[Openvas-commits] r6710 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Wed Feb 10 21:51:28 CET 2010


Author: reinke
Date: 2010-02-10 21:51:26 +0100 (Wed, 10 Feb 2010)
New Revision: 6710

Added:
   trunk/openvas-plugins/scripts/deb_1841_2.nasl
   trunk/openvas-plugins/scripts/deb_1982_1.nasl
   trunk/openvas-plugins/scripts/deb_1983_1.nasl
   trunk/openvas-plugins/scripts/deb_1986_1.nasl
   trunk/openvas-plugins/scripts/deb_1987_1.nasl
   trunk/openvas-plugins/scripts/deb_1991_1.nasl
   trunk/openvas-plugins/scripts/deb_1992_1.nasl
   trunk/openvas-plugins/scripts/freebsd_ZendFramework0.nasl
   trunk/openvas-plugins/scripts/freebsd_apache16.nasl
   trunk/openvas-plugins/scripts/freebsd_bugzilla9.nasl
   trunk/openvas-plugins/scripts/freebsd_dokuwiki5.nasl
   trunk/openvas-plugins/scripts/freebsd_ircd-ratbox.nasl
   trunk/openvas-plugins/scripts/freebsd_otrs.nasl
   trunk/openvas-plugins/scripts/freebsd_powerdns-recursor0.nasl
   trunk/openvas-plugins/scripts/freebsd_squid24.nasl
   trunk/openvas-plugins/scripts/freebsd_wireshark3.nasl
Modified:
   trunk/openvas-plugins/ChangeLog
Log:
New scripts added

Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2010-02-10 17:13:46 UTC (rev 6709)
+++ trunk/openvas-plugins/ChangeLog	2010-02-10 20:51:26 UTC (rev 6710)
@@ -1,5 +1,25 @@
 2010-02-10 Thomas Reinke <reinke at securityspace.com>
 
+	* scripts/deb_1841_2.nasl,
+	scripts/deb_1982_1.nasl,
+	scripts/deb_1983_1.nasl,
+	scripts/deb_1986_1.nasl,
+	scripts/deb_1987_1.nasl,
+	scripts/deb_1991_1.nasl,
+	scripts/deb_1992_1.nasl,
+	scripts/freebsd_ZendFramework0.nasl,
+	scripts/freebsd_apache16.nasl,
+	scripts/freebsd_bugzilla9.nasl,
+	scripts/freebsd_dokuwiki5.nasl,
+	scripts/freebsd_ircd-ratbox.nasl,
+	scripts/freebsd_otrs.nasl,
+	scripts/freebsd_powerdns-recursor0.nasl,
+	scripts/freebsd_squid24.nasl,
+	scripts/freebsd_wireshark3.nasl:
+	New scripts.
+
+2010-02-10 Thomas Reinke <reinke at securityspace.com>
+
 	* scripts/pkg-lib-rpm.inc
 	Added patch to handle specific instances where strings cannot
 	be compared in revcomp() and get the expected results.

Added: trunk/openvas-plugins/scripts/deb_1841_2.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1841_2.nasl	2010-02-10 17:13:46 UTC (rev 6709)
+++ trunk/openvas-plugins/scripts/deb_1841_2.nasl	2010-02-10 20:51:26 UTC (rev 6710)
@@ -0,0 +1,150 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1841-2 (git-core)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66803);
+ script_cve_id("CVE-2009-2108");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1841-2 (git-core)");
+
+ desc = "The remote host is missing an update to git-core
+announced via advisory DSA 1841-2.
+
+A bug in git-core caused the security update in DSA 1841 to fail to
+build on a number of architectures Debian supports. This update corrects
+the bug and releases builds for all supported architectures. The original
+advisory is quoted in full below for reference.
+
+It was discovered that git-daemon which is part of git-core, a popular
+distributed revision control system, is vulnerable to denial of service
+attacks caused by a programming mistake in handling requests containing
+extra unrecognized arguments which results in an infinite loop. While
+this is no problem for the daemon itself as every request will spawn a
+new git-daemon instance, this still results in a very high CPU consumption
+and might lead to denial of service conditions.
+
+For the oldstable distribution (etch), this problem has been fixed in
+version 1.4.4.4-4+etch4.
+
+For the stable distribution (lenny), this problem has been fixed in
+version 1.5.6.5-3+lenny3.
+
+For the testing distribution (squeeze), this problem has been fixed in
+version 1:1.6.3.3-1.
+
+For the unstable distribution (sid), this problem has been fixed in
+version 1:1.6.3.3-1.
+
+We recommend that you upgrade your git-core packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201841-2
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1841-2 (git-core)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"gitk", ver:"1.4.4.4-4+etch4", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"git-cvs", ver:"1.4.4.4-4+etch4", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"git-svn", ver:"1.4.4.4-4+etch4", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"git-email", ver:"1.4.4.4-4+etch4", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"git-arch", ver:"1.4.4.4-4+etch4", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gitweb", ver:"1.4.4.4-4+etch4", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"git-daemon-run", ver:"1.4.4.4-4+etch4", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"git-doc", ver:"1.4.4.4-4+etch4", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"git-core", ver:"1.4.4.4-4+etch4", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gitweb", ver:"1.5.6.5-3+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"git-daemon-run", ver:"1.5.6.5-3+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"git-arch", ver:"1.5.6.5-3+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"git-cvs", ver:"1.5.6.5-3+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"gitk", ver:"1.5.6.5-3+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"git-gui", ver:"1.5.6.5-3+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"git-svn", ver:"1.5.6.5-3+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"git-doc", ver:"1.5.6.5-3+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"git-email", ver:"1.5.6.5-3+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"git-core", ver:"1.5.6.5-3+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_1982_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1982_1.nasl	2010-02-10 17:13:46 UTC (rev 6709)
+++ trunk/openvas-plugins/scripts/deb_1982_1.nasl	2010-02-10 20:51:26 UTC (rev 6710)
@@ -0,0 +1,91 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1982-1 (hybserv)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66804);
+ script_cve_id("CVE-2010-0303");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1982-1 (hybserv)");
+
+ desc = "The remote host is missing an update to hybserv
+announced via advisory DSA 1982-1.
+
+
+Julien Cristau discovered that hybserv, a daemon running IRC services
+for IRCD-Hybrid, is prone to a denial of service attack via the commands
+option.
+
+
+For the stable distribution (lenny), this problem has been fixed in
+version 1.9.2-4+lenny2.
+
+Due to a bug in the archive system, it is not possible to release the
+fix for the oldstable distribution (etch) simultaneously. Therefore,
+etch will be fixed in version 1.9.2-4+etch1 as soon as it becomes
+available.
+
+For the testing distribution (squeeze), this problem will be fixed soon.
+
+For the unstable distribution (sid), this problem has been fixed in
+version 1.9.2-4.1.
+
+
+We recommend that you upgrade your hybserv packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201982-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1982-1 (hybserv)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"hybserv", ver:"1.9.2-4+lenny2", rls:"DEB5.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_1983_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1983_1.nasl	2010-02-10 17:13:46 UTC (rev 6709)
+++ trunk/openvas-plugins/scripts/deb_1983_1.nasl	2010-02-10 20:51:26 UTC (rev 6710)
@@ -0,0 +1,99 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1983-1 (wireshark)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66805);
+ script_cve_id("CVE-2009-4337", "CVE-2010-0304");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1983-1 (wireshark)");
+
+ desc = "The remote host is missing an update to wireshark
+announced via advisory DSA 1983-1.
+
+Several remote vulnerabilities have been discovered in the Wireshark
+network traffic analyzer, which may lead to the execution of arbitrary
+code or denial of service. The Common Vulnerabilities and Exposures
+project identifies the following problems:
+
+CVE-2009-4337
+
+A NULL pointer dereference was found in the SMB/SMB2 dissectors.
+
+CVE-2010-0304
+
+Several buffer overflows were found in the LWRES dissector.
+
+For the stable distribution (lenny), this problem has been fixed in
+version 1.0.2-3+lenny8.
+
+For the unstable distribution (sid) these problems have been fixed in
+version 1.2.6-1.
+
+We recommend that you upgrade your Wireshark packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201983-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1983-1 (wireshark)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"wireshark-dev", ver:"1.0.2-3+lenny8", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"wireshark-common", ver:"1.0.2-3+lenny8", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"wireshark", ver:"1.0.2-3+lenny8", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"tshark", ver:"1.0.2-3+lenny8", rls:"DEB5.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_1986_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1986_1.nasl	2010-02-10 17:13:46 UTC (rev 6709)
+++ trunk/openvas-plugins/scripts/deb_1986_1.nasl	2010-02-10 20:51:26 UTC (rev 6710)
@@ -0,0 +1,127 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1986-1 (moodle)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66807);
+ script_cve_id("CVE-2009-4297", "CVE-2009-4298", "CVE-2009-4299", "CVE-2009-4301", "CVE-2009-4302", "CVE-2009-4303", "CVE-2009-4305");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1986-1 (moodle)");
+
+ desc = "The remote host is missing an update to moodle
+announced via advisory DSA 1986-1.
+
+
+Several vulnerabilities have been discovered in Moodle, an online
+course management system. The Common Vulnerabilities and Exposures
+project identifies the following problems:
+
+CVE-2009-4297
+
+Multiple cross-site request forgery (CSRF) vulnerabilities have been
+discovered.
+
+CVE-2009-4298
+
+It has been discovered that the LAMS module is prone to the disclosure
+of user account information.
+
+CVE-2009-4299
+
+The Glossary module has an insufficient access control mechanism.
+
+CVE-2009-4301
+
+Moodle does not properly check permissions when the MNET service is
+enabled, which allows remote authenticated servers to execute arbitrary
+MNET functions.
+
+CVE-2009-4302
+
+The login/index_form.html page links to an HTTP page instead of using an
+SSL secured connection.
+
+CVE-2009-4303
+
+Moodle stores sensitive data in backup files, which might make it
+possible for attackers to obtain them.
+
+CVE-2009-4305
+
+It has been discovered that the SCORM module is prone to an SQL
+injection.
+
+Additionally, an SQL injection in the update_record function, a problem
+with symbolic links and a verification problem with Glossary, database
+and forum ratings have been fixed.
+
+
+For the stable distribution (lenny), these problems have been fixed in
+version 1.8.2.dfsg-3+lenny3.
+
+For the oldstable distribution (etch), there are no fixed packages
+available and it is too hard to backport many of the fixes. Therefore,
+we recommend to upgrade to the lenny version.
+
+For the testing distribution (squeeze) and the unstable distribution
+(sid), these problems have been fixed in version 1.8.2.dfsg-6.
+
+
+We recommend that you upgrade your moodle packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201986-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1986-1 (moodle)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"moodle", ver:"1.8.2.dfsg-3+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_1987_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1987_1.nasl	2010-02-10 17:13:46 UTC (rev 6709)
+++ trunk/openvas-plugins/scripts/deb_1987_1.nasl	2010-02-10 20:51:26 UTC (rev 6710)
@@ -0,0 +1,128 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1987-1 (lighttpd)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66806);
+ script_cve_id("CVE-2010-0295");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1987-1 (lighttpd)");
+
+ desc = "The remote host is missing an update to lighttpd
+announced via advisory DSA 1987-1.
+
+Li Ming discovered that lighttpd, a small and fast webserver with minimal
+memory footprint, is vulnerable to a denial of service attack due to bad
+memory handling.  Slowly sending very small chunks of request data causes
+lighttpd to allocate new buffers for each read instead of appending to
+old ones.  An attacker can abuse this behaviour to cause denial of service
+conditions due to memory exhaustion.
+
+
+For the oldstable distribution (etch), this problem has been fixed in
+version 1.4.13-4etch12.
+
+For the stable distribution (lenny), this problem has been fixed in
+version 1.4.19-5+lenny1.
+
+For the testing (squeeze) and unstable (sid) distribution, this problem
+will be fixed soon.
+
+
+We recommend that you upgrade your lighttpd packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201987-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1987-1 (lighttpd)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"lighttpd-doc", ver:"1.4.13-4etch12", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"lighttpd-mod-mysql-vhost", ver:"1.4.13-4etch12", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"lighttpd", ver:"1.4.13-4etch12", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"lighttpd-mod-magnet", ver:"1.4.13-4etch12", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"lighttpd-mod-webdav", ver:"1.4.13-4etch12", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"lighttpd-mod-trigger-b4-dl", ver:"1.4.13-4etch12", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"lighttpd-mod-cml", ver:"1.4.13-4etch12", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"lighttpd-doc", ver:"1.4.19-5+lenny1", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"lighttpd-mod-cml", ver:"1.4.19-5+lenny1", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"lighttpd", ver:"1.4.19-5+lenny1", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"lighttpd-mod-webdav", ver:"1.4.19-5+lenny1", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"lighttpd-mod-mysql-vhost", ver:"1.4.19-5+lenny1", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"lighttpd-mod-magnet", ver:"1.4.19-5+lenny1", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"lighttpd-mod-trigger-b4-dl", ver:"1.4.19-5+lenny1", rls:"DEB5.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_1991_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1991_1.nasl	2010-02-10 17:13:46 UTC (rev 6709)
+++ trunk/openvas-plugins/scripts/deb_1991_1.nasl	2010-02-10 20:51:26 UTC (rev 6710)
@@ -0,0 +1,140 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1991-1 (squid/squid3)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66808);
+ script_cve_id("CVE-2009-2855", "CVE-2010-0308");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1991-1 (squid/squid3)");
+
+ desc = "The remote host is missing an update to squid/squid3
+announced via advisory DSA 1991-1.
+
+Two denial of service vulnerabilities have been discovered in
+squid and squid3, a web proxy. The Common Vulnerabilities and Exposures
+project identifies the following problems:
+
+CVE-2009-2855
+
+Bastian Blank discovered that it is possible to cause a denial of
+service via a crafted auth header with certain comma delimiters.
+
+CVE-2010-0308
+
+Tomas Hoger discovered that it is possible to cause a denial of service
+via invalid DNS header-only packets.
+
+
+For the stable distribution (lenny), these problems have been fixed in
+version 2.7.STABLE3-4.1lenny1 of the squid package and version
+3.0.STABLE8-3+lenny3 of the squid3 package.
+
+For the oldstable distribution (etch), these problems have been fixed in
+version 2.6.5-6etch5 of the squid package and version 3.0.PRE5-5+etch2
+of the squid3 package.
+
+For the testing distribution (squeeze) and the unstable distribution
+(sid), these problems will be fixed soon.
+
+
+We recommend that you upgrade your squid/squid3 packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201991-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1991-1 (squid/squid3)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"squid3-common", ver:"3.0.PRE5-5+etch2", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"squid-common", ver:"2.6.5-6etch5", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"squid3-cgi", ver:"3.0.PRE5-5+etch2", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"squid3-client", ver:"3.0.PRE5-5+etch2", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"squid3", ver:"3.0.PRE5-5+etch2", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"squid-cgi", ver:"2.6.5-6etch5", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"squid", ver:"2.6.5-6etch5", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"squidclient", ver:"2.6.5-6etch5", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"squid-common", ver:"2.7.STABLE3-4.1lenny1", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"squid3-common", ver:"3.0.STABLE8-3+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"squid", ver:"2.7.STABLE3-4.1lenny1", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"squidclient", ver:"3.0.STABLE8-3+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"squid3", ver:"3.0.STABLE8-3+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"squid-cgi", ver:"2.7.STABLE3-4.1lenny1", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"squid3-cgi", ver:"3.0.STABLE8-3+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_1992_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1992_1.nasl	2010-02-10 17:13:46 UTC (rev 6709)
+++ trunk/openvas-plugins/scripts/deb_1992_1.nasl	2010-02-10 20:51:26 UTC (rev 6710)
@@ -0,0 +1,112 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1992-1 (chrony)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66809);
+ script_cve_id("CVE-2010-0292", "CVE-2010-0293", "CVE-2010-0294", "CVE-2009-3563");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 1992-1 (chrony)");
+
+ desc = "The remote host is missing an update to chrony
+announced via advisory DSA 1992-1.
+
+Several vulnerabilities have been discovered in chrony, a pair of programs
+which are used to maintain the accuracy of the system clock on a computer.
+This issues are similar to the NTP security flaw CVE-2009-3563.  The Common
+Vulnerabilities and Exposures project identifies the following problems:
+
+CVE-2010-0292
+
+chronyd replies to all cmdmon packets with NOHOSTACCESS messages even for
+unauthorized hosts.  An attacker can abuse this behaviour to force two
+chronyd instances to play packet ping-pong by sending such a packet with
+spoofed source address and port.  This results in high CPU and network
+usage and thus denial of service conditions.
+
+CVE-2010-0293
+
+The client logging facility of chronyd doesn't limit memory that is used
+to store client information.  An attacker can cause chronyd to allocate
+large amounts of memory by sending NTP or cmdmon packets with spoofed
+source addresses resulting in memory exhaustion.
+
+CVE-2010-0294
+
+chronyd lacks of a rate limit control to the syslog facility when logging
+received packets from unauthorized hosts.  This allows an attacker to
+cause denial of service conditions via filling up the logs and thus disk
+space by repeatedly sending invalid cmdmon packets.
+
+
+For the oldstable distribution (etch), this problem has been fixed in
+version 1.21z-5+etch1.
+
+For the stable distribution (lenny), this problem has been fixed in
+version 1.23-6+lenny1.
+
+For the testing (squeeze) and unstable (sid) distribution, this problem
+will be fixed soon.
+
+
+We recommend that you upgrade your chrony packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201992-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 1992-1 (chrony)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"chrony", ver:"1.21z-5+etch1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"chrony", ver:"1.23-6+lenny1", rls:"DEB5.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_ZendFramework0.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_ZendFramework0.nasl	2010-02-10 17:13:46 UTC (rev 6709)
+++ trunk/openvas-plugins/scripts/freebsd_ZendFramework0.nasl	2010-02-10 20:51:26 UTC (rev 6710)
@@ -0,0 +1,84 @@
+#
+#VID c9263916-006f-11df-94cb-0050568452ac
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID c9263916-006f-11df-94cb-0050568452ac
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66821);
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: ZendFramework");
+
+ desc = "The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: ZendFramework
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://framework.zend.com/security/advisory/ZF2010-06
+http://framework.zend.com/security/advisory/ZF2010-05
+http://framework.zend.com/security/advisory/ZF2010-04
+http://framework.zend.com/security/advisory/ZF2010-03
+http://framework.zend.com/security/advisory/ZF2010-02
+http://framework.zend.com/security/advisory/ZF2010-01
+http://framework.zend.com/security/advisory/ZF2009-02
+http://framework.zend.com/security/advisory/ZF2009-01
+http://www.vuxml.org/freebsd/c9263916-006f-11df-94cb-0050568452ac.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: ZendFramework");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"ZendFramework");
+if(!isnull(bver) && revcomp(a:bver, b:"1.9.7")<0) {
+    security_note(0, data:"Package ZendFramework version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_apache16.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_apache16.nasl	2010-02-10 17:13:46 UTC (rev 6709)
+++ trunk/openvas-plugins/scripts/freebsd_apache16.nasl	2010-02-10 20:51:26 UTC (rev 6710)
@@ -0,0 +1,201 @@
+#
+#VID cae01d7b-110d-11df-955a-00219b0fc4d8
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID cae01d7b-110d-11df-955a-00219b0fc4d8
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66816);
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: apache");
+
+ desc = "The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following packages are affected:
+   apache
+   apache+mod_perl
+   apache+ipv6
+   apache_fp
+   ru-apache
+   ru-apache+mod_ssl
+   apache+ssl
+   apache+mod_ssl
+   apache+mod_ssl+ipv6
+   apache+mod_ssl+mod_accel
+   apache+mod_ssl+mod_accel+ipv6
+   apache+mod_ssl+mod_accel+mod_deflate
+   apache+mod_ssl+mod_accel+mod_deflate+ipv6
+   apache+mod_ssl+mod_deflate
+   apache+mod_ssl+mod_deflate+ipv6
+   apache+mod_ssl+mod_snmp
+   apache+mod_ssl+mod_snmp+mod_accel
+   apache+mod_ssl+mod_snmp+mod_accel+ipv6
+   apache+mod_ssl+mod_snmp+mod_deflate
+   apache+mod_ssl+mod_snmp+mod_deflate+ipv6
+   apache+mod_ssl+mod_snmp+mod_accel+mod_deflate+ipv6
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0010
+http://www.security-database.com/detail.php?alert=CVE-2010-0010
+http://security-tracker.debian.org/tracker/CVE-2010-0010
+http://www.vupen.com/english/Reference-CVE-2010-0010.php
+http://www.vuxml.org/freebsd/cae01d7b-110d-11df-955a-00219b0fc4d8.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: apache");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"apache");
+if(!isnull(bver) && revcomp(a:bver, b:"1.3.42")<0) {
+    security_note(0, data:"Package apache version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"apache+mod_perl");
+if(!isnull(bver) && revcomp(a:bver, b:"1.3.42")<0) {
+    security_note(0, data:"Package apache+mod_perl version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"apache+ipv6");
+if(!isnull(bver) && revcomp(a:bver, b:"1.3.42")<0) {
+    security_note(0, data:"Package apache+ipv6 version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"apache_fp");
+if(!isnull(bver) && revcomp(a:bver, b:"0")>=0) {
+    security_note(0, data:"Package apache_fp version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"ru-apache");
+if(!isnull(bver) && revcomp(a:bver, b:"1.3.42+30.23")<0) {
+    security_note(0, data:"Package ru-apache version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"ru-apache+mod_ssl");
+if(!isnull(bver) && revcomp(a:bver, b:"1.3.42")<0) {
+    security_note(0, data:"Package ru-apache+mod_ssl version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"apache+ssl");
+if(!isnull(bver) && revcomp(a:bver, b:"1.3.42.1.57_2")<0) {
+    security_note(0, data:"Package apache+ssl version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"apache+mod_ssl");
+if(!isnull(bver) && revcomp(a:bver, b:"1.3.42+2.8.27_1")<0) {
+    security_note(0, data:"Package apache+mod_ssl version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"apache+mod_ssl+ipv6");
+if(!isnull(bver) && revcomp(a:bver, b:"1.3.42+2.8.27_1")<0) {
+    security_note(0, data:"Package apache+mod_ssl+ipv6 version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"apache+mod_ssl+mod_accel");
+if(!isnull(bver) && revcomp(a:bver, b:"1.3.42+2.8.27_1")<0) {
+    security_note(0, data:"Package apache+mod_ssl+mod_accel version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"apache+mod_ssl+mod_accel+ipv6");
+if(!isnull(bver) && revcomp(a:bver, b:"1.3.42+2.8.27_1")<0) {
+    security_note(0, data:"Package apache+mod_ssl+mod_accel+ipv6 version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"apache+mod_ssl+mod_accel+mod_deflate");
+if(!isnull(bver) && revcomp(a:bver, b:"1.3.42+2.8.27_1")<0) {
+    security_note(0, data:"Package apache+mod_ssl+mod_accel+mod_deflate version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"apache+mod_ssl+mod_accel+mod_deflate+ipv6");
+if(!isnull(bver) && revcomp(a:bver, b:"1.3.42+2.8.27_1")<0) {
+    security_note(0, data:"Package apache+mod_ssl+mod_accel+mod_deflate+ipv6 version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"apache+mod_ssl+mod_deflate");
+if(!isnull(bver) && revcomp(a:bver, b:"1.3.42+2.8.27_1")<0) {
+    security_note(0, data:"Package apache+mod_ssl+mod_deflate version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"apache+mod_ssl+mod_deflate+ipv6");
+if(!isnull(bver) && revcomp(a:bver, b:"1.3.42+2.8.27_1")<0) {
+    security_note(0, data:"Package apache+mod_ssl+mod_deflate+ipv6 version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"apache+mod_ssl+mod_snmp");
+if(!isnull(bver) && revcomp(a:bver, b:"1.3.42+2.8.27_1")<0) {
+    security_note(0, data:"Package apache+mod_ssl+mod_snmp version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"apache+mod_ssl+mod_snmp+mod_accel");
+if(!isnull(bver) && revcomp(a:bver, b:"1.3.42+2.8.27_1")<0) {
+    security_note(0, data:"Package apache+mod_ssl+mod_snmp+mod_accel version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"apache+mod_ssl+mod_snmp+mod_accel+ipv6");
+if(!isnull(bver) && revcomp(a:bver, b:"1.3.42+2.8.27_1")<0) {
+    security_note(0, data:"Package apache+mod_ssl+mod_snmp+mod_accel+ipv6 version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"apache+mod_ssl+mod_snmp+mod_deflate");
+if(!isnull(bver) && revcomp(a:bver, b:"1.3.42+2.8.27_1")<0) {
+    security_note(0, data:"Package apache+mod_ssl+mod_snmp+mod_deflate version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"apache+mod_ssl+mod_snmp+mod_deflate+ipv6");
+if(!isnull(bver) && revcomp(a:bver, b:"1.3.42+2.8.27_1")<0) {
+    security_note(0, data:"Package apache+mod_ssl+mod_snmp+mod_deflate+ipv6 version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"apache+mod_ssl+mod_snmp+mod_accel+mod_deflate+ipv6");
+if(!isnull(bver) && revcomp(a:bver, b:"1.3.42+2.8.27_1")<0) {
+    security_note(0, data:"Package apache+mod_ssl+mod_snmp+mod_accel+mod_deflate+ipv6 version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_bugzilla9.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_bugzilla9.nasl	2010-02-10 17:13:46 UTC (rev 6709)
+++ trunk/openvas-plugins/scripts/freebsd_bugzilla9.nasl	2010-02-10 20:51:26 UTC (rev 6710)
@@ -0,0 +1,85 @@
+#
+#VID 696053c6-0f50-11df-a628-001517351c22
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID 696053c6-0f50-11df-a628-001517351c22
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66818);
+ script_cve_id("CVE-2009-3387");
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: bugzilla");
+
+ desc = "The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: bugzilla
+
+CVE-2009-3387
+Bugzilla 3.3.1 through 3.4.4, 3.5.1, and 3.5.2 does not allow group
+restrictions to be preserved throughout the process of moving a bug to
+a different product category, which allows remote attackers to obtain
+sensitive information via a request for a bug in opportunistic
+circumstances.
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://www.bugzilla.org/security/3.0.10/
+http://www.vuxml.org/freebsd/696053c6-0f50-11df-a628-001517351c22.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: bugzilla");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"bugzilla");
+if(!isnull(bver) && revcomp(a:bver, b:"3.3.1")>0 && revcomp(a:bver, b:"3.4.5")<0) {
+    security_note(0, data:"Package bugzilla version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_dokuwiki5.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_dokuwiki5.nasl	2010-02-10 17:13:46 UTC (rev 6709)
+++ trunk/openvas-plugins/scripts/freebsd_dokuwiki5.nasl	2010-02-10 20:51:26 UTC (rev 6710)
@@ -0,0 +1,78 @@
+#
+#VID 848539dc-0458-11df-8dd7-002170daae37
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID 848539dc-0458-11df-8dd7-002170daae37
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66820);
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: dokuwiki");
+
+ desc = "The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: dokuwiki
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://bugs.splitbrain.org/index.php?do=details&task_id=1847
+http://bugs.splitbrain.org/index.php?do=details&task_id=1853
+http://www.vuxml.org/freebsd/848539dc-0458-11df-8dd7-002170daae37.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: dokuwiki");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"dokuwiki");
+if(!isnull(bver) && revcomp(a:bver, b:"20091225_2")<0) {
+    security_note(0, data:"Package dokuwiki version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_ircd-ratbox.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_ircd-ratbox.nasl	2010-02-10 17:13:46 UTC (rev 6709)
+++ trunk/openvas-plugins/scripts/freebsd_ircd-ratbox.nasl	2010-02-10 20:51:26 UTC (rev 6710)
@@ -0,0 +1,99 @@
+#
+#VID 192609c8-0c51-11df-82a0-00248c9b4be7
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID 192609c8-0c51-11df-82a0-00248c9b4be7
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66819);
+ script_cve_id("CVE-2009-4016", "CVE-2010-0300");
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: ircd-ratbox");
+
+ desc = "The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following packages are affected:
+   ircd-ratbox
+   ircd-ratbox-devel
+
+CVE-2009-4016
+Integer underflow in the clean_string function in irc_string.c in (1)
+IRCD-hybrid 7.2.2 and 7.2.3, (2) ircd-ratbox before 2.2.9, and (3)
+oftc-hybrid before 1.6.8, when flatten_links is disabled, allows
+remote attackers to execute arbitrary code or cause a denial of
+service (daemon crash) via a LINKS command.
+
+CVE-2010-0300
+cache.c in ircd-ratbox before 2.2.9 allows remote attackers to cause a
+denial of service (NULL pointer dereference and daemon crash) via a
+HELP command.
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://www.debian.org/security/2010/dsa-1980
+http://lists.ratbox.org/pipermail/ircd-ratbox/2010-January/000890.html
+http://lists.ratbox.org/pipermail/ircd-ratbox/2010-January/000891.html
+http://www.vuxml.org/freebsd/192609c8-0c51-11df-82a0-00248c9b4be7.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: ircd-ratbox");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"ircd-ratbox");
+if(!isnull(bver) && revcomp(a:bver, b:"2.2.9")<0) {
+    security_note(0, data:"Package ircd-ratbox version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"ircd-ratbox-devel");
+if(!isnull(bver) && revcomp(a:bver, b:"3.0.6")<0) {
+    security_note(0, data:"Package ircd-ratbox-devel version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_otrs.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_otrs.nasl	2010-02-10 17:13:46 UTC (rev 6709)
+++ trunk/openvas-plugins/scripts/freebsd_otrs.nasl	2010-02-10 20:51:26 UTC (rev 6710)
@@ -0,0 +1,77 @@
+#
+#VID 6b575419-14cf-11df-a628-001517351c22
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID 6b575419-14cf-11df-a628-001517351c22
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66815);
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: otrs");
+
+ desc = "The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: otrs
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://otrs.org/advisory/OSA-2010-01-en/
+http://www.vuxml.org/freebsd/6b575419-14cf-11df-a628-001517351c22.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: otrs");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"otrs");
+if(!isnull(bver) && revcomp(a:bver, b:"2.4.7")<0) {
+    security_note(0, data:"Package otrs version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_powerdns-recursor0.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_powerdns-recursor0.nasl	2010-02-10 17:13:46 UTC (rev 6709)
+++ trunk/openvas-plugins/scripts/freebsd_powerdns-recursor0.nasl	2010-02-10 20:51:26 UTC (rev 6710)
@@ -0,0 +1,86 @@
+#
+#VID dd8f2394-fd08-11de-b425-00215c6a37bb
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID dd8f2394-fd08-11de-b425-00215c6a37bb
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66822);
+ script_cve_id("CVE-2009-4010", "CVE-2009-4009");
+ script_bugtraq_id(37650,37653);
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: powerdns-recursor");
+
+ desc = "The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: powerdns-recursor
+
+CVE-2009-4010
+Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows
+remote attackers to spoof DNS data via crafted zones.
+
+CVE-2009-4009
+Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote
+attackers to cause a denial of service (daemon crash) or possibly
+execute arbitrary code via crafted packets.
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: powerdns-recursor");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"powerdns-recursor");
+if(!isnull(bver) && revcomp(a:bver, b:"3.1.7.2")<0) {
+    security_note(0, data:"Package powerdns-recursor version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_squid24.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_squid24.nasl	2010-02-10 17:13:46 UTC (rev 6709)
+++ trunk/openvas-plugins/scripts/freebsd_squid24.nasl	2010-02-10 20:51:26 UTC (rev 6710)
@@ -0,0 +1,85 @@
+#
+#VID 296ecb59-0f6b-11df-8bab-0019996bc1f7
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID 296ecb59-0f6b-11df-8bab-0019996bc1f7
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66817);
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: squid");
+
+ desc = "The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: squid
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://www.squid-cache.org/Advisories/SQUID-2010_1.txt
+http://www.vuxml.org/freebsd/296ecb59-0f6b-11df-8bab-0019996bc1f7.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: squid");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"squid");
+if(!isnull(bver) && revcomp(a:bver, b:"2.7.1")>=0 && revcomp(a:bver, b:"2.7.7_3")<0) {
+    security_note(0, data:"Package squid version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+if(!isnull(bver) && revcomp(a:bver, b:"3.0.1")>=0 && revcomp(a:bver, b:"3.0.23")<0) {
+    security_note(0, data:"Package squid version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+if(!isnull(bver) && revcomp(a:bver, b:"3.1.0.1")>=0 && revcomp(a:bver, b:"3.1.0.15_2")<0) {
+    security_note(0, data:"Package squid version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_wireshark3.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_wireshark3.nasl	2010-02-10 17:13:46 UTC (rev 6709)
+++ trunk/openvas-plugins/scripts/freebsd_wireshark3.nasl	2010-02-10 20:51:26 UTC (rev 6710)
@@ -0,0 +1,93 @@
+#
+#VID bb0a8795-15dc-11df-bf0a-002170daae37
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID bb0a8795-15dc-11df-bf0a-002170daae37
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(66814);
+ script_cve_id("CVE-2010-0304");
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: wireshark, wireshark-lite");
+
+ desc = "The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following packages are affected:
+   wireshark
+   wireshark-lite
+
+CVE-2010-0304
+Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15
+through 1.0.10 and 1.2.0 through 1.2.5 allow remote attackers to cause
+a denial of service (crash) via a malformed packet, as demonstrated
+using a stack-based buffer overflow to the
+dissect_getaddrsbyname_request function.
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://secunia.com/advisories/38257/
+http://www.wireshark.org/security/wnpa-sec-2010-02.html
+http://www.vuxml.org/freebsd/bb0a8795-15dc-11df-bf0a-002170daae37.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: wireshark, wireshark-lite");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"wireshark");
+if(!isnull(bver) && revcomp(a:bver, b:"1.2.6")<0) {
+    security_note(0, data:"Package wireshark version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+bver = portver(pkg:"wireshark-lite");
+if(!isnull(bver) && revcomp(a:bver, b:"1.2.6")<0) {
+    security_note(0, data:"Package wireshark-lite version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}



More information about the Openvas-commits mailing list