenOffice.org Impress processed polygons in input
+ documents. An attacker could use this flaw to create a specially-crafted
+ Microsoft Office PowerPoint file that, when opened, would cause
+ OpenOffice.org Impress to crash or, possibly, execute arbitrary code with
+ the privileges of the user running OpenOffice.org Impress. (CVE-2010-2936)
+
+ All users of OpenOffice.org are advised to upgrade to these updated
+ packages, which contain backported patches to correct these issues. For Red
+ Hat Enterprise Linux 3, this erratum provides updated openoffice.org
+ packages. For Red Hat Enterprise Linux 4, this erratum provides updated
+ openoffice.org and openoffice.org2 packages. All running instances of
+ OpenOffice.org applications must be restarted for this update to take
+ effect.
+
+
+ Affected Software/OS:
+ openoffice.org on CentOS 3
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.centos.org/pipermail/centos-announce/2010-August/016936.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of openoffice.org");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("CentOS Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "CentOS3")
+{
+
+ if(isrpmvuln(pkg:"openoffice.org", rpm:"openoffice.org~1.1.2~48.2.0.EL3", rls:"CentOS3"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org-i18n", rpm:"openoffice.org-i18n~1.1.2~48.2.0.EL3", rls:"CentOS3"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org-libs", rpm:"openoffice.org-libs~1.1.2~48.2.0.EL3", rls:"CentOS3"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_CESA-2010_0643_openoffice.org_centos4_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2010_0643_openoffice.org_centos4_i386.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_CESA-2010_0643_openoffice.org_centos4_i386.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,477 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for openoffice.org CESA-2010:0643 centos4 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(880415);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "CESA", value: "2010:0643");
+ script_cve_id("CVE-2010-2935", "CVE-2010-2936");
+ script_name("CentOS Update for openoffice.org CESA-2010:0643 centos4 i386");
+ desc = "
+
+ Vulnerability Insight:
+ OpenOffice.org is an office productivity suite that includes desktop
+ applications, such as a word processor, spreadsheet application,
+ presentation manager, formula editor, and a drawing program.
+
+ An integer truncation error, leading to a heap-based buffer overflow, was
+ found in the way the OpenOffice.org Impress presentation application
+ sanitized a file's dictionary property items. An attacker could use this
+ flaw to create a specially-crafted Microsoft Office PowerPoint file that,
+ when opened, would cause OpenOffice.org Impress to crash or, possibly,
+ execute arbitrary code with the privileges of the user running
+ OpenOffice.org Impress. (CVE-2010-2935)
+
+ An integer overflow flaw, leading to a heap-based buffer overflow, was
+ found in the way OpenOffice.org Impress processed polygons in input
+ documents. An attacker could use this flaw to create a specially-crafted
+ Microsoft Office PowerPoint file that, when opened, would cause
+ OpenOffice.org Impress to crash or, possibly, execute arbitrary code with
+ the privileges of the user running OpenOffice.org Impress. (CVE-2010-2936)
+
+ All users of OpenOffice.org are advised to upgrade to these updated
+ packages, which contain backported patches to correct these issues. For Red
+ Hat Enterprise Linux 3, this erratum provides updated openoffice.org
+ packages. For Red Hat Enterprise Linux 4, this erratum provides updated
+ openoffice.org and openoffice.org2 packages. All running instances of
+ OpenOffice.org applications must be restarted for this update to take
+ effect.
+
+
+ Affected Software/OS:
+ openoffice.org on CentOS 4
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.centos.org/pipermail/centos-announce/2010-August/016938.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of openoffice.org");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("CentOS Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "CentOS4")
+{
+
+ if(isrpmvuln(pkg:"openoffice.org", rpm:"openoffice.org~1.1.5~10.6.0.7.EL4.5", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-base", rpm:"openoffice.org2-base~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-calc", rpm:"openoffice.org2-calc~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-core", rpm:"openoffice.org2-core~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-draw", rpm:"openoffice.org2-draw~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-emailmerge", rpm:"openoffice.org2-emailmerge~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-graphicfilter", rpm:"openoffice.org2-graphicfilter~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-impress", rpm:"openoffice.org2-impress~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-javafilter", rpm:"openoffice.org2-javafilter~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-af_ZA", rpm:"openoffice.org2-langpack-af_ZA~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-ar", rpm:"openoffice.org2-langpack-ar~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-bg_BG", rpm:"openoffice.org2-langpack-bg_BG~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-bn", rpm:"openoffice.org2-langpack-bn~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-ca_ES", rpm:"openoffice.org2-langpack-ca_ES~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-cs_CZ", rpm:"openoffice.org2-langpack-cs_CZ~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-cy_GB", rpm:"openoffice.org2-langpack-cy_GB~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-da_DK", rpm:"openoffice.org2-langpack-da_DK~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-de", rpm:"openoffice.org2-langpack-de~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-el_GR", rpm:"openoffice.org2-langpack-el_GR~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-es", rpm:"openoffice.org2-langpack-es~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-et_EE", rpm:"openoffice.org2-langpack-et_EE~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-eu_ES", rpm:"openoffice.org2-langpack-eu_ES~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-fi_FI", rpm:"openoffice.org2-langpack-fi_FI~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-fr", rpm:"openoffice.org2-langpack-fr~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-ga_IE", rpm:"openoffice.org2-langpack-ga_IE~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-gl_ES", rpm:"openoffice.org2-langpack-gl_ES~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-gu_IN", rpm:"openoffice.org2-langpack-gu_IN~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-he_IL", rpm:"openoffice.org2-langpack-he_IL~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-hi_IN", rpm:"openoffice.org2-langpack-hi_IN~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-hr_HR", rpm:"openoffice.org2-langpack-hr_HR~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-hu_HU", rpm:"openoffice.org2-langpack-hu_HU~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-it", rpm:"openoffice.org2-langpack-it~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-ja_JP", rpm:"openoffice.org2-langpack-ja_JP~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-ko_KR", rpm:"openoffice.org2-langpack-ko_KR~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-lt_LT", rpm:"openoffice.org2-langpack-lt_LT~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-ms_MY", rpm:"openoffice.org2-langpack-ms_MY~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-nb_NO", rpm:"openoffice.org2-langpack-nb_NO~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-nl", rpm:"openoffice.org2-langpack-nl~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-nn_NO", rpm:"openoffice.org2-langpack-nn_NO~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-pa_IN", rpm:"openoffice.org2-langpack-pa_IN~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-pl_PL", rpm:"openoffice.org2-langpack-pl_PL~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-pt_BR", rpm:"openoffice.org2-langpack-pt_BR~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-pt_PT", rpm:"openoffice.org2-langpack-pt_PT~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-ru", rpm:"openoffice.org2-langpack-ru~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-sk_SK", rpm:"openoffice.org2-langpack-sk_SK~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-sl_SI", rpm:"openoffice.org2-langpack-sl_SI~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-sr_CS", rpm:"openoffice.org2-langpack-sr_CS~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-sv", rpm:"openoffice.org2-langpack-sv~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-ta_IN", rpm:"openoffice.org2-langpack-ta_IN~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-th_TH", rpm:"openoffice.org2-langpack-th_TH~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-tr_TR", rpm:"openoffice.org2-langpack-tr_TR~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-zh_CN", rpm:"openoffice.org2-langpack-zh_CN~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-zh_TW", rpm:"openoffice.org2-langpack-zh_TW~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-zu_ZA", rpm:"openoffice.org2-langpack-zu_ZA~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-math", rpm:"openoffice.org2-math~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-pyuno", rpm:"openoffice.org2-pyuno~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-testtools", rpm:"openoffice.org2-testtools~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-writer", rpm:"openoffice.org2-writer~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-xsltfilter", rpm:"openoffice.org2-xsltfilter~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org-i18n", rpm:"openoffice.org-i18n~1.1.5~10.6.0.7.EL4.5", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org-kde", rpm:"openoffice.org-kde~1.1.5~10.6.0.7.EL4.5", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org-libs", rpm:"openoffice.org-libs~1.1.5~10.6.0.7.EL4.5", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2", rpm:"openoffice.org2~2.0.4~5.7.0.6.1.el4_8.6", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_CESA-2010_0653_ImageMagick_centos4_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2010_0653_ImageMagick_centos4_i386.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_CESA-2010_0653_ImageMagick_centos4_i386.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,116 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for ImageMagick CESA-2010:0653 centos4 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(880416);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_xref(name: "CESA", value: "2010:0653");
+ script_cve_id("CVE-2009-1882");
+ script_name("CentOS Update for ImageMagick CESA-2010:0653 centos4 i386");
+ desc = "
+
+ Vulnerability Insight:
+ ImageMagick is an image display and manipulation tool for the X Window
+ System that can read and write multiple image formats.
+
+ An integer overflow flaw, leading to a heap-based buffer overflow, was
+ found in the ImageMagick routine responsible for creating X11 images. An
+ attacker could create a specially-crafted image file that, when opened by a
+ victim, would cause ImageMagick to crash or, potentially, execute arbitrary
+ code. (CVE-2009-1882)
+
+ Users of ImageMagick are advised to upgrade to these updated packages,
+ which contain a backported patch to correct this issue. All running
+ instances of ImageMagick must be restarted for this update to take effect.
+
+
+ Affected Software/OS:
+ ImageMagick on CentOS 4
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.centos.org/pipermail/centos-announce/2010-August/016940.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of ImageMagick");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("CentOS Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "CentOS4")
+{
+
+ if(isrpmvuln(pkg:"ImageMagick", rpm:"ImageMagick~6.0.7.1~20.el4_8.1", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"ImageMagick-c++", rpm:"ImageMagick-c++~6.0.7.1~20.el4_8.1", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"ImageMagick-c++-devel", rpm:"ImageMagick-c++-devel~6.0.7.1~20.el4_8.1", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"ImageMagick-devel", rpm:"ImageMagick-devel~6.0.7.1~20.el4_8.1", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"ImageMagick-perl", rpm:"ImageMagick-perl~6.0.7.1~20.el4_8.1", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_CESA-2010_0657_gdm_centos4_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2010_0657_gdm_centos4_i386.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_CESA-2010_0657_gdm_centos4_i386.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,99 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for gdm CESA-2010:0657 centos4 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(880419);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"6.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "CESA", value: "2010:0657");
+ script_cve_id("CVE-2007-5079");
+ script_name("CentOS Update for gdm CESA-2010:0657 centos4 i386");
+ desc = "
+
+ Vulnerability Insight:
+ The GNOME Display Manager (GDM) is a configurable re-implementation of XDM,
+ the X Display Manager. GDM allows you to log in to your system with the X
+ Window System running, and supports running several different X sessions on
+ your local machine at the same time.
+
+ A flaw was found in the way the gdm package was built. The gdm package was
+ missing TCP wrappers support on 64-bit platforms, which could result in an
+ administrator believing they had access restrictions enabled when they did
+ not. (CVE-2007-5079)
+
+ This update also fixes the following bug:
+
+ * sometimes the system would hang instead of properly shutting down when
+ a user chose "Shut down" from the login screen. (BZ#625818)
+
+ All users should upgrade to this updated package, which contains backported
+ patches to correct these issues. GDM must be restarted for this update to
+ take effect. Rebooting achieves this, but changing the runlevel from 5 to 3
+ and back to 5 also restarts GDM.
+
+
+ Affected Software/OS:
+ gdm on CentOS 4
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.centos.org/pipermail/centos-announce/2010-August/016948.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of gdm");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("CentOS Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "CentOS4")
+{
+
+ if(isrpmvuln(pkg:"gdm", rpm:"gdm~2.6.0.5~7.rhel4.19.el4_8.2", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_RHSA-2010_0643-01_openoffice.org.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_RHSA-2010_0643-01_openoffice.org.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_RHSA-2010_0643-01_openoffice.org.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,519 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for openoffice.org RHSA-2010:0643-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(870311);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "RHSA", value: "2010:0643-01");
+ script_cve_id("CVE-2010-2935", "CVE-2010-2936");
+ script_name("RedHat Update for openoffice.org RHSA-2010:0643-01");
+ desc = "
+
+ Vulnerability Insight:
+ OpenOffice.org is an office productivity suite that includes desktop
+ applications, such as a word processor, spreadsheet application,
+ presentation manager, formula editor, and a drawing program.
+
+ An integer truncation error, leading to a heap-based buffer overflow, was
+ found in the way the OpenOffice.org Impress presentation application
+ sanitized a file's dictionary property items. An attacker could use this
+ flaw to create a specially-crafted Microsoft Office PowerPoint file that,
+ when opened, would cause OpenOffice.org Impress to crash or, possibly,
+ execute arbitrary code with the privileges of the user running
+ OpenOffice.org Impress. (CVE-2010-2935)
+
+ An integer overflow flaw, leading to a heap-based buffer overflow, was
+ found in the way OpenOffice.org Impress processed polygons in input
+ documents. An attacker could use this flaw to create a specially-crafted
+ Microsoft Office PowerPoint file that, when opened, would cause
+ OpenOffice.org Impress to crash or, possibly, execute arbitrary code with
+ the privileges of the user running OpenOffice.org Impress. (CVE-2010-2936)
+
+ All users of OpenOffice.org are advised to upgrade to these updated
+ packages, which contain backported patches to correct these issues. For Red
+ Hat Enterprise Linux 3, this erratum provides updated openoffice.org
+ packages. For Red Hat Enterprise Linux 4, this erratum provides updated
+ openoffice.org and openoffice.org2 packages. All running instances of
+ OpenOffice.org applications must be restarted for this update to take
+ effect.
+
+
+ Affected Software/OS:
+ openoffice.org on Red Hat Enterprise Linux AS version 3,
+ Red Hat Enterprise Linux AS version 4,
+ Red Hat Enterprise Linux ES version 3,
+ Red Hat Enterprise Linux ES version 4,
+ Red Hat Enterprise Linux WS version 3,
+ Red Hat Enterprise Linux WS version 4
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://www.redhat.com/archives/rhsa-announce/2010-August/msg00026.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of openoffice.org");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "RHENT_4")
+{
+
+ if(isrpmvuln(pkg:"openoffice.org", rpm:"openoffice.org~1.1.5~10.6.0.7.EL4.5", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org-debuginfo", rpm:"openoffice.org-debuginfo~1.1.5~10.6.0.7.EL4.5", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org-i18n", rpm:"openoffice.org-i18n~1.1.5~10.6.0.7.EL4.5", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org-kde", rpm:"openoffice.org-kde~1.1.5~10.6.0.7.EL4.5", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org-libs", rpm:"openoffice.org-libs~1.1.5~10.6.0.7.EL4.5", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-base", rpm:"openoffice.org2-base~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-calc", rpm:"openoffice.org2-calc~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-core", rpm:"openoffice.org2-core~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-debuginfo", rpm:"openoffice.org2-debuginfo~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-draw", rpm:"openoffice.org2-draw~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-emailmerge", rpm:"openoffice.org2-emailmerge~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-graphicfilter", rpm:"openoffice.org2-graphicfilter~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-impress", rpm:"openoffice.org2-impress~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-javafilter", rpm:"openoffice.org2-javafilter~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-af_ZA", rpm:"openoffice.org2-langpack-af_ZA~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-ar", rpm:"openoffice.org2-langpack-ar~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-bg_BG", rpm:"openoffice.org2-langpack-bg_BG~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-bn", rpm:"openoffice.org2-langpack-bn~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-ca_ES", rpm:"openoffice.org2-langpack-ca_ES~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-cs_CZ", rpm:"openoffice.org2-langpack-cs_CZ~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-cy_GB", rpm:"openoffice.org2-langpack-cy_GB~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-da_DK", rpm:"openoffice.org2-langpack-da_DK~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-de", rpm:"openoffice.org2-langpack-de~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-el_GR", rpm:"openoffice.org2-langpack-el_GR~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-es", rpm:"openoffice.org2-langpack-es~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-et_EE", rpm:"openoffice.org2-langpack-et_EE~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-eu_ES", rpm:"openoffice.org2-langpack-eu_ES~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-fi_FI", rpm:"openoffice.org2-langpack-fi_FI~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-fr", rpm:"openoffice.org2-langpack-fr~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-ga_IE", rpm:"openoffice.org2-langpack-ga_IE~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-gl_ES", rpm:"openoffice.org2-langpack-gl_ES~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-gu_IN", rpm:"openoffice.org2-langpack-gu_IN~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-he_IL", rpm:"openoffice.org2-langpack-he_IL~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-hi_IN", rpm:"openoffice.org2-langpack-hi_IN~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-hr_HR", rpm:"openoffice.org2-langpack-hr_HR~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-hu_HU", rpm:"openoffice.org2-langpack-hu_HU~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-it", rpm:"openoffice.org2-langpack-it~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-ja_JP", rpm:"openoffice.org2-langpack-ja_JP~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-ko_KR", rpm:"openoffice.org2-langpack-ko_KR~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-lt_LT", rpm:"openoffice.org2-langpack-lt_LT~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-ms_MY", rpm:"openoffice.org2-langpack-ms_MY~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-nb_NO", rpm:"openoffice.org2-langpack-nb_NO~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-nl", rpm:"openoffice.org2-langpack-nl~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-nn_NO", rpm:"openoffice.org2-langpack-nn_NO~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-pa_IN", rpm:"openoffice.org2-langpack-pa_IN~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-pl_PL", rpm:"openoffice.org2-langpack-pl_PL~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-pt_BR", rpm:"openoffice.org2-langpack-pt_BR~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-pt_PT", rpm:"openoffice.org2-langpack-pt_PT~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-ru", rpm:"openoffice.org2-langpack-ru~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-sk_SK", rpm:"openoffice.org2-langpack-sk_SK~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-sl_SI", rpm:"openoffice.org2-langpack-sl_SI~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-sr_CS", rpm:"openoffice.org2-langpack-sr_CS~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-sv", rpm:"openoffice.org2-langpack-sv~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-ta_IN", rpm:"openoffice.org2-langpack-ta_IN~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-th_TH", rpm:"openoffice.org2-langpack-th_TH~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-tr_TR", rpm:"openoffice.org2-langpack-tr_TR~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-zh_CN", rpm:"openoffice.org2-langpack-zh_CN~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-zh_TW", rpm:"openoffice.org2-langpack-zh_TW~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-langpack-zu_ZA", rpm:"openoffice.org2-langpack-zu_ZA~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-math", rpm:"openoffice.org2-math~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-pyuno", rpm:"openoffice.org2-pyuno~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-testtools", rpm:"openoffice.org2-testtools~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-writer", rpm:"openoffice.org2-writer~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org2-xsltfilter", rpm:"openoffice.org2-xsltfilter~2.0.4~5.7.0.6.1.el4_8.6", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "RHENT_3")
+{
+
+ if(isrpmvuln(pkg:"openoffice.org", rpm:"openoffice.org~1.1.2~48.2.0.EL3", rls:"RHENT_3"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org-debuginfo", rpm:"openoffice.org-debuginfo~1.1.2~48.2.0.EL3", rls:"RHENT_3"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org-i18n", rpm:"openoffice.org-i18n~1.1.2~48.2.0.EL3", rls:"RHENT_3"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openoffice.org-libs", rpm:"openoffice.org-libs~1.1.2~48.2.0.EL3", rls:"RHENT_3"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_RHSA-2010_0652-01_ImageMagick.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_RHSA-2010_0652-01_ImageMagick.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_RHSA-2010_0652-01_ImageMagick.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,128 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for ImageMagick RHSA-2010:0652-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(870310);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_xref(name: "RHSA", value: "2010:0652-01");
+ script_cve_id("CVE-2009-1882");
+ script_name("RedHat Update for ImageMagick RHSA-2010:0652-01");
+ desc = "
+
+ Vulnerability Insight:
+ ImageMagick is an image display and manipulation tool for the X Window
+ System that can read and write multiple image formats.
+
+ An integer overflow flaw, leading to a heap-based buffer overflow, was
+ found in the ImageMagick routine responsible for creating X11 images. An
+ attacker could create a specially-crafted image file that, when opened by a
+ victim, would cause ImageMagick to crash or, potentially, execute arbitrary
+ code. (CVE-2009-1882)
+
+ This update also fixes the following bug:
+
+ * previously, portions of certain RGB images on the right side were not
+ rendered and left black when converting or displaying them. With this
+ update, RGB images display correctly. (BZ#625058)
+
+ Users of ImageMagick are advised to upgrade to these updated packages,
+ which contain backported patches to correct these issues. All running
+ instances of ImageMagick must be restarted for this update to take effect.
+
+
+ Affected Software/OS:
+ ImageMagick on Red Hat Enterprise Linux (v. 5 server)
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://www.redhat.com/archives/rhsa-announce/2010-August/msg00029.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of ImageMagick");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "RHENT_5")
+{
+
+ if(isrpmvuln(pkg:"ImageMagick", rpm:"ImageMagick~6.2.8.0~4.el5_5.2", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"ImageMagick-c++", rpm:"ImageMagick-c++~6.2.8.0~4.el5_5.2", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"ImageMagick-c++-devel", rpm:"ImageMagick-c++-devel~6.2.8.0~4.el5_5.2", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"ImageMagick-debuginfo", rpm:"ImageMagick-debuginfo~6.2.8.0~4.el5_5.2", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"ImageMagick-devel", rpm:"ImageMagick-devel~6.2.8.0~4.el5_5.2", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"ImageMagick-perl", rpm:"ImageMagick-perl~6.2.8.0~4.el5_5.2", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_RHSA-2010_0653-01_ImageMagick.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_RHSA-2010_0653-01_ImageMagick.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_RHSA-2010_0653-01_ImageMagick.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,124 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for ImageMagick RHSA-2010:0653-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(870312);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_xref(name: "RHSA", value: "2010:0653-01");
+ script_cve_id("CVE-2009-1882");
+ script_name("RedHat Update for ImageMagick RHSA-2010:0653-01");
+ desc = "
+
+ Vulnerability Insight:
+ ImageMagick is an image display and manipulation tool for the X Window
+ System that can read and write multiple image formats.
+
+ An integer overflow flaw, leading to a heap-based buffer overflow, was
+ found in the ImageMagick routine responsible for creating X11 images. An
+ attacker could create a specially-crafted image file that, when opened by a
+ victim, would cause ImageMagick to crash or, potentially, execute arbitrary
+ code. (CVE-2009-1882)
+
+ Users of ImageMagick are advised to upgrade to these updated packages,
+ which contain a backported patch to correct this issue. All running
+ instances of ImageMagick must be restarted for this update to take effect.
+
+
+ Affected Software/OS:
+ ImageMagick on Red Hat Enterprise Linux AS version 4,
+ Red Hat Enterprise Linux ES version 4,
+ Red Hat Enterprise Linux WS version 4
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://www.redhat.com/archives/rhsa-announce/2010-August/msg00030.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of ImageMagick");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "RHENT_4")
+{
+
+ if(isrpmvuln(pkg:"ImageMagick", rpm:"ImageMagick~6.0.7.1~20.el4_8.1", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"ImageMagick-c++", rpm:"ImageMagick-c++~6.0.7.1~20.el4_8.1", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"ImageMagick-c++-devel", rpm:"ImageMagick-c++-devel~6.0.7.1~20.el4_8.1", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"ImageMagick-debuginfo", rpm:"ImageMagick-debuginfo~6.0.7.1~20.el4_8.1", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"ImageMagick-devel", rpm:"ImageMagick-devel~6.0.7.1~20.el4_8.1", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"ImageMagick-perl", rpm:"ImageMagick-perl~6.0.7.1~20.el4_8.1", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_RHSA-2010_0657-02_gdm.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_RHSA-2010_0657-02_gdm.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_RHSA-2010_0657-02_gdm.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,107 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for gdm RHSA-2010:0657-02
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(870313);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"6.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "RHSA", value: "2010:0657-02");
+ script_cve_id("CVE-2007-5079");
+ script_name("RedHat Update for gdm RHSA-2010:0657-02");
+ desc = "
+
+ Vulnerability Insight:
+ The GNOME Display Manager (GDM) is a configurable re-implementation of XDM,
+ the X Display Manager. GDM allows you to log in to your system with the X
+ Window System running, and supports running several different X sessions on
+ your local machine at the same time.
+
+ A flaw was found in the way the gdm package was built. The gdm package was
+ missing TCP wrappers support on 64-bit platforms, which could result in an
+ administrator believing they had access restrictions enabled when they did
+ not. (CVE-2007-5079)
+
+ This update also fixes the following bug:
+
+ * sometimes the system would hang instead of properly shutting down when
+ a user chose "Shut down" from the login screen. (BZ#625818)
+
+ All users should upgrade to this updated package, which contains backported
+ patches to correct these issues. GDM must be restarted for this update to
+ take effect. Rebooting achieves this, but changing the runlevel from 5 to 3
+ and back to 5 also restarts GDM.
+
+
+ Affected Software/OS:
+ gdm on Red Hat Enterprise Linux AS version 4,
+ Red Hat Enterprise Linux ES version 4,
+ Red Hat Enterprise Linux WS version 4
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://www.redhat.com/archives/rhsa-announce/2010-August/msg00031.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of gdm");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "RHENT_4")
+{
+
+ if(isrpmvuln(pkg:"gdm", rpm:"gdm~2.6.0.5~7.rhel4.19.el4_8.2", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"gdm-debuginfo", rpm:"gdm-debuginfo~2.6.0.5~7.rhel4.19.el4_8.2", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_11343_openldap_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_11343_openldap_fc13.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_11343_openldap_fc13.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,87 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for openldap FEDORA-2010-11343
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862350);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "FEDORA", value: "2010-11343");
+ script_cve_id("CVE-2010-0211", "CVE-2010-0212");
+ script_name("Fedora Update for openldap FEDORA-2010-11343");
+ desc = "
+
+ Vulnerability Insight:
+ OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
+ Protocol) applications and development tools. LDAP is a set of
+ protocols for accessing directory services (usually phone book style
+ information, but other information is possible) over the Internet,
+ similar to the way DNS (Domain Name System) information is propagated
+ over the Internet. The openldap package contains configuration files,
+ libraries, and documentation for OpenLDAP.
+
+
+ Affected Software/OS:
+ openldap on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046039.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of openldap");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"openldap", rpm:"openldap~2.4.21~10.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_11428_maniadrive_fc12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_11428_maniadrive_fc12.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_11428_maniadrive_fc12.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,84 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for maniadrive FEDORA-2010-11428
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862343);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2010-11428");
+ script_cve_id("CVE-2010-2531", "CVE-2010-0397", "CVE-2010-2225", "CVE-2010-2190", "CVE-2010-1914", "CVE-2010-1915", "CVE-2010-1917");
+ script_name("Fedora Update for maniadrive FEDORA-2010-11428");
+ desc = "
+
+ Vulnerability Insight:
+ ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous
+ gameplay (tracks almost never exceed one minute). Features: Complex car
+ physics, Challenging "story mode", LAN and Internet mode, Live scores,
+ Track editor, Dedicated server with HTTP interface and More than 30 blocks.
+
+
+ Affected Software/OS:
+ maniadrive on Fedora 12
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046048.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of maniadrive");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC12")
+{
+
+ if(isrpmvuln(pkg:"maniadrive", rpm:"maniadrive~1.2~22.fc12", rls:"FC12"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_11428_php-eaccelerator_fc12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_11428_php-eaccelerator_fc12.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_11428_php-eaccelerator_fc12.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,83 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for php-eaccelerator FEDORA-2010-11428
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862347);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2010-11428");
+ script_cve_id("CVE-2010-2531", "CVE-2010-0397", "CVE-2010-2225", "CVE-2010-2190", "CVE-2010-1914", "CVE-2010-1915", "CVE-2010-1917");
+ script_name("Fedora Update for php-eaccelerator FEDORA-2010-11428");
+ desc = "
+
+ Vulnerability Insight:
+ eAccelerator is a further development of the MMCache PHP Accelerator & Encoder.
+ It increases performance of PHP scripts by caching them in compiled state, so
+ that the overhead of compiling is almost completely eliminated.
+
+
+ Affected Software/OS:
+ php-eaccelerator on Fedora 12
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046047.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of php-eaccelerator");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC12")
+{
+
+ if(isrpmvuln(pkg:"php-eaccelerator", rpm:"php-eaccelerator~0.9.6.1~2.fc12", rls:"FC12"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_11428_php_fc12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_11428_php_fc12.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_11428_php_fc12.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,89 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for php FEDORA-2010-11428
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862345);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2010-11428");
+ script_cve_id("CVE-2010-2531", "CVE-2010-0397", "CVE-2010-2225", "CVE-2010-2190", "CVE-2010-1914", "CVE-2010-1915", "CVE-2010-1917");
+ script_name("Fedora Update for php FEDORA-2010-11428");
+ desc = "
+
+ Vulnerability Insight:
+ PHP is an HTML-embedded scripting language. PHP attempts to make it
+ easy for developers to write dynamically generated webpages. PHP also
+ offers built-in database integration for several commercial and
+ non-commercial database management systems, so writing a
+ database-enabled webpage with PHP is fairly simple. The most common
+ use of PHP coding is probably as a replacement for CGI scripts.
+
+ The php package contains the module which adds support for the PHP
+ language to Apache HTTP Server.
+
+
+ Affected Software/OS:
+ php on Fedora 12
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046046.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of php");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC12")
+{
+
+ if(isrpmvuln(pkg:"php", rpm:"php~5.3.3~1.fc12", rls:"FC12"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_11481_maniadrive_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_11481_maniadrive_fc13.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_11481_maniadrive_fc13.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,84 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for maniadrive FEDORA-2010-11481
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862346);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2010-11481");
+ script_cve_id("CVE-2010-2531", "CVE-2010-0397", "CVE-2010-2225", "CVE-2010-2190", "CVE-2010-1914", "CVE-2010-1915", "CVE-2010-1917");
+ script_name("Fedora Update for maniadrive FEDORA-2010-11481");
+ desc = "
+
+ Vulnerability Insight:
+ ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous
+ gameplay (tracks almost never exceed one minute). Features: Complex car
+ physics, Challenging "story mode", LAN and Internet mode, Live scores,
+ Track editor, Dedicated server with HTTP interface and More than 30 blocks.
+
+
+ Affected Software/OS:
+ maniadrive on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046023.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of maniadrive");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"maniadrive", rpm:"maniadrive~1.2~22.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_11481_php-eaccelerator_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_11481_php-eaccelerator_fc13.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_11481_php-eaccelerator_fc13.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,83 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for php-eaccelerator FEDORA-2010-11481
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862349);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2010-11481");
+ script_cve_id("CVE-2010-2531", "CVE-2010-0397", "CVE-2010-2225", "CVE-2010-2190", "CVE-2010-1914", "CVE-2010-1915", "CVE-2010-1917");
+ script_name("Fedora Update for php-eaccelerator FEDORA-2010-11481");
+ desc = "
+
+ Vulnerability Insight:
+ eAccelerator is a further development of the MMCache PHP Accelerator & Encoder.
+ It increases performance of PHP scripts by caching them in compiled state, so
+ that the overhead of compiling is almost completely eliminated.
+
+
+ Affected Software/OS:
+ php-eaccelerator on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046022.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of php-eaccelerator");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"php-eaccelerator", rpm:"php-eaccelerator~0.9.6.1~2.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_11481_php_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_11481_php_fc13.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_11481_php_fc13.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,89 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for php FEDORA-2010-11481
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862351);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2010-11481");
+ script_cve_id("CVE-2010-2531", "CVE-2010-0397", "CVE-2010-2225", "CVE-2010-2190", "CVE-2010-1914", "CVE-2010-1915", "CVE-2010-1917");
+ script_name("Fedora Update for php FEDORA-2010-11481");
+ desc = "
+
+ Vulnerability Insight:
+ PHP is an HTML-embedded scripting language. PHP attempts to make it
+ easy for developers to write dynamically generated webpages. PHP also
+ offers built-in database integration for several commercial and
+ non-commercial database management systems, so writing a
+ database-enabled webpage with PHP is fairly simple. The most common
+ use of PHP coding is probably as a replacement for CGI scripts.
+
+ The php package contains the module which adds support for the PHP
+ language to Apache HTTP Server.
+
+
+ Affected Software/OS:
+ php on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046021.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of php");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"php", rpm:"php~5.3.3~1.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_12266_mapserver_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_12266_mapserver_fc13.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_12266_mapserver_fc13.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,84 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for mapserver FEDORA-2010-12266
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862342);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"10.0");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_xref(name: "FEDORA", value: "2010-12266");
+ script_cve_id("CVE-2010-2539", "CVE-2010-2540");
+ script_name("Fedora Update for mapserver FEDORA-2010-12266");
+ desc = "
+
+ Vulnerability Insight:
+ Mapserver is an internet mapping program that converts GIS data to
+ map images in real time. With appropriate interface pages,
+ Mapserver can provide an interactive internet map based on
+ custom GIS data.
+
+
+ Affected Software/OS:
+ mapserver on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046434.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of mapserver");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"mapserver", rpm:"mapserver~5.6.5~1.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_12752_zabbix_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_12752_zabbix_fc13.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_12752_zabbix_fc13.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,96 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for zabbix FEDORA-2010-12752
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862352);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "FEDORA", value: "2010-12752");
+ script_cve_id("CVE-2010-2790");
+ script_name("Fedora Update for zabbix FEDORA-2010-12752");
+ desc = "
+
+ Vulnerability Insight:
+ ZABBIX is software that monitors numerous parameters of a network and
+ the health and integrity of servers. ZABBIX uses a flexible
+ notification mechanism that allows users to configure e-mail based
+ alerts for virtually any event. This allows a fast reaction to server
+ problems. ZABBIX offers excellent reporting and data visualisation
+ features based on the stored data. This makes ZABBIX ideal for
+ capacity planning.
+
+ ZABBIX supports both polling and trapping. All ZABBIX reports and
+ statistics, as well as configuration parameters are accessed through a
+ web-based front end. A web-based front end ensures that the status of
+ your network and the health of your servers can be assessed from any
+ location. Properly configured, ZABBIX can play an important role in
+ monitoring IT infrastructure. This is equally true for small
+ organisations with a few servers and for large companies with a
+ multitude of servers.
+
+
+ Affected Software/OS:
+ zabbix on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046316.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of zabbix");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"zabbix", rpm:"zabbix~1.8.2~2.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_13058_kernel_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_13058_kernel_fc13.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_13058_kernel_fc13.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,84 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for kernel FEDORA-2010-13058
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862348);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"4.6");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "FEDORA", value: "2010-13058");
+ script_cve_id("CVE-2010-2524", "CVE-2010-2478", "CVE-2010-2071", "CVE-2010-1437", "CVE-2010-2798", "CVE-2010-2240");
+ script_name("Fedora Update for kernel FEDORA-2010-13058");
+ desc = "
+
+ Vulnerability Insight:
+ The kernel package contains the Linux kernel (vmlinuz), the core of any
+ Linux operating system. The kernel handles the basic functions
+ of the operating system: memory allocation, process allocation, device
+ input and output, etc.
+
+
+ Affected Software/OS:
+ kernel on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046051.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of kernel");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.33.8~149.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_13072_bugzilla_fc12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_13072_bugzilla_fc12.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_13072_bugzilla_fc12.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,84 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for bugzilla FEDORA-2010-13072
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862357);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"6.5");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2010-13072");
+ script_cve_id("CVE-2010-1204", "CVE-2009-3989", "CVE-2009-3387", "CVE-2009-3386", "CVE-2010-2756", "CVE-2010-2757", "CVE-2010-2758", "CVE-2010-2759");
+ script_name("Fedora Update for bugzilla FEDORA-2010-13072");
+ desc = "
+
+ Vulnerability Insight:
+ Bugzilla is a popular bug tracking system used by multiple open source projects
+ It requires a database engine installed - either MySQL, PostgreSQL or Oracle.
+ Without one of these database engines (local or remote), Bugzilla will not work
+ - see the Release Notes for details.
+
+
+ Affected Software/OS:
+ bugzilla on Fedora 12
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046534.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of bugzilla");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC12")
+{
+
+ if(isrpmvuln(pkg:"bugzilla", rpm:"bugzilla~3.4.8~1.fc12", rls:"FC12"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_13086_bugzilla_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_13086_bugzilla_fc13.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_13086_bugzilla_fc13.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,84 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for bugzilla FEDORA-2010-13086
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862354);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"6.5");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2010-13086");
+ script_cve_id("CVE-2010-1204", "CVE-2010-2756", "CVE-2010-2757", "CVE-2010-2758", "CVE-2010-2759");
+ script_name("Fedora Update for bugzilla FEDORA-2010-13086");
+ desc = "
+
+ Vulnerability Insight:
+ Bugzilla is a popular bug tracking system used by multiple open source projects
+ It requires a database engine installed - either MySQL, PostgreSQL or Oracle.
+ Without one of these database engines (local or remote), Bugzilla will not work
+ - see the Release Notes for details.
+
+
+ Affected Software/OS:
+ bugzilla on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046546.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of bugzilla");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"bugzilla", rpm:"bugzilla~3.4.8~2.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_13110_kernel_fc12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_13110_kernel_fc12.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_13110_kernel_fc12.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,84 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for kernel FEDORA-2010-13110
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862344);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"7.8");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2010-13110");
+ script_cve_id("CVE-2010-2240", "CVE-2010-2266", "CVE-2010-2066", "CVE-2010-2524", "CVE-2010-2478", "CVE-2010-2071", "CVE-2010-1437", "CVE-2010-1146", "CVE-2010-0623", "CVE-2009-4537", "CVE-2009-4131", "CVE-2010-2226", "CVE-2010-2798");
+ script_name("Fedora Update for kernel FEDORA-2010-13110");
+ desc = "
+
+ Vulnerability Insight:
+ The kernel package contains the Linux kernel (vmlinuz), the core of any
+ Linux operating system. The kernel handles the basic functions
+ of the operating system: memory allocation, process allocation, device
+ input and output, etc.
+
+
+ Affected Software/OS:
+ kernel on Fedora 12
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046029.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of kernel");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC12")
+{
+
+ if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.32.19~163.fc12", rls:"FC12"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_13341_ruby_fc12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_13341_ruby_fc12.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_13341_ruby_fc12.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,84 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for ruby FEDORA-2010-13341
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862353);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "FEDORA", value: "2010-13341");
+ script_cve_id("CVE-2010-0541", "CVE-2009-4492");
+ script_name("Fedora Update for ruby FEDORA-2010-13341");
+ desc = "
+
+ Vulnerability Insight:
+ Ruby is the interpreted scripting language for quick and easy
+ object-oriented programming. It has many features to process text
+ files and to do system management tasks (as in Perl). It is simple,
+ straight-forward, and extensible.
+
+
+ Affected Software/OS:
+ ruby on Fedora 12
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046013.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of ruby");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC12")
+{
+
+ if(isrpmvuln(pkg:"ruby", rpm:"ruby~1.8.6.399~6.fc12", rls:"FC12"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_13387_ruby_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_13387_ruby_fc13.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_13387_ruby_fc13.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,84 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for ruby FEDORA-2010-13387
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862341);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "FEDORA", value: "2010-13387");
+ script_cve_id("CVE-2010-0541");
+ script_name("Fedora Update for ruby FEDORA-2010-13387");
+ desc = "
+
+ Vulnerability Insight:
+ Ruby is the interpreted scripting language for quick and easy
+ object-oriented programming. It has many features to process text
+ files and to do system management tasks (as in Perl). It is simple,
+ straight-forward, and extensible.
+
+
+ Affected Software/OS:
+ ruby on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046044.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of ruby");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"ruby", rpm:"ruby~1.8.6.399~6.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_13629_kdegraphics_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_13629_kdegraphics_fc13.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_13629_kdegraphics_fc13.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,87 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for kdegraphics FEDORA-2010-13629
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862356);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2010-13629");
+ script_cve_id("CVE-2010-2575");
+ script_name("Fedora Update for kdegraphics FEDORA-2010-13629");
+ desc = "
+
+ Vulnerability Insight:
+ Graphics applications, including
+ * gwenview (an image viewer)
+ * kamera (digital camera support)
+ * kcolorchooser (a color chooser)
+ * kolourpaint4 (an easy-to-use paint program)
+ * kruler (screen ruler and color measurement tool)
+ * ksnapshot (screen capture utility)
+ * okular (a document viewer)
+
+
+ Affected Software/OS:
+ kdegraphics on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046524.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of kdegraphics");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"kdegraphics", rpm:"kdegraphics~4.4.5~3.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_13661_kdegraphics_fc12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_13661_kdegraphics_fc12.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_13661_kdegraphics_fc12.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,87 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for kdegraphics FEDORA-2010-13661
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862355);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2010-13661");
+ script_cve_id("CVE-2010-2575");
+ script_name("Fedora Update for kdegraphics FEDORA-2010-13661");
+ desc = "
+
+ Vulnerability Insight:
+ Graphics applications, including
+ * gwenview (an image viewer)
+ * kamera (digital camera support)
+ * kcolorchooser (a color chooser)
+ * kolourpaint4 (an easy-to-use paint program)
+ * kruler (screen ruler and color measurement tool)
+ * ksnapshot (screen capture utility)
+ * okular (a document viewer)
+
+
+ Affected Software/OS:
+ kdegraphics on Fedora 12
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046542.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of kdegraphics");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC12")
+{
+
+ if(isrpmvuln(pkg:"kdegraphics", rpm:"kdegraphics~4.4.5~3.fc12", rls:"FC12"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_158.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_158.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_158.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,409 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Mandriva Update for squirrelmail MDVSA-2010:158 (squirrelmail)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(831136);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "MDVSA", value: "2010:158");
+ script_cve_id("CVE-2010-2813");
+ script_name("Mandriva Update for squirrelmail MDVSA-2010:158 (squirrelmail)");
+ desc = "
+
+ Vulnerability Insight:
+
+ A vulnerability has been found and corrected in squirrelmail:
+
+ functions/imap_general.php in SquirrelMail before 1.4.21 does not
+ properly handle 8-bit characters in passwords, which allows remote
+ attackers to cause a denial of service (disk consumption) by making
+ many IMAP login attempts with different usernames, leading to the
+ creation of many preferences files (CVE-2010-2813).
+
+ This update provides squirrelmail 1.4.21, which is not vulnerable to
+ this issue.
+
+ Affected Software/OS:
+ squirrelmail on Mandriva Enterprise Server 5,
+ Mandriva Enterprise Server 5/X86_64
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.mandriva.com/security-announce/2010-08/msg00018.php
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of squirrelmail");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "MNDK_mes5")
+{
+
+ if(isrpmvuln(pkg:"squirrelmail", rpm:"squirrelmail~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-ar", rpm:"squirrelmail-ar~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-bg", rpm:"squirrelmail-bg~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-bn-bangladesh", rpm:"squirrelmail-bn-bangladesh~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-bn-india", rpm:"squirrelmail-bn-india~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-ca", rpm:"squirrelmail-ca~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-cs", rpm:"squirrelmail-cs~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-cy", rpm:"squirrelmail-cy~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-cyrus", rpm:"squirrelmail-cyrus~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-da", rpm:"squirrelmail-da~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-de", rpm:"squirrelmail-de~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-el", rpm:"squirrelmail-el~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-es", rpm:"squirrelmail-es~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-et", rpm:"squirrelmail-et~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-eu", rpm:"squirrelmail-eu~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-fa", rpm:"squirrelmail-fa~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-fi", rpm:"squirrelmail-fi~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-fo", rpm:"squirrelmail-fo~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-fr", rpm:"squirrelmail-fr~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-fy", rpm:"squirrelmail-fy~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-he", rpm:"squirrelmail-he~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-hr", rpm:"squirrelmail-hr~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-hu", rpm:"squirrelmail-hu~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-id", rpm:"squirrelmail-id~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-is", rpm:"squirrelmail-is~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-it", rpm:"squirrelmail-it~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-ja", rpm:"squirrelmail-ja~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-ka", rpm:"squirrelmail-ka~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-km", rpm:"squirrelmail-km~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-ko", rpm:"squirrelmail-ko~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-lt", rpm:"squirrelmail-lt~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-lv", rpm:"squirrelmail-lv~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-mk", rpm:"squirrelmail-mk~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-ms", rpm:"squirrelmail-ms~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-nb", rpm:"squirrelmail-nb~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-nl", rpm:"squirrelmail-nl~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-nn", rpm:"squirrelmail-nn~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-pl", rpm:"squirrelmail-pl~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-poutils", rpm:"squirrelmail-poutils~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-pt", rpm:"squirrelmail-pt~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-ro", rpm:"squirrelmail-ro~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-ru", rpm:"squirrelmail-ru~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-sk", rpm:"squirrelmail-sk~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-sl", rpm:"squirrelmail-sl~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-sr", rpm:"squirrelmail-sr~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-sv", rpm:"squirrelmail-sv~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-ta", rpm:"squirrelmail-ta~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-th", rpm:"squirrelmail-th~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-tr", rpm:"squirrelmail-tr~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-ug", rpm:"squirrelmail-ug~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-uk", rpm:"squirrelmail-uk~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-vi", rpm:"squirrelmail-vi~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-zh_CN", rpm:"squirrelmail-zh_CN~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"squirrelmail-zh_TW", rpm:"squirrelmail-zh_TW~1.4.21~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_159.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_159.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_159.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,102 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Mandriva Update for gv MDVSA-2010:159 (gv)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(831139);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"3.3");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "MDVSA", value: "2010:159");
+ script_cve_id("CVE-2010-2056");
+ script_name("Mandriva Update for gv MDVSA-2010:159 (gv)");
+ desc = "
+
+ Vulnerability Insight:
+
+ A vulnerability has been found and corrected in gv:
+
+ GNU gv before 3.7.0 allows local users to overwrite arbitrary files
+ via a symlink attack on a temporary file (CVE-2010-2056).
+
+ This update provides gv 3.7.1, which is not vulnerable to this issue.
+
+ Affected Software/OS:
+ gv on Mandriva Linux 2010.0,
+ Mandriva Linux 2010.0/X86_64,
+ Mandriva Enterprise Server 5,
+ Mandriva Enterprise Server 5/X86_64
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.mandriva.com/security-announce/2010-08/msg00020.php
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of gv");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "MNDK_mes5")
+{
+
+ if(isrpmvuln(pkg:"gv", rpm:"gv~3.7.1~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2010.0")
+{
+
+ if(isrpmvuln(pkg:"gv", rpm:"gv~3.7.1~0.1mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_160.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_160.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_160.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,119 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Mandriva Update for cacti MDVSA-2010:160 (cacti)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(831138);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"6.5");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "MDVSA", value: "2010:160");
+ script_cve_id("CVE-2010-1644", "CVE-2010-1645", "CVE-2009-4032", "CVE-2010-2543", "CVE-2010-2544", "CVE-2010-2545");
+ script_name("Mandriva Update for cacti MDVSA-2010:160 (cacti)");
+ desc = "
+
+ Vulnerability Insight:
+
+ Multiple vulnerabilities has been found and corrected in cacti:
+
+ Multiple cross-site scripting (XSS) vulnerabilities in Cacti before
+ 0.8.7f, allow remote attackers to inject arbitrary web script or
+ HTML via the (1) hostname or (2) description parameter to host.php,
+ or (3) the host_id parameter to data_sources.php (CVE-2010-1644).
+
+ Cacti before 0.8.7f, allows remote authenticated administrators to
+ execute arbitrary commands via shell metacharacters in (1) the FQDN
+ field of a Device or (2) the Vertical Label field of a Graph Template
+ (CVE-2010-1645).
+
+ Cross-site scripting (XSS) vulnerability in
+ include/top_graph_header.php in Cacti before 0.8.7g allows remote
+ attackers to inject arbitrary web script or HTML via the graph_start
+ parameter to graph.php. NOTE: this vulnerability exists because of
+ an incorrect fix for CVE-2009-4032.2.b (CVE-2010-2543).
+
+ Cross-site scripting (XSS) vulnerability in utilities.php in Cacti
+ before 0.8.7g, allows remote attackers to inject arbitrary web script
+ or HTML via the filter parameter (CVE-2010-2544).
+
+ Multiple cross-site scripting (XSS) vulnerabilities in Cacti before
+ 0.8.7g, allow remote attackers to inject arbitrary web script or HTML
+ via (1) the name element in an XML template to templates_import.php;
+ and allow remote authenticated administrators to inject arbitrary web
+ script or HTML via vectors related to (2) cdef.php, (3) data_input.php,
+ (4) data_queries.php, (5) data_sources.php, (6) data_templates.php, (7)
+ gprint_presets.php, (8) graph.php, (9) graphs_new.php, (10) graphs.php,
+ (11) graph_templates_inputs.php, (12) graph_templates_items.php,
+ (13) graph_templates.php, (14) graph_view.php, (15) host.php, (16)
+ host_templates.php, (17) lib/functions.php, (18) lib/html_form.php,
+ (19) lib/html_form_template.php, (20) lib/html.php, (21)
+ lib/html_tree.php, (22) lib/rrd.php, (23) rra.php, (24) tree.php,
+ and (25) user_admin.php (CVE-2010-2545).
+
+ This update provides cacti 0.8.7f, which is not vulnerable to these
+ issues.
+
+ Affected Software/OS:
+ cacti on Mandriva Enterprise Server 5,
+ Mandriva Enterprise Server 5/X86_64
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.mandriva.com/security-announce/2010-08/msg00021.php
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of cacti");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "MNDK_mes5")
+{
+
+ if(isrpmvuln(pkg:"cacti", rpm:"cacti~0.8.7g~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_161.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_161.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_161.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,167 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Mandriva Update for vte MDVSA-2010:161 (vte)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(831137);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"6.8");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "MDVSA", value: "2010:161");
+ script_cve_id("CVE-2003-0070", "CVE-2010-2713");
+ script_name("Mandriva Update for vte MDVSA-2010:161 (vte)");
+ desc = "
+
+ Vulnerability Insight:
+
+ A vulnerability has been found and corrected in vte:
+
+ The vte_sequence_handler_window_manipulation function in vteseq.c
+ in libvte (aka libvte9) in VTE 0.25.1 and earlier, as used in
+ gnome-terminal, does not properly handle escape sequences, which
+ allows remote attackers to execute arbitrary commands or obtain
+ potentially sensitive information via a (1) window title or (2) icon
+ title sequence. NOTE: this issue exists because of a CVE-2003-0070
+ regression (CVE-2010-2713).
+
+ The updated packages have been patched to correct this issue.
+
+ Affected Software/OS:
+ vte on Mandriva Linux 2009.1,
+ Mandriva Linux 2009.1/X86_64,
+ Mandriva Linux 2010.0,
+ Mandriva Linux 2010.0/X86_64
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.mandriva.com/security-announce/2010-08/msg00022.php
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of vte");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "MNDK_2010.0")
+{
+
+ if(isrpmvuln(pkg:"libvte9", rpm:"libvte9~0.22.2~1.1mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libvte-devel", rpm:"libvte-devel~0.22.2~1.1mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"python-vte", rpm:"python-vte~0.22.2~1.1mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"vte", rpm:"vte~0.22.2~1.1mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64vte9", rpm:"lib64vte9~0.22.2~1.1mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64vte-devel", rpm:"lib64vte-devel~0.22.2~1.1mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2009.1")
+{
+
+ if(isrpmvuln(pkg:"libvte9", rpm:"libvte9~0.20.1~1.1mdv2009.1", rls:"MNDK_2009.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libvte-devel", rpm:"libvte-devel~0.20.1~1.1mdv2009.1", rls:"MNDK_2009.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"python-vte", rpm:"python-vte~0.20.1~1.1mdv2009.1", rls:"MNDK_2009.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"vte", rpm:"vte~0.20.1~1.1mdv2009.1", rls:"MNDK_2009.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64vte9", rpm:"lib64vte9~0.20.1~1.1mdv2009.1", rls:"MNDK_2009.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64vte-devel", rpm:"lib64vte-devel~0.20.1~1.1mdv2009.1", rls:"MNDK_2009.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_162.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_162.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_162.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,413 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Mandriva Update for kdegraphics4 MDVSA-2010:162 (kdegraphics4)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(831140);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "MDVSA", value: "2010:162");
+ script_cve_id("CVE-2010-2575");
+ script_name("Mandriva Update for kdegraphics4 MDVSA-2010:162 (kdegraphics4)");
+ desc = "
+
+ Vulnerability Insight:
+
+ A vulnerability has been found and corrected in okular (kdegraphics):
+
+ A specially crafted PDF or PS file could cause okular to crash or
+ execute arbitrary code (CVE-2010-2575).
+
+ The updated packages have been patched to correct this issue.
+
+ Affected Software/OS:
+ kdegraphics4 on Mandriva Linux 2009.0,
+ Mandriva Linux 2009.0/X86_64,
+ Mandriva Linux 2010.0,
+ Mandriva Linux 2010.0/X86_64
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.mandriva.com/security-announce/2010-08/msg00023.php
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of kdegraphics4");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "MNDK_2010.0")
+{
+
+ if(isrpmvuln(pkg:"gwenview", rpm:"gwenview~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kamera", rpm:"kamera~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kcolorchooser", rpm:"kcolorchooser~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kdegraphics4", rpm:"kdegraphics4~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kdegraphics4-core", rpm:"kdegraphics4-core~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kdegraphics4-devel", rpm:"kdegraphics4-devel~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kgamma", rpm:"kgamma~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kipi-common", rpm:"kipi-common~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kolourpaint", rpm:"kolourpaint~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kruler", rpm:"kruler~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"ksnapshot", rpm:"ksnapshot~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libgwenviewlib4", rpm:"libgwenviewlib4~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libkdcraw8", rpm:"libkdcraw8~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libkdcraw-common", rpm:"libkdcraw-common~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libkexiv2_8", rpm:"libkexiv2_8~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libkipi6", rpm:"libkipi6~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libkolourpaint_lgpl4", rpm:"libkolourpaint_lgpl4~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libksane0", rpm:"libksane0~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libokularcore1", rpm:"libokularcore1~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"okular", rpm:"okular~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64gwenviewlib4", rpm:"lib64gwenviewlib4~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64kdcraw8", rpm:"lib64kdcraw8~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64kexiv2_8", rpm:"lib64kexiv2_8~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64kipi6", rpm:"lib64kipi6~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64kolourpaint_lgpl4", rpm:"lib64kolourpaint_lgpl4~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64ksane0", rpm:"lib64ksane0~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64okularcore1", rpm:"lib64okularcore1~4.3.5~0.7mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2009.0")
+{
+
+ if(isrpmvuln(pkg:"gwenview", rpm:"gwenview~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kamera", rpm:"kamera~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kcolorchooser", rpm:"kcolorchooser~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kdegraphics4", rpm:"kdegraphics4~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kdegraphics4-core", rpm:"kdegraphics4-core~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kdegraphics4-devel", rpm:"kdegraphics4-devel~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kgamma", rpm:"kgamma~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kipi-common", rpm:"kipi-common~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kolourpaint", rpm:"kolourpaint~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"kruler", rpm:"kruler~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"ksnapshot", rpm:"ksnapshot~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libgwenviewlib4", rpm:"libgwenviewlib4~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libkdcraw7", rpm:"libkdcraw7~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libkdcraw-common", rpm:"libkdcraw-common~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libkexiv2_7", rpm:"libkexiv2_7~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libkipi6", rpm:"libkipi6~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libkolourpaint_lgpl4", rpm:"libkolourpaint_lgpl4~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libksane0", rpm:"libksane0~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libokularcore1", rpm:"libokularcore1~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"okular", rpm:"okular~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64gwenviewlib4", rpm:"lib64gwenviewlib4~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64kdcraw7", rpm:"lib64kdcraw7~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64kexiv2_7", rpm:"lib64kexiv2_7~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64kipi6", rpm:"lib64kipi6~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64kolourpaint_lgpl4", rpm:"lib64kolourpaint_lgpl4~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64ksane0", rpm:"lib64ksane0~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64okularcore1", rpm:"lib64okularcore1~4.2.4~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_974_2.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_974_2.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_974_2.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,630 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux regression USN-974-2
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(840486);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "USN", value: "974-2");
+ script_cve_id("CVE-2010-2240", "CVE-2010-2803", "CVE-2010-2959");
+ script_name("Ubuntu Update for linux regression USN-974-2");
+ desc = "
+
+ Vulnerability Insight:
+
+ USN-974-1 fixed vulnerabilities in the Linux kernel. The fixes for
+ CVE-2010-2240 caused failures for Xen hosts. This update fixes the
+ problem.
+
+ We apologize for the inconvenience.
+
+ Original advisory details:
+
+ Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory
+ manager did not properly handle when applications grow stacks into adjacent
+ memory regions. A local attacker could exploit this to gain control of
+ certain applications, potentially leading to privilege escalation, as
+ demonstrated in attacks against the X server. (CVE-2010-2240)
+
+ Kees Cook discovered that under certain situations the ioctl subsystem for
+ DRM did not properly sanitize its arguments. A local attacker could exploit
+ this to read previously freed kernel memory, leading to a loss of privacy.
+ (CVE-2010-2803)
+
+ Ben Hawkes discovered an integer overflow in the Controller Area Network
+ (CAN) subsystem when setting up frame content and filtering certain
+ messages. An attacker could send specially crafted CAN traffic to crash the
+ system or gain root privileges. (CVE-2010-2959)
+
+ Affected Software/OS:
+ linux regression on Ubuntu 8.04 LTS
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-August/001146.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of linux regression");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "UBUNTU8.04 LTS")
+{
+
+ if(isdpkgvuln(pkg:"linux-headers-2.6.24-28-386", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-headers-2.6.24-28-generic", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-headers-2.6.24-28-openvz", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-headers-2.6.24-28-rt", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-headers-2.6.24-28-server", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-headers-2.6.24-28-virtual", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-headers-2.6.24-28-xen", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.24-28-386", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.24-28-generic", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.24-28-server", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.24-28-virtual", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-debug-2.6.24-28-386", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-debug-2.6.24-28-generic", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-debug-2.6.24-28-server", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-debug-2.6.24-28-virtual", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-libc-dev", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.24-28-openvz", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.24-28-rt", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.24-28-xen", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-doc-2.6.24", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-headers-2.6.24-28", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-kernel-devel", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-source-2.6.24", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"acpi-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"acpi-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"block-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"block-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"crypto-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"crypto-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fat-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fat-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fb-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fb-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"firewire-core-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"firewire-core-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"floppy-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"floppy-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fs-core-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fs-core-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fs-secondary-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fs-secondary-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"ide-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"ide-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"input-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"input-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"ipv6-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"ipv6-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"irda-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"irda-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kernel-image-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kernel-image-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"md-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"md-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"message-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"message-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nfs-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nfs-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-pcmcia-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-pcmcia-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-shared-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-shared-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-usb-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-usb-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"parport-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"parport-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"pata-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"pata-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"pcmcia-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"pcmcia-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"pcmcia-storage-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"pcmcia-storage-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"plip-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"plip-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"ppp-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"ppp-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"sata-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"sata-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"scsi-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"scsi-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"serial-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"serial-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"socket-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"socket-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"storage-core-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"storage-core-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"usb-modules-2.6.24-28-386-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"usb-modules-2.6.24-28-generic-di", ver:"2.6.24-28.77", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_976_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_976_1.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_976_1.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,256 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for tomcat6 vulnerability USN-976-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(840485);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"6.4");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "USN", value: "976-1");
+ script_cve_id("CVE-2010-2227");
+ script_name("Ubuntu Update for tomcat6 vulnerability USN-976-1");
+ desc = "
+
+ Vulnerability Insight:
+
+ It was discovered that Tomcat incorrectly handled invalid Transfer-Encoding
+ headers. A remote attacker could send specially crafted requests containing
+ invalid headers to the server and cause a denial of service, or possibly
+ obtain sensitive information from other requests.
+
+ Affected Software/OS:
+ tomcat6 vulnerability on Ubuntu 9.04 ,
+ Ubuntu 9.10 ,
+ Ubuntu 10.04 LTS
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-August/001145.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of tomcat6 vulnerability");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "UBUNTU9.10")
+{
+
+ if(isdpkgvuln(pkg:"libservlet2.5-java-doc", ver:"6.0.20-2ubuntu2.2", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libservlet2.5-java", ver:"6.0.20-2ubuntu2.2", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtomcat6-java", ver:"6.0.20-2ubuntu2.2", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"tomcat6-admin", ver:"6.0.20-2ubuntu2.2", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"tomcat6-common", ver:"6.0.20-2ubuntu2.2", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"tomcat6-docs", ver:"6.0.20-2ubuntu2.2", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"tomcat6-examples", ver:"6.0.20-2ubuntu2.2", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"tomcat6-user", ver:"6.0.20-2ubuntu2.2", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"tomcat6", ver:"6.0.20-2ubuntu2.2", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+ if(isdpkgvuln(pkg:"libservlet2.5-java-doc", ver:"6.0.24-2ubuntu1.3", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libservlet2.5-java", ver:"6.0.24-2ubuntu1.3", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtomcat6-java", ver:"6.0.24-2ubuntu1.3", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"tomcat6-admin", ver:"6.0.24-2ubuntu1.3", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"tomcat6-common", ver:"6.0.24-2ubuntu1.3", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"tomcat6-docs", ver:"6.0.24-2ubuntu1.3", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"tomcat6-examples", ver:"6.0.24-2ubuntu1.3", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"tomcat6-user", ver:"6.0.24-2ubuntu1.3", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"tomcat6", ver:"6.0.24-2ubuntu1.3", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU9.04")
+{
+
+ if(isdpkgvuln(pkg:"libservlet2.5-java-doc", ver:"6.0.18-0ubuntu6.3", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libservlet2.5-java", ver:"6.0.18-0ubuntu6.3", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtomcat6-java", ver:"6.0.18-0ubuntu6.3", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"tomcat6-admin", ver:"6.0.18-0ubuntu6.3", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"tomcat6-common", ver:"6.0.18-0ubuntu6.3", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"tomcat6-docs", ver:"6.0.18-0ubuntu6.3", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"tomcat6-examples", ver:"6.0.18-0ubuntu6.3", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"tomcat6-user", ver:"6.0.18-0ubuntu6.3", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"tomcat6", ver:"6.0.18-0ubuntu6.3", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_977_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_977_1.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_977_1.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,160 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for moin vulnerabilities USN-977-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(840484);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "USN", value: "977-1");
+ script_cve_id("CVE-2010-2487", "CVE-2010-2969", "CVE-2010-2970");
+ script_name("Ubuntu Update for moin vulnerabilities USN-977-1");
+ desc = "
+
+ Vulnerability Insight:
+
+ It was discovered that MoinMoin did not properly sanitize its input,
+ resulting in cross-site scripting (XSS) vulnerabilities. With cross-site
+ scripting vulnerabilities, if a user were tricked into viewing server
+ output during a crafted server request, a remote attacker could exploit
+ this to modify the contents, or steal confidential data, within the same
+ domain.
+
+ Affected Software/OS:
+ moin vulnerabilities on Ubuntu 6.06 LTS ,
+ Ubuntu 8.04 LTS ,
+ Ubuntu 9.04 ,
+ Ubuntu 9.10 ,
+ Ubuntu 10.04 LTS
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-August/001144.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of moin vulnerabilities");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "UBUNTU9.10")
+{
+
+ if(isdpkgvuln(pkg:"python-moinmoin", ver:"1.8.4-1ubuntu1.3", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU6.06 LTS")
+{
+
+ if(isdpkgvuln(pkg:"moinmoin-common", ver:"1.5.2-1ubuntu2.7", rls:"UBUNTU6.06 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"python-moinmoin", ver:"1.5.2-1ubuntu2.7", rls:"UBUNTU6.06 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"python2.4-moinmoin", ver:"1.5.2-1ubuntu2.7", rls:"UBUNTU6.06 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+ if(isdpkgvuln(pkg:"python-moinmoin", ver:"1.9.2-2ubuntu3.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU9.04")
+{
+
+ if(isdpkgvuln(pkg:"python-moinmoin", ver:"1.8.2-2ubuntu2.5", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU8.04 LTS")
+{
+
+ if(isdpkgvuln(pkg:"moinmoin-common", ver:"1.5.8-5.1ubuntu2.5", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"python-moinmoin", ver:"1.5.8-5.1ubuntu2.5", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_979_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_979_1.nasl 2010-08-30 14:16:51 UTC (rev 8922)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_979_1.nasl 2010-08-30 14:59:25 UTC (rev 8923)
@@ -0,0 +1,496 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for kdegraphics vulnerability USN-979-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(840487);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "USN", value: "979-1");
+ script_cve_id("CVE-2010-2575");
+ script_name("Ubuntu Update for kdegraphics vulnerability USN-979-1");
+ desc = "
+
+ Vulnerability Insight:
+
+ Stefan Cornelius of Secunia Research discovered a boundary error during
+ RLE decompression in the "TranscribePalmImageToJPEG()" function in
+ generators/plucker/inplug/image.cpp of okular when processing images
+ embedded in PDB files, which can be exploited to cause a heap-based
+ buffer overflow. (CVE-2010-2575)
+
+ Affected Software/OS:
+ kdegraphics vulnerability on Ubuntu 9.04 ,
+ Ubuntu 9.10 ,
+ Ubuntu 10.04 LTS
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-August/001147.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of kdegraphics vulnerability");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "UBUNTU9.10")
+{
+
+ if(isdpkgvuln(pkg:"gwenview", ver:"4.3.2-0ubuntu1.1", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kamera", ver:"4.3.2-0ubuntu1.1", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kcolorchooser", ver:"4.3.2-0ubuntu1.1", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kdegraphics-dbg", ver:"4.3.2-0ubuntu1.1", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kdegraphics-strigi-plugins", ver:"4.3.2-0ubuntu1.1", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kgamma", ver:"4.3.2-0ubuntu1.1", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kolourpaint4", ver:"4.3.2-0ubuntu1.1", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kruler", ver:"4.3.2-0ubuntu1.1", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"ksnapshot", ver:"4.3.2-0ubuntu1.1", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkdcraw7-dev", ver:"4.3.2-0ubuntu1.1", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkdcraw7", ver:"4.3.2-0ubuntu1.1", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkexiv2-7-dev", ver:"4.3.2-0ubuntu1.1", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkexiv2-7", ver:"4.3.2-0ubuntu1.1", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkipi6-dev", ver:"4.3.2-0ubuntu1.1", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkipi6", ver:"4.3.2-0ubuntu1.1", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libksane-dev", ver:"4.3.2-0ubuntu1.1", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libksane0", ver:"4.3.2-0ubuntu1.1", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libokularcore1", ver:"4.3.2-0ubuntu1.1", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"okular-dev", ver:"4.3.2-0ubuntu1.1", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"okular-extra-backends", ver:"4.3.2-0ubuntu1.1", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"okular", ver:"4.3.2-0ubuntu1.1", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kdegraphics", ver:"4.3.2-0ubuntu1.1", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+ if(isdpkgvuln(pkg:"gwenview", ver:"4.4.2-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kamera", ver:"4.4.2-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kcolorchooser", ver:"4.4.2-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kdegraphics-dbg", ver:"4.4.2-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kdegraphics-strigi-plugins", ver:"4.4.2-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kgamma", ver:"4.4.2-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kolourpaint4", ver:"4.4.2-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kruler", ver:"4.4.2-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"ksnapshot", ver:"4.4.2-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkdcraw8-dev", ver:"4.4.2-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkdcraw8", ver:"4.4.2-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkexiv2-8-dev", ver:"4.4.2-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkexiv2-8", ver:"4.4.2-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkipi7-dev", ver:"4.4.2-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkipi7", ver:"4.4.2-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libksane-dev", ver:"4.4.2-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libksane0", ver:"4.4.2-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libokularcore1", ver:"4.4.2-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"okular-dev", ver:"4.4.2-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"okular-extra-backends", ver:"4.4.2-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"okular", ver:"4.4.2-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kdegraphics", ver:"4.4.2-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU9.04")
+{
+
+ if(isdpkgvuln(pkg:"gwenview", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kamera", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kcolorchooser", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kdegraphics-dbg", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kdegraphics-strigi-plugins", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kgamma", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kolourpaint4", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kruler", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"ksnapshot", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkdcraw7-dev", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkdcraw7", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkexiv2-7-dev", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkexiv2-7", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkipi6-dev", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkipi6", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libksane-dev", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libksane0", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libokularcore1", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"okular-dev", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"okular-extra-backends", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"okular", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kdegraphics", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kolourpaint", ver:"4.2.2-0ubuntu2.1", rls:"UBUNTU9.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
More information about the Openvas-commits
mailing list