[Openvas-commits] r9505 - in trunk/openvas-plugins: . scripts
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Tue Nov 23 15:30:11 CET 2010
Author: veerendragg
Date: 2010-11-23 15:30:07 +0100 (Tue, 23 Nov 2010)
New Revision: 9505
Added:
trunk/openvas-plugins/scripts/gb_CESA-2010_0889_freetype_centos4_i386.nasl
trunk/openvas-plugins/scripts/gb_CESA-2010_0895_systemtap_centos4_i386.nasl
trunk/openvas-plugins/scripts/gb_RHSA-2010_0889-01_freetype.nasl
trunk/openvas-plugins/scripts/gb_RHSA-2010_0894-01_systemtap.nasl
trunk/openvas-plugins/scripts/gb_RHSA-2010_0895-01_systemtap.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_0358_gif2png_fc12.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_17133_pam_fc12.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_17303_dhcp_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_17434_mod_fcgid_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_17439_clamav_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_17474_mod_fcgid_fc12.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_17615_cups_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_17621_mingw32-OpenSceneGraph_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_17627_cups_fc12.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_17728_freetype_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_17732_libtlen_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_17755_freetype_fc12.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_17762_libtlen_fc12.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_17826_openssl_fc12.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_17847_openssl_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_17868_systemtap_fc12.nasl
trunk/openvas-plugins/scripts/gb_fedora_2010_17873_systemtap_fc13.nasl
trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_226.nasl
trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_227.nasl
trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_234.nasl
trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_232.nasl
trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_233.nasl
trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_236.nasl
trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_237.nasl
trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_238.nasl
trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_239.nasl
trunk/openvas-plugins/scripts/gb_ubuntu_USN_1002_2.nasl
trunk/openvas-plugins/scripts/gb_ubuntu_USN_1004_1.nasl
trunk/openvas-plugins/scripts/gb_ubuntu_USN_1015_1.nasl
trunk/openvas-plugins/scripts/gb_ubuntu_USN_1018_1.nasl
trunk/openvas-plugins/scripts/gb_ubuntu_USN_959_2.nasl
Modified:
trunk/openvas-plugins/ChangeLog
Log:
Added new LSC plugins.
Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/ChangeLog 2010-11-23 14:30:07 UTC (rev 9505)
@@ -1,3 +1,43 @@
+2010-11-23 Veerendra G.G <veerendragg at secpod.com>
+
+ * scripts/gb_mandriva_MDVA_2010_227.nasl,
+ scripts/gb_mandriva_MDVSA_2010_238.nasl,
+ scripts/gb_fedora_2010_17873_systemtap_fc13.nasl,
+ scripts/gb_mandriva_MDVSA_2010_232.nasl,
+ scripts/gb_RHSA-2010_0895-01_systemtap.nasl,
+ scripts/gb_CESA-2010_0889_freetype_centos4_i386.nasl,
+ scripts/gb_fedora_2010_17847_openssl_fc13.nasl,
+ scripts/gb_fedora_2010_17133_pam_fc12.nasl,
+ scripts/gb_fedora_2010_17303_dhcp_fc13.nasl,
+ scripts/gb_fedora_2010_17826_openssl_fc12.nasl,
+ scripts/gb_RHSA-2010_0894-01_systemtap.nasl,
+ scripts/gb_mandriva_MDVSA_2010_239.nasl,
+ scripts/gb_mandriva_MDVSA_2010_236.nasl,
+ scripts/gb_fedora_2010_17755_freetype_fc12.nasl,
+ scripts/gb_mandriva_MDVSA_2010_233.nasl,
+ scripts/gb_CESA-2010_0895_systemtap_centos4_i386.nasl,
+ scripts/gb_fedora_2010_17762_libtlen_fc12.nasl,
+ scripts/gb_RHSA-2010_0889-01_freetype.nasl,
+ scripts/gb_ubuntu_USN_1018_1.nasl,
+ scripts/gb_ubuntu_USN_1015_1.nasl,
+ scripts/gb_mandriva_MDVA_2010_234.nasl,
+ scripts/gb_ubuntu_USN_959_2.nasl,
+ scripts/gb_fedora_2010_0358_gif2png_fc12.nasl,
+ scripts/gb_mandriva_MDVA_2010_226.nasl,
+ scripts/gb_fedora_2010_17615_cups_fc13.nasl,
+ scripts/gb_fedora_2010_17732_libtlen_fc13.nasl,
+ scripts/gb_mandriva_MDVSA_2010_237.nasl,
+ scripts/gb_fedora_2010_17627_cups_fc12.nasl,
+ scripts/gb_fedora_2010_17621_mingw32-OpenSceneGraph_fc13.nasl,
+ scripts/gb_fedora_2010_17434_mod_fcgid_fc13.nasl,
+ scripts/gb_fedora_2010_17439_clamav_fc13.nasl,
+ scripts/gb_fedora_2010_17474_mod_fcgid_fc12.nasl,
+ scripts/gb_fedora_2010_17868_systemtap_fc12.nasl,
+ scripts/gb_ubuntu_USN_1002_2.nasl,
+ scripts/gb_fedora_2010_17728_freetype_fc13.nasl,
+ scripts/gb_ubuntu_USN_1004_1.nasl:
+ Added new LSC plugins.
+
2010-11-23 Chandrashekhar B <bchandra at secpod.com>
* scripts/gb_adobe_reader_printseps_mem_crptn_vuln_lin.nasl,
Added: trunk/openvas-plugins/scripts/gb_CESA-2010_0889_freetype_centos4_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2010_0889_freetype_centos4_i386.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_CESA-2010_0889_freetype_centos4_i386.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,114 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for freetype CESA-2010:0889 centos4 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(880454);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "CESA", value: "2010:0889");
+ script_cve_id("CVE-2010-3855");
+ script_name("CentOS Update for freetype CESA-2010:0889 centos4 i386");
+ desc = "
+
+ Vulnerability Insight:
+ FreeType is a free, high-quality, portable font engine that can open and
+ manage font files. It also loads, hints, and renders individual glyphs
+ efficiently. The freetype packages for Red Hat Enterprise Linux 4 provide
+ both the FreeType 1 and FreeType 2 font engines. The freetype packages for
+ Red Hat Enterprise Linux 5 and 6 provide only the FreeType 2 font engine.
+
+ A heap-based buffer overflow flaw was found in the way the FreeType font
+ rendering engine processed certain TrueType GX fonts. If a user loaded a
+ specially-crafted font file with an application linked against FreeType, it
+ could cause the application to crash or, possibly, execute arbitrary code
+ with the privileges of the user running the application. (CVE-2010-3855)
+
+ Note: This issue only affects the FreeType 2 font engine.
+
+ Users are advised to upgrade to these updated packages, which contain a
+ backported patch to correct this issue. The X server must be restarted (log
+ out, then log back in) for this update to take effect.
+
+
+ Affected Software/OS:
+ freetype on CentOS 4
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.centos.org/pipermail/centos-announce/2010-November/017183.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of freetype");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("CentOS Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "CentOS4")
+{
+
+ if(isrpmvuln(pkg:"freetype", rpm:"freetype~2.1.9~17.el4_8.1", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"freetype-demos", rpm:"freetype-demos~2.1.9~17.el4_8.1", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"freetype-devel", rpm:"freetype-devel~2.1.9~17.el4_8.1", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"freetype-utils", rpm:"freetype-utils~2.1.9~17.el4_8.1", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_CESA-2010_0895_systemtap_centos4_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2010_0895_systemtap_centos4_i386.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_CESA-2010_0895_systemtap_centos4_i386.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,110 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for systemtap CESA-2010:0895 centos4 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(880455);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "CESA", value: "2010:0895");
+ script_cve_id("CVE-2010-4170");
+ script_name("CentOS Update for systemtap CESA-2010:0895 centos4 i386");
+ desc = "
+
+ Vulnerability Insight:
+ SystemTap is an instrumentation system for systems running the Linux
+ kernel, version 2.6. Developers can write scripts to collect data on the
+ operation of the system. staprun, the SystemTap runtime tool, is used for
+ managing SystemTap kernel modules (for example, loading them).
+
+ It was discovered that staprun did not properly sanitize the environment
+ before executing the modprobe command to load an additional kernel module.
+ A local, unprivileged user could use this flaw to escalate their
+ privileges. (CVE-2010-4170)
+
+ Note: On Red Hat Enterprise Linux 4, an attacker must be a member of the
+ stapusr group to exploit this issue. Also note that, after installing this
+ update, users already in the stapdev group must be added to the stapusr
+ group in order to be able to run the staprun tool.
+
+ Red Hat would like to thank Tavis Ormandy for reporting this issue.
+
+ SystemTap users should upgrade to these updated packages, which contain
+ a backported patch to correct this issue.
+
+
+ Affected Software/OS:
+ systemtap on CentOS 4
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.centos.org/pipermail/centos-announce/2010-November/017187.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of systemtap");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("CentOS Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "CentOS4")
+{
+
+ if(isrpmvuln(pkg:"systemtap", rpm:"systemtap~0.6.2~2.el4_8.3", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"systemtap-runtime", rpm:"systemtap-runtime~0.6.2~2.el4_8.3", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"systemtap-testsuite", rpm:"systemtap-testsuite~0.6.2~2.el4_8.3", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_RHSA-2010_0889-01_freetype.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_RHSA-2010_0889-01_freetype.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_RHSA-2010_0889-01_freetype.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,154 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for freetype RHSA-2010:0889-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(870361);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "RHSA", value: "2010:0889-01");
+ script_cve_id("CVE-2010-3855");
+ script_name("RedHat Update for freetype RHSA-2010:0889-01");
+ desc = "
+
+ Vulnerability Insight:
+ FreeType is a free, high-quality, portable font engine that can open and
+ manage font files. It also loads, hints, and renders individual glyphs
+ efficiently. The freetype packages for Red Hat Enterprise Linux 4 provide
+ both the FreeType 1 and FreeType 2 font engines. The freetype packages for
+ Red Hat Enterprise Linux 5 and 6 provide only the FreeType 2 font engine.
+
+ A heap-based buffer overflow flaw was found in the way the FreeType font
+ rendering engine processed certain TrueType GX fonts. If a user loaded a
+ specially-crafted font file with an application linked against FreeType, it
+ could cause the application to crash or, possibly, execute arbitrary code
+ with the privileges of the user running the application. (CVE-2010-3855)
+
+ Note: This issue only affects the FreeType 2 font engine.
+
+ Users are advised to upgrade to these updated packages, which contain a
+ backported patch to correct this issue. The X server must be restarted (log
+ out, then log back in) for this update to take effect.
+
+
+ Affected Software/OS:
+ freetype on Red Hat Enterprise Linux (v. 5 server),
+ Red Hat Enterprise Linux AS version 4,
+ Red Hat Enterprise Linux ES version 4,
+ Red Hat Enterprise Linux WS version 4
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://www.redhat.com/archives/rhsa-announce/2010-November/msg00024.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of freetype");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "RHENT_5")
+{
+
+ if(isrpmvuln(pkg:"freetype", rpm:"freetype~2.2.1~28.el5_5.1", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"freetype-debuginfo", rpm:"freetype-debuginfo~2.2.1~28.el5_5.1", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"freetype-demos", rpm:"freetype-demos~2.2.1~28.el5_5.1", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"freetype-devel", rpm:"freetype-devel~2.2.1~28.el5_5.1", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "RHENT_4")
+{
+
+ if(isrpmvuln(pkg:"freetype", rpm:"freetype~2.1.9~17.el4_8.1", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"freetype-debuginfo", rpm:"freetype-debuginfo~2.1.9~17.el4_8.1", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"freetype-demos", rpm:"freetype-demos~2.1.9~17.el4_8.1", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"freetype-devel", rpm:"freetype-devel~2.1.9~17.el4_8.1", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"freetype-utils", rpm:"freetype-utils~2.1.9~17.el4_8.1", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_RHSA-2010_0894-01_systemtap.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_RHSA-2010_0894-01_systemtap.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_RHSA-2010_0894-01_systemtap.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,143 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for systemtap RHSA-2010:0894-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(870360);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "RHSA", value: "2010:0894-01");
+ script_cve_id("CVE-2010-4170", "CVE-2010-4171");
+ script_name("RedHat Update for systemtap RHSA-2010:0894-01");
+ desc = "
+
+ Vulnerability Insight:
+ SystemTap is an instrumentation system for systems running the Linux
+ kernel, version 2.6. Developers can write scripts to collect data on the
+ operation of the system. staprun, the SystemTap runtime tool, is used for
+ managing SystemTap kernel modules (for example, loading them).
+
+ It was discovered that staprun did not properly sanitize the environment
+ before executing the modprobe command to load an additional kernel module.
+ A local, unprivileged user could use this flaw to escalate their
+ privileges. (CVE-2010-4170)
+
+ It was discovered that staprun did not check if the module to be unloaded
+ was previously loaded by SystemTap. A local, unprivileged user could use
+ this flaw to unload an arbitrary kernel module that was not in use.
+ (CVE-2010-4171)
+
+ Note: After installing this update, users already in the stapdev group must
+ be added to the stapusr group in order to be able to run the staprun tool.
+
+ Red Hat would like to thank Tavis Ormandy for reporting these issues.
+
+ SystemTap users should upgrade to these updated packages, which contain
+ backported patches to correct these issues.
+
+
+ Affected Software/OS:
+ systemtap on Red Hat Enterprise Linux (v. 5 server)
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://www.redhat.com/archives/rhsa-announce/2010-November/msg00029.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of systemtap");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "RHENT_5")
+{
+
+ if(isrpmvuln(pkg:"systemtap", rpm:"systemtap~1.1~3.el5_5.3", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"systemtap-client", rpm:"systemtap-client~1.1~3.el5_5.3", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"systemtap-debuginfo", rpm:"systemtap-debuginfo~1.1~3.el5_5.3", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"systemtap-initscript", rpm:"systemtap-initscript~1.1~3.el5_5.3", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"systemtap-runtime", rpm:"systemtap-runtime~1.1~3.el5_5.3", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"systemtap-sdt-devel", rpm:"systemtap-sdt-devel~1.1~3.el5_5.3", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"systemtap-server", rpm:"systemtap-server~1.1~3.el5_5.3", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"systemtap-testsuite", rpm:"systemtap-testsuite~1.1~3.el5_5.3", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_RHSA-2010_0895-01_systemtap.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_RHSA-2010_0895-01_systemtap.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_RHSA-2010_0895-01_systemtap.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,118 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for systemtap RHSA-2010:0895-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(870359);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "RHSA", value: "2010:0895-01");
+ script_cve_id("CVE-2010-4170");
+ script_name("RedHat Update for systemtap RHSA-2010:0895-01");
+ desc = "
+
+ Vulnerability Insight:
+ SystemTap is an instrumentation system for systems running the Linux
+ kernel, version 2.6. Developers can write scripts to collect data on the
+ operation of the system. staprun, the SystemTap runtime tool, is used for
+ managing SystemTap kernel modules (for example, loading them).
+
+ It was discovered that staprun did not properly sanitize the environment
+ before executing the modprobe command to load an additional kernel module.
+ A local, unprivileged user could use this flaw to escalate their
+ privileges. (CVE-2010-4170)
+
+ Note: On Red Hat Enterprise Linux 4, an attacker must be a member of the
+ stapusr group to exploit this issue. Also note that, after installing this
+ update, users already in the stapdev group must be added to the stapusr
+ group in order to be able to run the staprun tool.
+
+ Red Hat would like to thank Tavis Ormandy for reporting this issue.
+
+ SystemTap users should upgrade to these updated packages, which contain
+ a backported patch to correct this issue.
+
+
+ Affected Software/OS:
+ systemtap on Red Hat Enterprise Linux AS version 4,
+ Red Hat Enterprise Linux ES version 4,
+ Red Hat Enterprise Linux WS version 4
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://www.redhat.com/archives/rhsa-announce/2010-November/msg00030.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of systemtap");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "RHENT_4")
+{
+
+ if(isrpmvuln(pkg:"systemtap", rpm:"systemtap~0.6.2~2.el4_8.3", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"systemtap-debuginfo", rpm:"systemtap-debuginfo~0.6.2~2.el4_8.3", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"systemtap-runtime", rpm:"systemtap-runtime~0.6.2~2.el4_8.3", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"systemtap-testsuite", rpm:"systemtap-testsuite~0.6.2~2.el4_8.3", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_0358_gif2png_fc12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_0358_gif2png_fc12.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_0358_gif2png_fc12.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,85 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for gif2png FEDORA-2010-0358
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862564);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2010-0358");
+ script_name("Fedora Update for gif2png FEDORA-2010-0358");
+ desc = "
+
+ Vulnerability Insight:
+ The gif2png program converts files from the obsolescent Graphic Interchange
+ Format to Portable Network Graphics. The conversion preserves all graphic
+ information, including transparency, perfectly. The gif2png program can
+ even recover data from corrupted GIFs.
+
+ There exists a 'web2png' program in a separate package which is able
+ to convert entire directory hierarchies.
+
+
+ Affected Software/OS:
+ gif2png on Fedora 12
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051229.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of gif2png");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC12")
+{
+
+ if(isrpmvuln(pkg:"gif2png", rpm:"gif2png~2.5.1~1202.fc12", rls:"FC12"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_17133_pam_fc12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_17133_pam_fc12.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_17133_pam_fc12.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,82 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for pam FEDORA-2010-17133
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862556);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2010-17133");
+ script_cve_id("CVE-2010-3316", "CVE-2010-3435", "CVE-2010-3853");
+ script_name("Fedora Update for pam FEDORA-2010-17133");
+ desc = "
+
+ Vulnerability Insight:
+ PAM (Pluggable Authentication Modules) is a system security tool that
+ allows system administrators to set authentication policy without
+ having to recompile programs that handle authentication.
+
+
+ Affected Software/OS:
+ pam on Fedora 12
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050991.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of pam");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC12")
+{
+
+ if(isrpmvuln(pkg:"pam", rpm:"pam~1.1.1~6.fc12", rls:"FC12"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_17303_dhcp_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_17303_dhcp_fc13.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_17303_dhcp_fc13.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,90 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for dhcp FEDORA-2010-17303
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862571);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "FEDORA", value: "2010-17303");
+ script_cve_id("CVE-2010-3611", "CVE-2010-2156");
+ script_name("Fedora Update for dhcp FEDORA-2010-17303");
+ desc = "
+
+ Vulnerability Insight:
+ DHCP (Dynamic Host Configuration Protocol) is a protocol which allows
+ individual devices on an IP network to get their own network
+ configuration information (IP address, subnetmask, broadcast address,
+ etc.) from a DHCP server. The overall purpose of DHCP is to make it
+ easier to administer a large network. The dhcp package includes the
+ ISC DHCP service and relay agent.
+
+ To use DHCP on your network, install a DHCP service (or relay agent),
+ and on clients run a DHCP client daemon. The dhcp package provides
+ the ISC DHCP service and relay agent.
+
+
+ Affected Software/OS:
+ dhcp on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051287.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of dhcp");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"dhcp", rpm:"dhcp~4.1.1~27.P1.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_17434_mod_fcgid_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_17434_mod_fcgid_fc13.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_17434_mod_fcgid_fc13.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,83 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for mod_fcgid FEDORA-2010-17434
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862555);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2010-17434");
+ script_cve_id("CVE-2010-3872");
+ script_name("Fedora Update for mod_fcgid FEDORA-2010-17434");
+ desc = "
+
+ Vulnerability Insight:
+ mod_fcgid is a binary-compatible alternative to the Apache module mod_fastcgi.
+ mod_fcgid has a new process management strategy, which concentrates on reducing
+ the number of fastcgi servers, and kicking out corrupt fastcgi servers as soon
+ as possible.
+
+
+ Affected Software/OS:
+ mod_fcgid on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050932.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of mod_fcgid");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"mod_fcgid", rpm:"mod_fcgid~2.3.6~1.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_17439_clamav_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_17439_clamav_fc13.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_17439_clamav_fc13.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,89 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for clamav FEDORA-2010-17439
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862565);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"5.1");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2010-17439");
+ script_cve_id("CVE-2010-0405");
+ script_name("Fedora Update for clamav FEDORA-2010-17439");
+ desc = "
+
+ Vulnerability Insight:
+ Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this
+ software is the integration with mail servers (attachment scanning). The
+ package provides a flexible and scalable multi-threaded daemon, a command
+ line scanner, and a tool for automatic updating via Internet. The programs
+ are based on a shared library distributed with the Clam AntiVirus package,
+ which you can use with your own software. The virus database is based on
+ the virus database from OpenAntiVirus, but contains additional signatures
+ (including signatures for popular polymorphic viruses, too) and is KEPT UP
+ TO DATE.
+
+
+ Affected Software/OS:
+ clamav on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051278.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of clamav");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"clamav", rpm:"clamav~0.96.4~1300.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_17474_mod_fcgid_fc12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_17474_mod_fcgid_fc12.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_17474_mod_fcgid_fc12.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,83 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for mod_fcgid FEDORA-2010-17474
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862557);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2010-17474");
+ script_cve_id("CVE-2010-3872");
+ script_name("Fedora Update for mod_fcgid FEDORA-2010-17474");
+ desc = "
+
+ Vulnerability Insight:
+ mod_fcgid is a binary-compatible alternative to the Apache module mod_fastcgi.
+ mod_fcgid has a new process management strategy, which concentrates on reducing
+ the number of fastcgi servers, and kicking out corrupt fastcgi servers as soon
+ as possible.
+
+
+ Affected Software/OS:
+ mod_fcgid on Fedora 12
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050930.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of mod_fcgid");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC12")
+{
+
+ if(isrpmvuln(pkg:"mod_fcgid", rpm:"mod_fcgid~2.3.6~1.fc12", rls:"FC12"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_17615_cups_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_17615_cups_fc13.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_17615_cups_fc13.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,84 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for cups FEDORA-2010-17615
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862570);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"7.9");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2010-17615");
+ script_cve_id("CVE-2010-2941", "CVE-2010-0540", "CVE-2010-0542", "CVE-2010-1748", "CVE-2010-0302");
+ script_name("Fedora Update for cups FEDORA-2010-17615");
+ desc = "
+
+ Vulnerability Insight:
+ The Common UNIX Printing System provides a portable printing layer for
+ UNIX® operating systems. It has been developed by Easy Software Products
+ to promote a standard printing solution for all UNIX vendors and users.
+ CUPS provides the System V and Berkeley command-line interfaces.
+
+
+ Affected Software/OS:
+ cups on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of cups");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"cups", rpm:"cups~1.4.4~11.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_17621_mingw32-OpenSceneGraph_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_17621_mingw32-OpenSceneGraph_fc13.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_17621_mingw32-OpenSceneGraph_fc13.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,92 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for mingw32-OpenSceneGraph FEDORA-2010-17621
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862569);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_xref(name: "FEDORA", value: "2010-17621");
+ script_cve_id("CVE-2010-0280");
+ script_name("Fedora Update for mingw32-OpenSceneGraph FEDORA-2010-17621");
+ desc = "
+
+ Vulnerability Insight:
+ The OpenSceneGraph is an OpenSource, cross platform graphics toolkit for the
+ development of high performance graphics applications such as flight
+ simulators, games, virtual reality and scientific visualization.
+ Based around the concept of a SceneGraph, it provides an object oriented
+ framework on top of OpenGL freeing the developer from implementing and
+ optimizing low level graphics calls, and provides many additional utilities
+ for rapid development of graphics applications.
+
+ %{_mingw32_description}
+
+
+ %{_mingw32_debug_package}
+
+
+ Affected Software/OS:
+ mingw32-OpenSceneGraph on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051198.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of mingw32-OpenSceneGraph");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"mingw32-OpenSceneGraph", rpm:"mingw32-OpenSceneGraph~2.8.2~3.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_17627_cups_fc12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_17627_cups_fc12.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_17627_cups_fc12.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,84 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for cups FEDORA-2010-17627
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862562);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"7.9");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2010-17627");
+ script_cve_id("CVE-2010-2941", "CVE-2010-0540", "CVE-2010-0542", "CVE-2010-1748", "CVE-2010-0302", "CVE-2009-3553");
+ script_name("Fedora Update for cups FEDORA-2010-17627");
+ desc = "
+
+ Vulnerability Insight:
+ The Common UNIX Printing System provides a portable printing layer for
+ UNIX® operating systems. It has been developed by Easy Software Products
+ to promote a standard printing solution for all UNIX vendors and users.
+ CUPS provides the System V and Berkeley command-line interfaces.
+
+
+ Affected Software/OS:
+ cups on Fedora 12
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of cups");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC12")
+{
+
+ if(isrpmvuln(pkg:"cups", rpm:"cups~1.4.4~11.fc12", rls:"FC12"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_17728_freetype_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_17728_freetype_fc13.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_17728_freetype_fc13.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,86 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for freetype FEDORA-2010-17728
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862560);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_xref(name: "FEDORA", value: "2010-17728");
+ script_cve_id("CVE-2010-3855", "CVE-2010-2805", "CVE-2010-2806", "CVE-2010-2808", "CVE-2010-3311", "CVE-2010-1797", "CVE-2010-2498", "CVE-2010-2499", "CVE-2010-2500", "CVE-2010-2519", "CVE-2010-2520", "CVE-2010-2527", "CVE-2010-2541");
+ script_name("Fedora Update for freetype FEDORA-2010-17728");
+ desc = "
+
+ Vulnerability Insight:
+ The FreeType engine is a free and portable font rendering
+ engine, developed to provide advanced font support for a variety of
+ platforms and environments. FreeType is a library which can open and
+ manages font files as well as efficiently load, hint and render
+ individual glyphs. FreeType is not a font server or a complete
+ text-rendering library.
+
+
+ Affected Software/OS:
+ freetype on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051231.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of freetype");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"freetype", rpm:"freetype~2.3.11~7.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_17732_libtlen_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_17732_libtlen_fc13.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_17732_libtlen_fc13.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,83 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for libtlen FEDORA-2010-17732
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862567);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "FEDORA", value: "2010-17732");
+ script_cve_id("CVE-2009-3720");
+ script_name("Fedora Update for libtlen FEDORA-2010-17732");
+ desc = "
+
+ Vulnerability Insight:
+ libtlen is a library providing an API for client programs which want
+ to use Tlen.pl, an Instant Messanging protocol based on Jabber, but
+ with some modifications.
+
+
+ Affected Software/OS:
+ libtlen on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051247.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of libtlen");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"libtlen-0", rpm:"libtlen-0~0.10.20060309.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_17755_freetype_fc12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_17755_freetype_fc12.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_17755_freetype_fc12.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,86 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for freetype FEDORA-2010-17755
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862563);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_xref(name: "FEDORA", value: "2010-17755");
+ script_cve_id("CVE-2010-3855", "CVE-2010-2805", "CVE-2010-2806", "CVE-2010-2808", "CVE-2010-3311", "CVE-2010-1797", "CVE-2010-2498", "CVE-2010-2499", "CVE-2010-2500", "CVE-2010-2519", "CVE-2010-2520", "CVE-2010-2527", "CVE-2010-2541");
+ script_name("Fedora Update for freetype FEDORA-2010-17755");
+ desc = "
+
+ Vulnerability Insight:
+ The FreeType engine is a free and portable font rendering
+ engine, developed to provide advanced font support for a variety of
+ platforms and environments. FreeType is a library which can open and
+ manages font files as well as efficiently load, hint and render
+ individual glyphs. FreeType is not a font server or a complete
+ text-rendering library.
+
+
+ Affected Software/OS:
+ freetype on Fedora 12
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051251.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of freetype");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC12")
+{
+
+ if(isrpmvuln(pkg:"freetype", rpm:"freetype~2.3.11~7.fc12", rls:"FC12"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_17762_libtlen_fc12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_17762_libtlen_fc12.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_17762_libtlen_fc12.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,83 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for libtlen FEDORA-2010-17762
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862561);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "FEDORA", value: "2010-17762");
+ script_cve_id("CVE-2009-3720");
+ script_name("Fedora Update for libtlen FEDORA-2010-17762");
+ desc = "
+
+ Vulnerability Insight:
+ libtlen is a library providing an API for client programs which want
+ to use Tlen.pl, an Instant Messanging protocol based on Jabber, but
+ with some modifications.
+
+
+ Affected Software/OS:
+ libtlen on Fedora 12
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051228.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of libtlen");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC12")
+{
+
+ if(isrpmvuln(pkg:"libtlen-0", rpm:"libtlen-0~0.10.20060309.fc12", rls:"FC12"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_17826_openssl_fc12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_17826_openssl_fc12.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_17826_openssl_fc12.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,84 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for openssl FEDORA-2010-17826
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862568);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"7.6");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2010-17826");
+ script_cve_id("CVE-2010-3864", "CVE-2010-0742", "CVE-2010-1633", "CVE-2009-4355", "CVE-2009-3555");
+ script_name("Fedora Update for openssl FEDORA-2010-17826");
+ desc = "
+
+ Vulnerability Insight:
+ The OpenSSL toolkit provides support for secure communications between
+ machines. OpenSSL includes a certificate management tool and shared
+ libraries which provide various cryptographic algorithms and
+ protocols.
+
+
+ Affected Software/OS:
+ openssl on Fedora 12
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of openssl");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC12")
+{
+
+ if(isrpmvuln(pkg:"openssl", rpm:"openssl~1.0.0b~1.fc12", rls:"FC12"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_17847_openssl_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_17847_openssl_fc13.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_17847_openssl_fc13.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,84 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for openssl FEDORA-2010-17847
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862566);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"7.6");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2010-17847");
+ script_cve_id("CVE-2010-3864", "CVE-2010-0742", "CVE-2010-1633");
+ script_name("Fedora Update for openssl FEDORA-2010-17847");
+ desc = "
+
+ Vulnerability Insight:
+ The OpenSSL toolkit provides support for secure communications between
+ machines. OpenSSL includes a certificate management tool and shared
+ libraries which provide various cryptographic algorithms and
+ protocols.
+
+
+ Affected Software/OS:
+ openssl on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of openssl");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"openssl", rpm:"openssl~1.0.0b~1.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_17868_systemtap_fc12.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_17868_systemtap_fc12.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_17868_systemtap_fc12.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,82 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for systemtap FEDORA-2010-17868
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862558);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2010-17868");
+ script_cve_id("CVE-2010-4171", "CVE-2010-4170");
+ script_name("Fedora Update for systemtap FEDORA-2010-17868");
+ desc = "
+
+ Vulnerability Insight:
+ SystemTap is an instrumentation system for systems running Linux 2.6.
+ Developers can write instrumentation to collect data on the operation
+ of the system.
+
+
+ Affected Software/OS:
+ systemtap on Fedora 12
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051122.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of systemtap");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC12")
+{
+
+ if(isrpmvuln(pkg:"systemtap", rpm:"systemtap~1.3~3.fc12", rls:"FC12"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2010_17873_systemtap_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2010_17873_systemtap_fc13.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_fedora_2010_17873_systemtap_fc13.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,82 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for systemtap FEDORA-2010-17873
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862559);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2010-17873");
+ script_cve_id("CVE-2010-4171", "CVE-2010-4170");
+ script_name("Fedora Update for systemtap FEDORA-2010-17873");
+ desc = "
+
+ Vulnerability Insight:
+ SystemTap is an instrumentation system for systems running Linux 2.6.
+ Developers can write instrumentation to collect data on the operation
+ of the system.
+
+
+ Affected Software/OS:
+ systemtap on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051127.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of systemtap");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"systemtap", rpm:"systemtap~1.3~3.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_226.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_226.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_226.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,81 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Mandriva Update for perl-URPM MDVA-2010:226 (perl-URPM)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(831257);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "MDVA", value: "2010:226");
+ script_name("Mandriva Update for perl-URPM MDVA-2010:226 (perl-URPM)");
+ desc = "
+
+ Vulnerability Insight:
+
+ This advisory fixes the gpg keys parsing, which were resulting in
+ some warnings (bug 61636).
+
+ Affected Software/OS:
+ perl-URPM on Mandriva Linux 2010.1,
+ Mandriva Linux 2010.1/X86_64
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.mandriva.com/security-announce/2010-11/msg00034.php
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of perl-URPM");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "MNDK_2010.1")
+{
+
+ if(isrpmvuln(pkg:"perl-URPM", rpm:"perl-URPM~3.37.1~1.2mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_227.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_227.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_227.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,367 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Mandriva Update for libalsa2 MDVA-2010:227 (libalsa2)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(831258);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "MDVA", value: "2010:227");
+ script_name("Mandriva Update for libalsa2 MDVA-2010:227 (libalsa2)");
+ desc = "
+
+ Vulnerability Insight:
+
+ This is a bugfix and maintenance update bundle that addresses various
+ issues in a number of packages.
+
+ * Some thread-related problems were found in the libalsa2 library
+ that could cause segmentation faults in some audio applications (one
+ example being phonon when used with gstreamer output and accessing
+ pulseaudio via ALSA plugin). The updated libalsa2 package contains
+ an upstream fix to correct this problem.
+
+ On a related note the PulseAudio package has also been updated to
+ include several important upstream bugfixes including:
+
+ * Much improved handling of capture stream latencies and timing
+
+ * Client side XCB implementation to replace Xlib (and thus solve some
+ thread-related issues).
+
+ * Support for the a52 alsa plugin when combined with an appropriate
+ ~/.asoundrc file.
+
+ * Several bugs in the pulseaudio plugin for the GStreamer audio
+ framework could lead to application crashes, for instance in
+ pidgin. This update contains fixes for memory allocation and lock
+ handling of the pulseaudio plugin.
+
+ Affected Software/OS:
+ libalsa2 on Mandriva Linux 2010.1,
+ Mandriva Linux 2010.1/X86_64
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.mandriva.com/security-announce/2010-11/msg00035.php
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of libalsa2");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "MNDK_2010.1")
+{
+
+ if(isrpmvuln(pkg:"gstreamer0.10-aalib", rpm:"gstreamer0.10-aalib~0.10.22~1.2mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"gstreamer0.10-caca", rpm:"gstreamer0.10-caca~0.10.22~1.2mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"gstreamer0.10-dv", rpm:"gstreamer0.10-dv~0.10.22~1.2mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"gstreamer0.10-esound", rpm:"gstreamer0.10-esound~0.10.22~1.2mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"gstreamer0.10-flac", rpm:"gstreamer0.10-flac~0.10.22~1.2mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"gstreamer0.10-plugins-good", rpm:"gstreamer0.10-plugins-good~0.10.22~1.2mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"gstreamer0.10-pulse", rpm:"gstreamer0.10-pulse~0.10.22~1.2mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"gstreamer0.10-raw1394", rpm:"gstreamer0.10-raw1394~0.10.22~1.2mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"gstreamer0.10-soup", rpm:"gstreamer0.10-soup~0.10.22~1.2mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"gstreamer0.10-speex", rpm:"gstreamer0.10-speex~0.10.22~1.2mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"gstreamer0.10-wavpack", rpm:"gstreamer0.10-wavpack~0.10.22~1.2mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libalsa2", rpm:"libalsa2~1.0.23~2.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libalsa2-devel", rpm:"libalsa2-devel~1.0.23~2.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libalsa2-docs", rpm:"libalsa2-docs~1.0.23~2.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libalsa2-static-devel", rpm:"libalsa2-static-devel~1.0.23~2.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libalsa-data", rpm:"libalsa-data~1.0.23~2.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libphonon4", rpm:"libphonon4~4.4.1~6.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libphononexperimental4", rpm:"libphononexperimental4~4.4.1~6.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libpulseaudio0", rpm:"libpulseaudio0~0.9.21~26.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libpulseaudio-devel", rpm:"libpulseaudio-devel~0.9.21~26.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libpulseglib20", rpm:"libpulseglib20~0.9.21~26.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libpulsezeroconf0", rpm:"libpulsezeroconf0~0.9.21~26.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"phonon-devel", rpm:"phonon-devel~4.4.1~6.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"phonon-gstreamer", rpm:"phonon-gstreamer~4.4.1~6.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"phonon-xine", rpm:"phonon-xine~4.4.1~6.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pulseaudio", rpm:"pulseaudio~0.9.21~26.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pulseaudio-client-config", rpm:"pulseaudio-client-config~0.9.21~26.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pulseaudio-esound-compat", rpm:"pulseaudio-esound-compat~0.9.21~26.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pulseaudio-module-bluetooth", rpm:"pulseaudio-module-bluetooth~0.9.21~26.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pulseaudio-module-gconf", rpm:"pulseaudio-module-gconf~0.9.21~26.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pulseaudio-module-jack", rpm:"pulseaudio-module-jack~0.9.21~26.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pulseaudio-module-lirc", rpm:"pulseaudio-module-lirc~0.9.21~26.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pulseaudio-module-x11", rpm:"pulseaudio-module-x11~0.9.21~26.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pulseaudio-module-zeroconf", rpm:"pulseaudio-module-zeroconf~0.9.21~26.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pulseaudio-utils", rpm:"pulseaudio-utils~0.9.21~26.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"phonon", rpm:"phonon~4.4.1~6.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64alsa2", rpm:"lib64alsa2~1.0.23~2.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64alsa2-devel", rpm:"lib64alsa2-devel~1.0.23~2.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64alsa2-static-devel", rpm:"lib64alsa2-static-devel~1.0.23~2.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64phonon4", rpm:"lib64phonon4~4.4.1~6.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64phononexperimental4", rpm:"lib64phononexperimental4~4.4.1~6.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64pulseaudio0", rpm:"lib64pulseaudio0~0.9.21~26.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64pulseaudio-devel", rpm:"lib64pulseaudio-devel~0.9.21~26.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64pulseglib20", rpm:"lib64pulseglib20~0.9.21~26.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64pulsezeroconf0", rpm:"lib64pulsezeroconf0~0.9.21~26.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_234.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_234.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2010_234.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,92 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Mandriva Update for ocsinventory-agent MDVA-2010:234 (ocsinventory-agent)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(831254);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "MDVA", value: "2010:234");
+ script_name("Mandriva Update for ocsinventory-agent MDVA-2010:234 (ocsinventory-agent)");
+ desc = "
+
+ Vulnerability Insight:
+
+ This updates fixes one bug:
+ In file
+ /usr/lib/perl5/vendor_perl/5.10.0/Ocsinventory/LoggerBackend/Syslog.pm
+ the third argument ({'USER'}) doesn't respect the
+ syslog protocol RFC 5424. It should be one listed in
+ http://perldoc.perl.org/Sys/Syslog.html#Facilities
+ LOG_USER.
+
+ Affected Software/OS:
+ ocsinventory-agent on Mandriva Enterprise Server 5,
+ Mandriva Enterprise Server 5/X86_64
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.mandriva.com/security-announce/2010-11/msg00025.php
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of ocsinventory-agent");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "MNDK_mes5")
+{
+
+ if(isrpmvuln(pkg:"ocsinventory-agent", rpm:"ocsinventory-agent~1.02~2.3mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"perl-Ocsinventory", rpm:"perl-Ocsinventory~1.02~2.3mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_232.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_232.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_232.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,270 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Mandriva Update for cups MDVSA-2010:232 (cups)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(831252);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"7.9");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "MDVSA", value: "2010:232");
+ script_cve_id("CVE-2010-0540", "CVE-2010-0542", "CVE-2010-1748", "CVE-2010-2431", "CVE-2010-2941");
+ script_name("Mandriva Update for cups MDVSA-2010:232 (cups)");
+ desc = "
+
+ Vulnerability Insight:
+
+ Multiple vulnerabilities were discovered and corrected in cups:
+
+ Cross-site request forgery (CSRF) vulnerability in the web interface
+ in CUPS, allows remote attackers to hijack the authentication of
+ administrators for requests that change settings (CVE-2010-0540).
+
+ The _WriteProlog function in texttops.c in texttops in the Text Filter
+ subsystem in CUPS before 1.4.4 does not check the return values
+ of certain calloc calls, which allows remote attackers to cause a
+ denial of service (NULL pointer dereference or heap memory corruption)
+ or possibly execute arbitrary code via a crafted file (CVE-2010-0542).
+
+ The web interface in CUPS, reads uninitialized memory during handling
+ of form variables, which allows context-dependent attackers to obtain
+ sensitive information from cupsd process memory via unspecified vectors
+ (CVE-2010-1748).
+
+ The cupsFileOpen function in CUPS before 1.4.4 allows local users,
+ with lp group membership, to overwrite arbitrary files via a
+ symlink attack on the (1) /var/cache/cups/remote.cache or (2)
+ /var/cache/cups/job.cache file (CVE-2010-2431).
+
+ ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate
+ memory for attribute values with invalid string data types, which
+ allows remote attackers to cause a denial of service (use-after-free
+ and application crash) or possibly execute arbitrary code via a
+ crafted IPP request (CVE-2010-2941).
+
+ Packages for 2009.0 are provided as of the Extended Maintenance
+ Program. Please visit this link to learn more:
+ http://store.mandriva.com/product_info.php?cPath=149&products_id=490
+
+ The updated packages have been patched to correct these issues.
+
+ Affected Software/OS:
+ cups on Mandriva Linux 2009.0,
+ Mandriva Linux 2009.0/X86_64,
+ Mandriva Linux 2010.0,
+ Mandriva Linux 2010.0/X86_64,
+ Mandriva Enterprise Server 5,
+ Mandriva Enterprise Server 5/X86_64
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.mandriva.com/security-announce/2010-11/msg00026.php
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of cups");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "MNDK_mes5")
+{
+
+ if(isrpmvuln(pkg:"cups", rpm:"cups~1.3.10~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"cups-common", rpm:"cups-common~1.3.10~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"cups-serial", rpm:"cups-serial~1.3.10~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libcups2", rpm:"libcups2~1.3.10~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libcups2-devel", rpm:"libcups2-devel~1.3.10~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-cups", rpm:"php-cups~1.3.10~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64cups2", rpm:"lib64cups2~1.3.10~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64cups2-devel", rpm:"lib64cups2-devel~1.3.10~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2010.0")
+{
+
+ if(isrpmvuln(pkg:"cups", rpm:"cups~1.4.1~12.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"cups-common", rpm:"cups-common~1.4.1~12.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"cups-serial", rpm:"cups-serial~1.4.1~12.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libcups2", rpm:"libcups2~1.4.1~12.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libcups2-devel", rpm:"libcups2-devel~1.4.1~12.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-cups", rpm:"php-cups~1.4.1~12.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64cups2", rpm:"lib64cups2~1.4.1~12.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64cups2-devel", rpm:"lib64cups2-devel~1.4.1~12.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2009.0")
+{
+
+ if(isrpmvuln(pkg:"cups", rpm:"cups~1.3.10~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"cups-common", rpm:"cups-common~1.3.10~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"cups-serial", rpm:"cups-serial~1.3.10~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libcups2", rpm:"libcups2~1.3.10~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libcups2-devel", rpm:"libcups2-devel~1.3.10~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-cups", rpm:"php-cups~1.3.10~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64cups2", rpm:"lib64cups2~1.3.10~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64cups2-devel", rpm:"lib64cups2-devel~1.3.10~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_233.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_233.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_233.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,136 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Mandriva Update for cups MDVSA-2010:233 (cups)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(831255);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"7.9");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "MDVSA", value: "2010:233");
+ script_cve_id("CVE-2010-0540", "CVE-2010-2941");
+ script_name("Mandriva Update for cups MDVSA-2010:233 (cups)");
+ desc = "
+
+ Vulnerability Insight:
+
+ Multiple vulnerabilities were discovered and corrected in cups:
+
+ Cross-site request forgery (CSRF) vulnerability in the web interface
+ in CUPS, allows remote attackers to hijack the authentication of
+ administrators for requests that change settings (CVE-2010-0540).
+
+ ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate
+ memory for attribute values with invalid string data types, which
+ allows remote attackers to cause a denial of service (use-after-free
+ and application crash) or possibly execute arbitrary code via a
+ crafted IPP request (CVE-2010-2941).
+
+ The updated packages have been patched to correct these issues.
+
+ Affected Software/OS:
+ cups on Mandriva Linux 2010.1,
+ Mandriva Linux 2010.1/X86_64
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.mandriva.com/security-announce/2010-11/msg00027.php
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of cups");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "MNDK_2010.1")
+{
+
+ if(isrpmvuln(pkg:"cups", rpm:"cups~1.4.3~3.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"cups-common", rpm:"cups-common~1.4.3~3.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"cups-serial", rpm:"cups-serial~1.4.3~3.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libcups2", rpm:"libcups2~1.4.3~3.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libcups2-devel", rpm:"libcups2-devel~1.4.3~3.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-cups", rpm:"php-cups~1.4.3~3.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64cups2", rpm:"lib64cups2~1.4.3~3.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64cups2-devel", rpm:"lib64cups2-devel~1.4.3~3.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_236.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_236.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_236.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,286 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Mandriva Update for freetype2 MDVSA-2010:236 (freetype2)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(831253);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "MDVSA", value: "2010:236");
+ script_cve_id("CVE-2010-3814", "CVE-2010-3855");
+ script_name("Mandriva Update for freetype2 MDVSA-2010:236 (freetype2)");
+ desc = "
+
+ Vulnerability Insight:
+
+ Multiple vulnerabilities were discovered and corrected in freetype2:
+
+ An error within the "Ins_SHZ()" function in src/truetype/ttinterp.c
+ when handling the "SHZ" bytecode instruction can be exploited to
+ cause a crash and potentially execute arbitrary code via a specially
+ crafted font (CVE-2010-3814).
+
+ An error exists in the "ft_var_readpackedpoints()" function in
+ src/truetype/ttgxvar.c when processing TrueType GX fonts and can
+ be exploited to cause a heap-based buffer overflow via a specially
+ crafted font (CVE-2010-3855).
+
+ Packages for 2009.0 are provided as of the Extended Maintenance
+ Program. Please visit this link to learn more:
+ http://store.mandriva.com/product_info.php?cPath=149&products_id=490
+
+ The updated packages have been patched to correct these issues.
+
+ Affected Software/OS:
+ freetype2 on Mandriva Linux 2009.0,
+ Mandriva Linux 2009.0/X86_64,
+ Mandriva Linux 2010.0,
+ Mandriva Linux 2010.0/X86_64,
+ Mandriva Linux 2010.1,
+ Mandriva Linux 2010.1/X86_64,
+ Mandriva Enterprise Server 5,
+ Mandriva Enterprise Server 5/X86_64
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.mandriva.com/security-announce/2010-11/msg00030.php
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of freetype2");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "MNDK_mes5")
+{
+
+ if(isrpmvuln(pkg:"libfreetype6", rpm:"libfreetype6~2.3.7~1.6mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libfreetype6-devel", rpm:"libfreetype6-devel~2.3.7~1.6mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libfreetype6-static-devel", rpm:"libfreetype6-static-devel~2.3.7~1.6mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"freetype2", rpm:"freetype2~2.3.7~1.6mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64freetype6", rpm:"lib64freetype6~2.3.7~1.6mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64freetype6-devel", rpm:"lib64freetype6-devel~2.3.7~1.6mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64freetype6-static-devel", rpm:"lib64freetype6-static-devel~2.3.7~1.6mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2010.1")
+{
+
+ if(isrpmvuln(pkg:"libfreetype6", rpm:"libfreetype6~2.3.12~1.5mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libfreetype6-devel", rpm:"libfreetype6-devel~2.3.12~1.5mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libfreetype6-static-devel", rpm:"libfreetype6-static-devel~2.3.12~1.5mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"freetype2", rpm:"freetype2~2.3.12~1.5mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64freetype6", rpm:"lib64freetype6~2.3.12~1.5mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64freetype6-devel", rpm:"lib64freetype6-devel~2.3.12~1.5mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64freetype6-static-devel", rpm:"lib64freetype6-static-devel~2.3.12~1.5mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2010.0")
+{
+
+ if(isrpmvuln(pkg:"libfreetype6", rpm:"libfreetype6~2.3.11~1.5mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libfreetype6-devel", rpm:"libfreetype6-devel~2.3.11~1.5mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libfreetype6-static-devel", rpm:"libfreetype6-static-devel~2.3.11~1.5mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"freetype2", rpm:"freetype2~2.3.11~1.5mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64freetype6", rpm:"lib64freetype6~2.3.11~1.5mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64freetype6-devel", rpm:"lib64freetype6-devel~2.3.11~1.5mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64freetype6-static-devel", rpm:"lib64freetype6-static-devel~2.3.11~1.5mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2009.0")
+{
+
+ if(isrpmvuln(pkg:"libfreetype6", rpm:"libfreetype6~2.3.7~1.6mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libfreetype6-devel", rpm:"libfreetype6-devel~2.3.7~1.6mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libfreetype6-static-devel", rpm:"libfreetype6-static-devel~2.3.7~1.6mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"freetype2", rpm:"freetype2~2.3.7~1.6mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64freetype6", rpm:"lib64freetype6~2.3.7~1.6mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64freetype6-devel", rpm:"lib64freetype6-devel~2.3.7~1.6mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64freetype6-static-devel", rpm:"lib64freetype6-static-devel~2.3.7~1.6mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_237.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_237.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_237.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,159 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Mandriva Update for perl-CGI MDVSA-2010:237 (perl-CGI)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(831256);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "MDVSA", value: "2010:237");
+ script_name("Mandriva Update for perl-CGI MDVSA-2010:237 (perl-CGI)");
+ desc = "
+
+ Vulnerability Insight:
+
+ A new version of the CGI Perl module has been released to CPAN,
+ which fixes several security bugs which directly affect Bugzilla
+ (these two security bugs where first discovered as affecting Bugzilla,
+ then identified as being bugs in CGI.pm itself).
+
+ Packages for 2009.0 are provided as of the Extended Maintenance
+ Program. Please visit this link to learn more:
+ http://store.mandriva.com/product_info.php?cPath=149&products_id=490
+
+ The updated packages have been upgraded to perl-CGI 3.50 to solve
+ these security issues.
+
+ Affected Software/OS:
+ perl-CGI on Mandriva Linux 2009.0,
+ Mandriva Linux 2009.0/X86_64,
+ Mandriva Linux 2010.0,
+ Mandriva Linux 2010.0/X86_64,
+ Mandriva Linux 2010.1,
+ Mandriva Linux 2010.1/X86_64,
+ Mandriva Enterprise Server 5,
+ Mandriva Enterprise Server 5/X86_64
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.mandriva.com/security-announce/2010-11/msg00031.php
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of perl-CGI");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "MNDK_mes5")
+{
+
+ if(isrpmvuln(pkg:"perl-CGI", rpm:"perl-CGI~3.50~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"perl-CGI-Fast", rpm:"perl-CGI-Fast~3.50~0.1mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2010.1")
+{
+
+ if(isrpmvuln(pkg:"perl-CGI", rpm:"perl-CGI~3.500.0~0.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"perl-CGI-Fast", rpm:"perl-CGI-Fast~3.500.0~0.1mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2010.0")
+{
+
+ if(isrpmvuln(pkg:"perl-CGI", rpm:"perl-CGI~3.500.0~0.1mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"perl-CGI-Fast", rpm:"perl-CGI-Fast~3.500.0~0.1mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2009.0")
+{
+
+ if(isrpmvuln(pkg:"perl-CGI", rpm:"perl-CGI~3.50~0.1mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"perl-CGI-Fast", rpm:"perl-CGI-Fast~3.50~0.1mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_238.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_238.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_238.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,291 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Mandriva Update for openssl MDVSA-2010:238 (openssl)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(831251);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"7.6");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "MDVSA", value: "2010:238");
+ script_cve_id("CVE-2010-3864");
+ script_name("Mandriva Update for openssl MDVSA-2010:238 (openssl)");
+ desc = "
+
+ Vulnerability Insight:
+
+ A vulnerability was discovered in openssl that causes a race condition
+ within the TLS extension parsing code and which can be exploited to
+ cause a heap-based buffer overflow (CVE-2010-3864).
+
+ Packages for 2009.0 are provided as of the Extended Maintenance
+ Program. Please visit this link to learn more:
+ http://store.mandriva.com/product_info.php?cPath=149&products_id=490
+
+ The updated packages have been patched to correct this issue.
+
+ Affected Software/OS:
+ openssl on Mandriva Linux 2009.0,
+ Mandriva Linux 2009.0/X86_64,
+ Mandriva Linux 2010.0,
+ Mandriva Linux 2010.0/X86_64,
+ Mandriva Linux 2010.1,
+ Mandriva Linux 2010.1/X86_64,
+ Mandriva Enterprise Server 5,
+ Mandriva Enterprise Server 5/X86_64
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.mandriva.com/security-announce/2010-11/msg00032.php
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of openssl");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "MNDK_mes5")
+{
+
+ if(isrpmvuln(pkg:"libopenssl0.9.8", rpm:"libopenssl0.9.8~0.9.8h~3.8mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libopenssl0.9.8-devel", rpm:"libopenssl0.9.8-devel~0.9.8h~3.8mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libopenssl0.9.8-static-devel", rpm:"libopenssl0.9.8-static-devel~0.9.8h~3.8mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openssl", rpm:"openssl~0.9.8h~3.8mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl0.9.8", rpm:"lib64openssl0.9.8~0.9.8h~3.8mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl0.9.8-devel", rpm:"lib64openssl0.9.8-devel~0.9.8h~3.8mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl0.9.8-static-devel", rpm:"lib64openssl0.9.8-static-devel~0.9.8h~3.8mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2010.1")
+{
+
+ if(isrpmvuln(pkg:"libopenssl1.0.0", rpm:"libopenssl1.0.0~1.0.0a~1.5mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libopenssl1.0.0-devel", rpm:"libopenssl1.0.0-devel~1.0.0a~1.5mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libopenssl1.0.0-static-devel", rpm:"libopenssl1.0.0-static-devel~1.0.0a~1.5mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libopenssl-engines1.0.0", rpm:"libopenssl-engines1.0.0~1.0.0a~1.5mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openssl", rpm:"openssl~1.0.0a~1.5mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl1.0.0", rpm:"lib64openssl1.0.0~1.0.0a~1.5mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl1.0.0-devel", rpm:"lib64openssl1.0.0-devel~1.0.0a~1.5mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl1.0.0-static-devel", rpm:"lib64openssl1.0.0-static-devel~1.0.0a~1.5mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl-engines1.0.0", rpm:"lib64openssl-engines1.0.0~1.0.0a~1.5mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2010.0")
+{
+
+ if(isrpmvuln(pkg:"libopenssl0.9.8", rpm:"libopenssl0.9.8~0.9.8k~5.3mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libopenssl0.9.8-devel", rpm:"libopenssl0.9.8-devel~0.9.8k~5.3mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libopenssl0.9.8-static-devel", rpm:"libopenssl0.9.8-static-devel~0.9.8k~5.3mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openssl", rpm:"openssl~0.9.8k~5.3mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl0.9.8", rpm:"lib64openssl0.9.8~0.9.8k~5.3mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl0.9.8-devel", rpm:"lib64openssl0.9.8-devel~0.9.8k~5.3mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl0.9.8-static-devel", rpm:"lib64openssl0.9.8-static-devel~0.9.8k~5.3mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2009.0")
+{
+
+ if(isrpmvuln(pkg:"libopenssl0.9.8", rpm:"libopenssl0.9.8~0.9.8h~3.8mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libopenssl0.9.8-devel", rpm:"libopenssl0.9.8-devel~0.9.8h~3.8mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libopenssl0.9.8-static-devel", rpm:"libopenssl0.9.8-static-devel~0.9.8h~3.8mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openssl", rpm:"openssl~0.9.8h~3.8mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl0.9.8", rpm:"lib64openssl0.9.8~0.9.8h~3.8mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl0.9.8-devel", rpm:"lib64openssl0.9.8-devel~0.9.8h~3.8mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl0.9.8-static-devel", rpm:"lib64openssl0.9.8-static-devel~0.9.8h~3.8mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_239.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_239.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2010_239.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,1756 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Mandriva Update for php MDVSA-2010:239 (php)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(831259);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "MDVSA", value: "2010:239");
+ script_cve_id("CVE-2010-4150");
+ script_name("Mandriva Update for php MDVSA-2010:239 (php)");
+ desc = "
+
+ Vulnerability Insight:
+
+ A possible double free flaw was found in the imap extension for php
+ (CVE-2010-4150).
+
+ A GC corrupting flaw was found in Zend/zend_gc.c for php-5.3.x that
+ under certain circumstances could case a segmention fault (crash).
+
+ Packages for 2009.0 are provided as of the Extended Maintenance
+ Program. Please visit this link to learn more:
+ http://store.mandriva.com/product_info.php?cPath=149&products_id=490
+
+ The updated packages have been patched to correct these issues.
+
+ Affected Software/OS:
+ php on Mandriva Linux 2009.0,
+ Mandriva Linux 2009.0/X86_64,
+ Mandriva Linux 2010.0,
+ Mandriva Linux 2010.0/X86_64,
+ Mandriva Linux 2010.1,
+ Mandriva Linux 2010.1/X86_64,
+ Mandriva Enterprise Server 5,
+ Mandriva Enterprise Server 5/X86_64
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.mandriva.com/security-announce/2010-11/msg00033.php
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of php");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "MNDK_mes5")
+{
+
+ if(isrpmvuln(pkg:"libphp5_common5", rpm:"libphp5_common5~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-bcmath", rpm:"php-bcmath~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-bz2", rpm:"php-bz2~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-calendar", rpm:"php-calendar~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-cgi", rpm:"php-cgi~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-cli", rpm:"php-cli~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-ctype", rpm:"php-ctype~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-curl", rpm:"php-curl~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-dba", rpm:"php-dba~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-dbase", rpm:"php-dbase~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-devel", rpm:"php-devel~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-dom", rpm:"php-dom~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-exif", rpm:"php-exif~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-fcgi", rpm:"php-fcgi~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-filter", rpm:"php-filter~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-ftp", rpm:"php-ftp~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-gd", rpm:"php-gd~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-gettext", rpm:"php-gettext~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-gmp", rpm:"php-gmp~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-hash", rpm:"php-hash~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-iconv", rpm:"php-iconv~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-imap", rpm:"php-imap~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-json", rpm:"php-json~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-ldap", rpm:"php-ldap~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mbstring", rpm:"php-mbstring~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mcrypt", rpm:"php-mcrypt~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mhash", rpm:"php-mhash~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mime_magic", rpm:"php-mime_magic~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-ming", rpm:"php-ming~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mssql", rpm:"php-mssql~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mysql", rpm:"php-mysql~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mysqli", rpm:"php-mysqli~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-ncurses", rpm:"php-ncurses~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-odbc", rpm:"php-odbc~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-openssl", rpm:"php-openssl~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pcntl", rpm:"php-pcntl~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo", rpm:"php-pdo~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo_dblib", rpm:"php-pdo_dblib~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo_mysql", rpm:"php-pdo_mysql~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo_odbc", rpm:"php-pdo_odbc~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo_pgsql", rpm:"php-pdo_pgsql~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo_sqlite", rpm:"php-pdo_sqlite~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pgsql", rpm:"php-pgsql~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-posix", rpm:"php-posix~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pspell", rpm:"php-pspell~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-readline", rpm:"php-readline~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-recode", rpm:"php-recode~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-session", rpm:"php-session~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-shmop", rpm:"php-shmop~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-snmp", rpm:"php-snmp~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-soap", rpm:"php-soap~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sockets", rpm:"php-sockets~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sqlite", rpm:"php-sqlite~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sybase", rpm:"php-sybase~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sysvmsg", rpm:"php-sysvmsg~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sysvsem", rpm:"php-sysvsem~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sysvshm", rpm:"php-sysvshm~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-tidy", rpm:"php-tidy~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-tokenizer", rpm:"php-tokenizer~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-wddx", rpm:"php-wddx~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-xml", rpm:"php-xml~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-xmlreader", rpm:"php-xmlreader~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-xmlrpc", rpm:"php-xmlrpc~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-xmlwriter", rpm:"php-xmlwriter~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-xsl", rpm:"php-xsl~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-zip", rpm:"php-zip~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-zlib", rpm:"php-zlib~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php", rpm:"php~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64php5_common5", rpm:"lib64php5_common5~5.2.14~0.4mdvmes5.1", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2010.1")
+{
+
+ if(isrpmvuln(pkg:"libphp5_common5", rpm:"libphp5_common5~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-bcmath", rpm:"php-bcmath~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-bz2", rpm:"php-bz2~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-calendar", rpm:"php-calendar~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-cgi", rpm:"php-cgi~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-cli", rpm:"php-cli~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-ctype", rpm:"php-ctype~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-curl", rpm:"php-curl~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-dba", rpm:"php-dba~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-devel", rpm:"php-devel~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-doc", rpm:"php-doc~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-dom", rpm:"php-dom~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-enchant", rpm:"php-enchant~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-exif", rpm:"php-exif~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-fileinfo", rpm:"php-fileinfo~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-filter", rpm:"php-filter~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-fpm", rpm:"php-fpm~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-ftp", rpm:"php-ftp~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-gd", rpm:"php-gd~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-gettext", rpm:"php-gettext~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-gmp", rpm:"php-gmp~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-hash", rpm:"php-hash~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-iconv", rpm:"php-iconv~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-imap", rpm:"php-imap~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-intl", rpm:"php-intl~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-json", rpm:"php-json~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-ldap", rpm:"php-ldap~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mbstring", rpm:"php-mbstring~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mcrypt", rpm:"php-mcrypt~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mssql", rpm:"php-mssql~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mysql", rpm:"php-mysql~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mysqli", rpm:"php-mysqli~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-odbc", rpm:"php-odbc~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-openssl", rpm:"php-openssl~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pcntl", rpm:"php-pcntl~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo", rpm:"php-pdo~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo_dblib", rpm:"php-pdo_dblib~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo_mysql", rpm:"php-pdo_mysql~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo_odbc", rpm:"php-pdo_odbc~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo_pgsql", rpm:"php-pdo_pgsql~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo_sqlite", rpm:"php-pdo_sqlite~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pgsql", rpm:"php-pgsql~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-posix", rpm:"php-posix~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pspell", rpm:"php-pspell~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-readline", rpm:"php-readline~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-recode", rpm:"php-recode~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-session", rpm:"php-session~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-shmop", rpm:"php-shmop~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-snmp", rpm:"php-snmp~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-soap", rpm:"php-soap~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sockets", rpm:"php-sockets~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sqlite3", rpm:"php-sqlite3~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sybase_ct", rpm:"php-sybase_ct~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sysvmsg", rpm:"php-sysvmsg~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sysvsem", rpm:"php-sysvsem~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sysvshm", rpm:"php-sysvshm~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-tidy", rpm:"php-tidy~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-tokenizer", rpm:"php-tokenizer~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-wddx", rpm:"php-wddx~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-xml", rpm:"php-xml~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-xmlreader", rpm:"php-xmlreader~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-xmlrpc", rpm:"php-xmlrpc~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-xmlwriter", rpm:"php-xmlwriter~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-xsl", rpm:"php-xsl~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-zip", rpm:"php-zip~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-zlib", rpm:"php-zlib~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php", rpm:"php~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64php5_common5", rpm:"lib64php5_common5~5.3.3~0.4mdv2010.1", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2010.0")
+{
+
+ if(isrpmvuln(pkg:"libphp5_common5", rpm:"libphp5_common5~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-bcmath", rpm:"php-bcmath~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-bz2", rpm:"php-bz2~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-calendar", rpm:"php-calendar~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-cgi", rpm:"php-cgi~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-cli", rpm:"php-cli~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-ctype", rpm:"php-ctype~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-curl", rpm:"php-curl~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-dba", rpm:"php-dba~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-devel", rpm:"php-devel~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-doc", rpm:"php-doc~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-dom", rpm:"php-dom~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-enchant", rpm:"php-enchant~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-exif", rpm:"php-exif~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-fileinfo", rpm:"php-fileinfo~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-filter", rpm:"php-filter~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-fpm", rpm:"php-fpm~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-ftp", rpm:"php-ftp~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-gd", rpm:"php-gd~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-gettext", rpm:"php-gettext~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-gmp", rpm:"php-gmp~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-hash", rpm:"php-hash~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-iconv", rpm:"php-iconv~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-imap", rpm:"php-imap~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-intl", rpm:"php-intl~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-json", rpm:"php-json~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-ldap", rpm:"php-ldap~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mbstring", rpm:"php-mbstring~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mcrypt", rpm:"php-mcrypt~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mssql", rpm:"php-mssql~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mysql", rpm:"php-mysql~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mysqli", rpm:"php-mysqli~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-odbc", rpm:"php-odbc~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-openssl", rpm:"php-openssl~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pcntl", rpm:"php-pcntl~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo", rpm:"php-pdo~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo_dblib", rpm:"php-pdo_dblib~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo_mysql", rpm:"php-pdo_mysql~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo_odbc", rpm:"php-pdo_odbc~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo_pgsql", rpm:"php-pdo_pgsql~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo_sqlite", rpm:"php-pdo_sqlite~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pgsql", rpm:"php-pgsql~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-posix", rpm:"php-posix~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pspell", rpm:"php-pspell~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-readline", rpm:"php-readline~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-recode", rpm:"php-recode~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-session", rpm:"php-session~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-shmop", rpm:"php-shmop~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-snmp", rpm:"php-snmp~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-soap", rpm:"php-soap~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sockets", rpm:"php-sockets~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sqlite3", rpm:"php-sqlite3~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sybase_ct", rpm:"php-sybase_ct~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sysvmsg", rpm:"php-sysvmsg~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sysvsem", rpm:"php-sysvsem~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sysvshm", rpm:"php-sysvshm~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-tidy", rpm:"php-tidy~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-tokenizer", rpm:"php-tokenizer~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-wddx", rpm:"php-wddx~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-xml", rpm:"php-xml~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-xmlreader", rpm:"php-xmlreader~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-xmlrpc", rpm:"php-xmlrpc~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-xmlwriter", rpm:"php-xmlwriter~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-xsl", rpm:"php-xsl~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-zip", rpm:"php-zip~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-zlib", rpm:"php-zlib~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php", rpm:"php~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64php5_common5", rpm:"lib64php5_common5~5.3.3~0.4mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2009.0")
+{
+
+ if(isrpmvuln(pkg:"libphp5_common5", rpm:"libphp5_common5~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-bcmath", rpm:"php-bcmath~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-bz2", rpm:"php-bz2~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-calendar", rpm:"php-calendar~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-cgi", rpm:"php-cgi~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-cli", rpm:"php-cli~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-ctype", rpm:"php-ctype~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-curl", rpm:"php-curl~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-dba", rpm:"php-dba~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-dbase", rpm:"php-dbase~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-devel", rpm:"php-devel~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-dom", rpm:"php-dom~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-exif", rpm:"php-exif~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-fcgi", rpm:"php-fcgi~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-filter", rpm:"php-filter~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-ftp", rpm:"php-ftp~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-gd", rpm:"php-gd~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-gettext", rpm:"php-gettext~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-gmp", rpm:"php-gmp~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-hash", rpm:"php-hash~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-iconv", rpm:"php-iconv~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-imap", rpm:"php-imap~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-json", rpm:"php-json~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-ldap", rpm:"php-ldap~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mbstring", rpm:"php-mbstring~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mcrypt", rpm:"php-mcrypt~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mhash", rpm:"php-mhash~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mime_magic", rpm:"php-mime_magic~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-ming", rpm:"php-ming~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mssql", rpm:"php-mssql~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mysql", rpm:"php-mysql~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-mysqli", rpm:"php-mysqli~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-ncurses", rpm:"php-ncurses~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-odbc", rpm:"php-odbc~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-openssl", rpm:"php-openssl~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pcntl", rpm:"php-pcntl~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo", rpm:"php-pdo~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo_dblib", rpm:"php-pdo_dblib~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo_mysql", rpm:"php-pdo_mysql~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo_odbc", rpm:"php-pdo_odbc~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo_pgsql", rpm:"php-pdo_pgsql~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pdo_sqlite", rpm:"php-pdo_sqlite~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pgsql", rpm:"php-pgsql~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-posix", rpm:"php-posix~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-pspell", rpm:"php-pspell~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-readline", rpm:"php-readline~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-recode", rpm:"php-recode~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-session", rpm:"php-session~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-shmop", rpm:"php-shmop~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-snmp", rpm:"php-snmp~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-soap", rpm:"php-soap~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sockets", rpm:"php-sockets~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sqlite", rpm:"php-sqlite~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sybase", rpm:"php-sybase~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sysvmsg", rpm:"php-sysvmsg~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sysvsem", rpm:"php-sysvsem~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-sysvshm", rpm:"php-sysvshm~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-tidy", rpm:"php-tidy~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-tokenizer", rpm:"php-tokenizer~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-wddx", rpm:"php-wddx~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-xml", rpm:"php-xml~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-xmlreader", rpm:"php-xmlreader~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-xmlrpc", rpm:"php-xmlrpc~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-xmlwriter", rpm:"php-xmlwriter~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-xsl", rpm:"php-xsl~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-zip", rpm:"php-zip~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php-zlib", rpm:"php-zlib~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"php", rpm:"php~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64php5_common5", rpm:"lib64php5_common5~5.2.14~0.4mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1002_2.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1002_2.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1002_2.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,192 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for postgresql-8.4 vulnerability USN-1002-2
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(840537);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"6.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "USN", value: "1002-2");
+ script_cve_id("CVE-2010-3433");
+ script_name("Ubuntu Update for postgresql-8.4 vulnerability USN-1002-2");
+ desc = "
+
+ Vulnerability Insight:
+
+ USN-1002-1 fixed vulnerabilities in PostgreSQL. This update provides the
+ corresponding update for Ubuntu 10.10.
+
+ Original advisory details:
+
+ It was discovered that PostgreSQL did not properly enforce permissions
+ within sessions when PL/Perl and PL/Tcl functions or operators were
+ redefined. A remote authenticated attacker could exploit this to execute
+ arbitrary code with permissions of a different user, possibly leading to
+ privilege escalation.
+
+ Affected Software/OS:
+ postgresql-8.4 vulnerability on Ubuntu 10.10
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-October/001177.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of postgresql-8.4 vulnerability");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "UBUNTU10.10")
+{
+
+ if(isdpkgvuln(pkg:"libecpg-compat3", ver:"8.4.5-0ubuntu10.10", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libecpg-dev", ver:"8.4.5-0ubuntu10.10", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libecpg6", ver:"8.4.5-0ubuntu10.10", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libpgtypes3", ver:"8.4.5-0ubuntu10.10", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libpq-dev", ver:"8.4.5-0ubuntu10.10", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libpq5", ver:"8.4.5-0ubuntu10.10", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"postgresql-8.4", ver:"8.4.5-0ubuntu10.10", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"postgresql-client-8.4", ver:"8.4.5-0ubuntu10.10", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"postgresql-contrib-8.4", ver:"8.4.5-0ubuntu10.10", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"postgresql-server-dev-8.4", ver:"8.4.5-0ubuntu10.10", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"postgresql-plperl-8.4", ver:"8.4.5-0ubuntu10.10", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"postgresql-plpython-8.4", ver:"8.4.5-0ubuntu10.10", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"postgresql-pltcl-8.4", ver:"8.4.5-0ubuntu10.10", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"postgresql-client", ver:"8.4.5-0ubuntu10.10", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"postgresql-contrib", ver:"8.4.5-0ubuntu10.10", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"postgresql-doc-8.4", ver:"8.4.5-0ubuntu10.10", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"postgresql-doc", ver:"8.4.5-0ubuntu10.10", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"postgresql", ver:"8.4.5-0ubuntu10.10", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1004_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1004_1.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1004_1.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,92 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for python-django vulnerability USN-1004-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(840536);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "USN", value: "1004-1");
+ script_cve_id("CVE-2010-3082");
+ script_name("Ubuntu Update for python-django vulnerability USN-1004-1");
+ desc = "
+
+ Vulnerability Insight:
+
+ It was discovered that Django did not properly sanitize the cookie value
+ when applying CSRF protections resulting in a cross-site scripting (XSS)
+ vulnerability. With cross-site scripting vulnerabilities, if a user were
+ tricked into viewing server output during a crafted server request, a
+ remote attacker could exploit this to modify the contents, or steal
+ confidential data, within the same domain.
+
+ Affected Software/OS:
+ python-django vulnerability on Ubuntu 10.10
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-October/001178.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of python-django vulnerability");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "UBUNTU10.10")
+{
+
+ if(isdpkgvuln(pkg:"python-django-doc", ver:"1.2.3-1ubuntu0.1", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"python-django", ver:"1.2.3-1ubuntu0.1", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1015_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1015_1.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1015_1.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,102 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for libvpx vulnerability USN-1015-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(840539);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_xref(name: "USN", value: "1015-1");
+ script_cve_id("CVE-2010-4203");
+ script_name("Ubuntu Update for libvpx vulnerability USN-1015-1");
+ desc = "
+
+ Vulnerability Insight:
+
+ Christoph Diehl discovered that libvpx did not properly perform bounds
+ checking. If an application using libvpx opened a specially crafted
+ WebM file, an attacker could cause a denial of service or possibly execute
+ code as the user invoking the program.
+
+ Affected Software/OS:
+ libvpx vulnerability on Ubuntu 10.10
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-November/001198.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of libvpx vulnerability");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "UBUNTU10.10")
+{
+
+ if(isdpkgvuln(pkg:"libvpx-dev", ver:"0.9.2-1ubuntu0.1", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libvpx0-dbg", ver:"0.9.2-1ubuntu0.1", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libvpx0", ver:"0.9.2-1ubuntu0.1", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libvpx-doc", ver:"0.9.2-1ubuntu0.1", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1018_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1018_1.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1018_1.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,209 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for openssl vulnerability USN-1018-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(840540);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"7.6");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "USN", value: "1018-1");
+ script_cve_id("CVE-2010-3864");
+ script_name("Ubuntu Update for openssl vulnerability USN-1018-1");
+ desc = "
+
+ Vulnerability Insight:
+
+ Rob Hulswit discovered a race condition in the OpenSSL TLS server
+ extension parsing code when used within a threaded server. A remote
+ attacker could trigger this flaw to cause a denial of service
+ or possibly execute arbitrary code with application privileges.
+ (CVE-2010-3864)
+
+ Affected Software/OS:
+ openssl vulnerability on Ubuntu 8.04 LTS ,
+ Ubuntu 9.10 ,
+ Ubuntu 10.10
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-November/001201.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of openssl vulnerability");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "UBUNTU9.10")
+{
+
+ if(isdpkgvuln(pkg:"libssl-dev", ver:"0.9.8g-16ubuntu3.4", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libssl0.9.8-dbg", ver:"0.9.8g-16ubuntu3.4", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libssl0.9.8", ver:"0.9.8g-16ubuntu3.4", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"openssl", ver:"0.9.8g-16ubuntu3.4", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"openssl-doc", ver:"0.9.8g-16ubuntu3.4", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libcrypto0.9.8-udeb", ver:"0.9.8g-16ubuntu3.4", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU10.10")
+{
+
+ if(isdpkgvuln(pkg:"libssl-dev", ver:"0.9.8o-1ubuntu4.2", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libssl0.9.8-dbg", ver:"0.9.8o-1ubuntu4.2", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libssl0.9.8", ver:"0.9.8o-1ubuntu4.2", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"openssl", ver:"0.9.8o-1ubuntu4.2", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"openssl-doc", ver:"0.9.8o-1ubuntu4.2", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libcrypto0.9.8-udeb", ver:"0.9.8o-1ubuntu4.2", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libssl0.9.8-udeb", ver:"0.9.8o-1ubuntu4.2", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU8.04 LTS")
+{
+
+ if(isdpkgvuln(pkg:"libssl-dev", ver:"0.9.8g-4ubuntu3.12", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libssl0.9.8-dbg", ver:"0.9.8g-4ubuntu3.12", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libssl0.9.8", ver:"0.9.8g-4ubuntu3.12", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"openssl", ver:"0.9.8g-4ubuntu3.12", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"openssl-doc", ver:"0.9.8g-4ubuntu3.12", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libcrypto0.9.8-udeb", ver:"0.9.8g-4ubuntu3.12", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_959_2.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_959_2.nasl 2010-11-23 14:16:40 UTC (rev 9504)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_959_2.nasl 2010-11-23 14:30:07 UTC (rev 9505)
@@ -0,0 +1,118 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for pam vulnerability USN-959-2
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(840538);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"6.9");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "USN", value: "959-2");
+ script_cve_id("CVE-2010-0832");
+ script_name("Ubuntu Update for pam vulnerability USN-959-2");
+ desc = "
+
+ Vulnerability Insight:
+
+ USN-959-1 fixed vulnerabilities in PAM. This update provides the
+ corresponding updates for Ubuntu 10.10.
+
+ Original advisory details:
+
+ Denis Excoffier discovered that the PAM MOTD module in Ubuntu did
+ not correctly handle path permissions when creating user file stamps.
+ A local attacker could exploit this to gain root privilieges.
+
+ Affected Software/OS:
+ pam vulnerability on Ubuntu 10.10
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-October/001189.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of pam vulnerability");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "UBUNTU10.10")
+{
+
+ if(isdpkgvuln(pkg:"libpam-cracklib", ver:"1.1.1-4ubuntu2", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libpam-modules", ver:"1.1.1-4ubuntu2", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libpam0g-dev", ver:"1.1.1-4ubuntu2", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libpam0g", ver:"1.1.1-4ubuntu2", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libpam-doc", ver:"1.1.1-4ubuntu2", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libpam-runtime", ver:"1.1.1-4ubuntu2", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
More information about the Openvas-commits
mailing list