[Openvas-commits] r6604 - in trunk/openvas-plugins: . scripts
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Mon Feb 1 18:25:22 CET 2010
Author: reinke
Date: 2010-02-01 18:25:19 +0100 (Mon, 01 Feb 2010)
New Revision: 6604
Added:
trunk/openvas-plugins/scripts/deb_1968_2.nasl
trunk/openvas-plugins/scripts/deb_1973_1.nasl
trunk/openvas-plugins/scripts/deb_1974_1.nasl
trunk/openvas-plugins/scripts/deb_1978_1.nasl
trunk/openvas-plugins/scripts/deb_1980_1.nasl
trunk/openvas-plugins/scripts/deb_1981_1.nasl
trunk/openvas-plugins/scripts/deb_1981_2.nasl
Modified:
trunk/openvas-plugins/ChangeLog
Log:
New scripts added
Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog 2010-02-01 16:24:34 UTC (rev 6603)
+++ trunk/openvas-plugins/ChangeLog 2010-02-01 17:25:19 UTC (rev 6604)
@@ -1,3 +1,14 @@
+2010-02-01 Thomas Reinke <reinke at securityspace.com>
+
+ * scripts/deb_1968_2.nasl,
+ scripts/deb_1973_1.nasl,
+ scripts/deb_1974_1.nasl,
+ scripts/deb_1978_1.nasl,
+ scripts/deb_1980_1.nasl,
+ scripts/deb_1981_1.nasl,
+ scripts/deb_1981_2.nasl:
+ New scripts.
+
2010-01-29 Michael Meyer <michael.meyer at intevation.de>
* scripts/ingres_db_detect.nasl,
Added: trunk/openvas-plugins/scripts/deb_1968_2.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1968_2.nasl 2010-02-01 16:24:34 UTC (rev 6603)
+++ trunk/openvas-plugins/scripts/deb_1968_2.nasl 2010-02-01 17:25:19 UTC (rev 6604)
@@ -0,0 +1,87 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1968-2 (pdns-recursor)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66776);
+ script_cve_id("CVE-2009-4010", "CVE-2009-4009");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1968-2 (pdns-recursor)");
+
+ desc = "The remote host is missing an update to pdns-recursor
+announced via advisory DSA 1968-2.
+
+It was discovered that pdns-recursor, the PowerDNS recursive name server,
+contains a cache poisoning vulnerability which may allow attackers to trick the
+server into serving incorrect DNS data (CVE-2009-4010).
+
+This DSA provides a security update for the old stable distribution
+(etch), similar to the previous update in DSA-1968-1. (Note that the
+etch version of pdns-recursor was not vulnerable to CVE-2009-4009.)
+
+Extra care should be applied when installing this update. It is an etch
+backport of the lenny version of the package (3.1.7 with security fixes
+applied). Major differences in internal domain name processing made
+backporting just the security fix too difficult.
+
+For the old stable distribution (etch), this problem has been fixed in
+version 3.1.4+v3.1.7-0+etch1.
+
+We recommend that you upgrade your pdns-recursor package.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201968-2
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1968-2 (pdns-recursor)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"pdns-recursor", ver:"3.1.4+v3.1.7-0+etch1", rls:"DEB4.0")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/deb_1973_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1973_1.nasl 2010-02-01 16:24:34 UTC (rev 6603)
+++ trunk/openvas-plugins/scripts/deb_1973_1.nasl 2010-02-01 17:25:19 UTC (rev 6604)
@@ -0,0 +1,267 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1973-1 (glibc, eglibc)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66770);
+ script_cve_id("CVE-2010-0015");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1973-1 (glibc, eglibc)");
+
+ desc = "The remote host is missing an update to glibc, eglibc
+announced via advisory DSA 1973-1.
+
+Christoph Pleger has discovered that the GNU C Library (aka glibc) and
+its derivatives add information from the passwd.adjunct.byname map to
+entries in the passwd map, which allows local users to obtain the
+encrypted passwords of NIS accounts by calling the getpwnam function.
+
+
+For the oldstable distribution (etch), this problem has been fixed in
+version 2.3.6.ds1-13etch10 of the glibc package.
+
+For the stable distribution (lenny), this problem has been fixed in
+version 2.7-18lenny2 of the glibc package.
+
+For the unstable distribution (sid) this problem has been fixed in
+version 2.10.2-4 of the eglibc package.
+
+
+We recommend that you upgrade your glibc or eglibc package.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201973-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1973-1 (glibc, eglibc)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"glibc-doc", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"locales", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6.1", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"nscd", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"locales-all", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6.1-prof", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6.1-pic", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6.1-dbg", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6.1-dev", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-prof", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-dbg", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-dev-i386", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-pic", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-dev", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-i386", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-xen", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-i686", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-amd64", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-dev-amd64", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-ppc64", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-dev-ppc64", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-dev-s390x", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-s390x", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-sparcv9b", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-sparc64", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-sparcv9", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-dev-sparc64", ver:"2.3.6.ds1-13etch10", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"locales", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"glibc-doc", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"glibc-source", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6.1-dbg", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6.1-pic", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6.1-prof", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6.1-dev", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"nscd", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6.1", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6.1-alphaev67", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"locales-all", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-dev", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-i386", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-prof", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-dbg", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-pic", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-dev-i386", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-i686", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-dev-amd64", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-xen", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-amd64", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-dev-mips64", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-mips64", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-mipsn32", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-dev-mipsn32", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-ppc64", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-dev-ppc64", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-dev-s390x", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-s390x", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-sparc64", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-sparcv9b", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"libc6-dev-sparc64", ver:"2.7-18lenny2", rls:"DEB5.0")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/deb_1974_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1974_1.nasl 2010-02-01 16:24:34 UTC (rev 6603)
+++ trunk/openvas-plugins/scripts/deb_1974_1.nasl 2010-02-01 17:25:19 UTC (rev 6604)
@@ -0,0 +1,107 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1974-1 (gzip)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66771);
+ script_cve_id("CVE-2009-2624", "CVE-2010-0001", "CVE-2006-4334");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1974-1 (gzip)");
+
+ desc = "The remote host is missing an update to gzip
+announced via advisory DSA 1974-1.
+
+Several vulnerabilities have been found in gzip, the GNU compression
+utilities. The Common Vulnerabilities and Exposures project identifies
+the following problems:
+
+CVE-2009-2624
+
+Thiemo Nagel discovered a missing input sanitation flaw in the way gzip
+used to decompress data blocks for dynamic Huffman codes, which could
+lead to the execution of arbitrary code when trying to decompress a
+crafted archive. This issue is a reappearance of CVE-2006-4334 and only
+affects the lenny version.
+
+CVE-2010-0001
+
+Aki Helin discovered an integer underflow when decompressing files that
+are compressed using the LZW algorithm. This could lead to the execution
+of arbitrary code when trying to decompress a crafted LZW compressed
+gzip archive.
+
+
+For the stable distribution (lenny), these problems have been fixed in
+version 1.3.12-6+lenny1.
+
+For the oldstable distribution (etch), these problems have been fixed in
+version 1.3.5-15+etch1.
+
+For the testing distribution (squeeze) and the unstable distribution
+(sid), these problems will be fixed soon.
+
+
+We recommend that you upgrade your gzip packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201974-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1974-1 (gzip)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"gzip", ver:"1.3.5-15+etch1", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"gzip-win32", ver:"1.3.12-6+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"gzip", ver:"1.3.12-6+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/deb_1978_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1978_1.nasl 2010-02-01 16:24:34 UTC (rev 6603)
+++ trunk/openvas-plugins/scripts/deb_1978_1.nasl 2010-02-01 17:25:19 UTC (rev 6604)
@@ -0,0 +1,147 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1978-1 (phpgroupware)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66772);
+ script_cve_id("CVE-2009-4414", "CVE-2009-4415", "CVE-2009-4416");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1978-1 (phpgroupware)");
+
+ desc = "The remote host is missing an update to phpgroupware
+announced via advisory DSA 1978-1.
+
+Several remote vulnerabilities have been discovered in phpgroupware, a
+Web based groupware system written in PHP. The Common Vulnerabilities
+and Exposures project identifies the following problems:
+
+CVE-2009-4414
+
+An SQL injection vulnerability was found in the authentication
+module.
+
+CVE-2009-4415
+
+Multiple directory traversal vulnerabilities were found in the
+addressbook module.
+
+CVE-2009-4416
+
+The authentication module is affected by cross-site scripting.
+
+
+For the stable distribution (lenny) these problems have been fixed in
+version 0.9.16.012+dfsg-8+lenny1.
+
+For the unstable distribution (sid) these problems have been fixed in
+version 0.9.16.012+dfsg-9.
+
+We recommend that you upgrade your phpgroupware packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201978-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1978-1 (phpgroupware)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"phpgroupware-0.9.16-email", ver:"0.9.16.012+dfsg-8+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"phpgroupware-0.9.16-core-base", ver:"0.9.16.012+dfsg-8+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"phpgroupware-0.9.16-calendar", ver:"0.9.16.012+dfsg-8+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"phpgroupware-0.9.16-addressbook", ver:"0.9.16.012+dfsg-8+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"phpgroupware", ver:"0.9.16.012+dfsg-8+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"phpgroupware-0.9.16-news-admin", ver:"0.9.16.012+dfsg-8+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"phpgroupware-0.9.16-manual", ver:"0.9.16.012+dfsg-8+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"phpgroupware-0.9.16-filemanager", ver:"0.9.16.012+dfsg-8+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"phpgroupware-0.9.16-phpgwapi", ver:"0.9.16.012+dfsg-8+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"phpgroupware-0.9.16-preferences", ver:"0.9.16.012+dfsg-8+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"phpgroupware-0.9.16", ver:"0.9.16.012+dfsg-8+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"phpgroupware-0.9.16-core", ver:"0.9.16.012+dfsg-8+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"phpgroupware-0.9.16-admin", ver:"0.9.16.012+dfsg-8+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"phpgroupware-0.9.16-notes", ver:"0.9.16.012+dfsg-8+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"phpgroupware-0.9.16-doc", ver:"0.9.16.012+dfsg-8+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"phpgroupware-0.9.16-phpgwapi-doc", ver:"0.9.16.012+dfsg-8+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"phpgroupware-0.9.16-setup", ver:"0.9.16.012+dfsg-8+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"phpgroupware-0.9.16-todo", ver:"0.9.16.012+dfsg-8+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/deb_1980_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1980_1.nasl 2010-02-01 16:24:34 UTC (rev 6603)
+++ trunk/openvas-plugins/scripts/deb_1980_1.nasl 2010-02-01 17:25:19 UTC (rev 6604)
@@ -0,0 +1,104 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1980-1 (ircd-hybrid/ircd-ratbox)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66773);
+ script_cve_id("CVE-2009-4016", "CVE-2010-0300");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1980-1 (ircd-hybrid/ircd-ratbox)");
+
+ desc = "The remote host is missing an update to ircd-hybrid/ircd-ratbox
+announced via advisory DSA 1980-1.
+
+
+David Leadbeater discovered an integer underflow that could be triggered
+via the LINKS command and can lead to a denial of service or the
+execution of arbitrary code (CVE-2009-4016). This issue affects both,
+ircd-hybrid and ircd-ratbox.
+
+It was discovered that the ratbox IRC server is prone to a denial of
+service attack via the HELP command. The ircd-hybrid package is not
+vulnerable to this issue (CVE-2010-0300).
+
+
+For the stable distribution (lenny), this problem has been fixed in
+version 1:7.2.2.dfsg.2-4+lenny1 of the ircd-hybrid package and in
+version 2.2.8.dfsg-2+lenny1 of ircd-ratbox.
+
+Due to a bug in the archive software it was not possible to release the
+fix for the oldstable distribution (etch) simultaneously. The packages
+will be released as version 7.2.2.dfsg.2-3+etch1 once they become
+available.
+
+For the testing distribution (squeeze) and the unstable distribution
+(sid), this problem will be fixed soon.
+
+
+We recommend that you upgrade your ircd-hybrid/ircd-ratbox packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201980-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1980-1 (ircd-hybrid/ircd-ratbox)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"hybrid-dev", ver:"7.2.2.dfsg.2-4+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"ircd-ratbox", ver:"2.2.8.dfsg-2+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"ircd-ratbox-dbg", ver:"2.2.8.dfsg-2+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"ircd-hybrid", ver:"7.2.2.dfsg.2-4+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/deb_1981_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1981_1.nasl 2010-02-01 16:24:34 UTC (rev 6603)
+++ trunk/openvas-plugins/scripts/deb_1981_1.nasl 2010-02-01 17:25:19 UTC (rev 6604)
@@ -0,0 +1,89 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1981-1 (maildrop)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66774);
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1981-1 (maildrop)");
+
+ desc = "The remote host is missing an update to maildrop
+announced via advisory DSA 1981-1.
+
+
+Christoph Anton Mitterer discovered that maildrop, a mail delivery agent
+with filtering abilities, is prone to a privilege escalation issue that
+grants a user root group privileges.
+
+
+For the stable distribution (lenny), this problem has been fixed in
+version 2.0.4-3+lenny1.
+
+For the oldstable distribution (etch), this problem has been fixed in
+version 2.0.2-11+etch1.
+
+For the testing distribution (squeeze) and the unstable distribution
+(sid), this problem will be fixed soon.
+
+
+We recommend that you upgrade your maildrop packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201981-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1981-1 (maildrop)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"maildrop", ver:"2.0.2-11+etch1", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"maildrop", ver:"2.0.4-3+lenny1", rls:"DEB5.0")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
Added: trunk/openvas-plugins/scripts/deb_1981_2.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1981_2.nasl 2010-02-01 16:24:34 UTC (rev 6603)
+++ trunk/openvas-plugins/scripts/deb_1981_2.nasl 2010-02-01 17:25:19 UTC (rev 6604)
@@ -0,0 +1,97 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1981-2 (maildrop)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66775);
+ script_cve_id("CVE-2010-0301");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1981-2 (maildrop)");
+
+ desc = "The remote host is missing an update to maildrop
+announced via advisory DSA 1981-2.
+
+The latest DSA for maildrop introduced two regressions. The maildrop
+program stopped working when invoked as a non-root user, such as with
+postfix. Also, the lenny version dropped a dependency on the
+courier-authlib package.
+
+
+For the stable distribution (lenny), this problem has been fixed in
+version 2.0.4-3+lenny3.
+
+For the oldstable distribution (etch), this problem has been fixed in
+version 2.0.2-11+etch2.
+
+For the testing distribution (squeeze) this problem will be fixed soon.
+
+For the unstable distribution (sid), this problem has been fixed in
+version 2.2.0-3.1.
+
+For reference, the original advisory text is below.
+
+Christoph Anton Mitterer discovered that maildrop, a mail delivery agent
+with filtering abilities, is prone to a privilege escalation issue that
+grants a user root group privileges.
+
+We recommend that you upgrade your maildrop packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201981-2
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1981-2 (maildrop)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"maildrop", ver:"2.0.2-11+etch2", rls:"DEB4.0")) {
+ vuln = 1;
+}
+if(isdpkgvuln(pkg:"maildrop", ver:"2.0.4-3+lenny3", rls:"DEB5.0")) {
+ vuln = 1;
+}
+
+if(vuln) {
+ security_hole(0);
+}
More information about the Openvas-commits
mailing list