[Openvas-commits] r11403 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Sun Aug 7 17:37:11 CEST 2011


Author: reinke
Date: 2011-08-07 17:37:07 +0200 (Sun, 07 Aug 2011)
New Revision: 11403

Added:
   trunk/openvas-plugins/scripts/deb_2282_1.nasl
   trunk/openvas-plugins/scripts/deb_2283_1.nasl
   trunk/openvas-plugins/scripts/deb_2284_1.nasl
   trunk/openvas-plugins/scripts/deb_2285_1.nasl
   trunk/openvas-plugins/scripts/deb_2287_1.nasl
   trunk/openvas-plugins/scripts/deb_2288_1.nasl
   trunk/openvas-plugins/scripts/freebsd_libsoup.nasl
   trunk/openvas-plugins/scripts/freebsd_opensaml2.nasl
   trunk/openvas-plugins/scripts/freebsd_phpMyAdmin24.nasl
Modified:
   trunk/openvas-plugins/ChangeLog
Log:
New scripts added

Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2011-08-07 14:31:31 UTC (rev 11402)
+++ trunk/openvas-plugins/ChangeLog	2011-08-07 15:37:07 UTC (rev 11403)
@@ -1,5 +1,18 @@
 2011-08-07 Thomas Reinke <reinke at securityspace.com>
 
+	* scripts/deb_2282_1.nasl,
+	scripts/deb_2283_1.nasl,
+	scripts/deb_2284_1.nasl,
+	scripts/deb_2285_1.nasl,
+	scripts/deb_2287_1.nasl,
+	scripts/deb_2288_1.nasl,
+	scripts/freebsd_libsoup.nasl,
+	scripts/freebsd_opensaml2.nasl,
+	scripts/freebsd_phpMyAdmin24.nasl:
+	Added new scripts.
+
+2011-08-07 Thomas Reinke <reinke at securityspace.com>
+
 	* scripts/host_details.nasl
 	Updated to remove quotes around script ID.
 

Added: trunk/openvas-plugins/scripts/deb_2282_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_2282_1.nasl	2011-08-07 14:31:31 UTC (rev 11402)
+++ trunk/openvas-plugins/scripts/deb_2282_1.nasl	2011-08-07 15:37:07 UTC (rev 11403)
@@ -0,0 +1,98 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 2282-1 (qemu-kvm)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(70056);
+ script_cve_id("CVE-2011-2212", "CVE-2011-2527");
+ script_tag(name:"risk_factor", value:"High");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 2282-1 (qemu-kvm)");
+
+ desc = "The remote host is missing an update to qemu-kvm
+announced via advisory DSA 2282-1.
+
+Two vulnerabilities have been discovered in KVM, a solution for full
+virtualization on x86 hardware:
+
+CVE-2011-2212
+
+Nelson Elhage discovered a buffer overflow in the virtio subsystem,
+which could lead to denial of service or privilege escalation.
+
+CVE-2011-2527
+
+Andrew Griffiths discovered that group privileges were
+insufficiently dropped when started with -runas option, resulting
+in privilege escalation.
+
+For the stable distribution (squeeze), this problem has been fixed in
+version 0.12.5+dfsg-5+squeeze6.
+
+For the unstable distribution (sid), this problem has been fixed in
+version 0.14.1+dfsg-3.
+
+We recommend that you upgrade your qemu-kvm packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202282-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 2282-1 (qemu-kvm)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"kvm", ver:"1:0.12.5+dfsg-5+squeeze6", rls:"DEB6.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"qemu-kvm", ver:"0.12.5+dfsg-5+squeeze6", rls:"DEB6.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"qemu-kvm-dbg", ver:"0.12.5+dfsg-5+squeeze6", rls:"DEB6.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_2283_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_2283_1.nasl	2011-08-07 14:31:31 UTC (rev 11402)
+++ trunk/openvas-plugins/scripts/deb_2283_1.nasl	2011-08-07 15:37:07 UTC (rev 11403)
@@ -0,0 +1,92 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 2283-1 (krb5-appl)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(70057);
+ script_cve_id("CVE-2011-1526");
+ script_tag(name:"risk_factor", value:"High");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 2283-1 (krb5-appl)");
+
+ desc = "The remote host is missing an update to krb5-appl
+announced via advisory DSA 2283-1.
+
+Tim Zingelmann discovered that due an incorrect configure script the
+kerborised FTP server failed to set the effective GID correctly,
+resulting in privilege escalation.
+
+The oldstable distribution (lenny) is not affected.
+
+For the stable distribution (squeeze), this problem has been fixed in
+version 1.0.1-1.1.
+
+For the unstable distribution (sid), this problem will be fixed soon.
+
+We recommend that you upgrade your krb5-appl packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202283-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 2283-1 (krb5-appl)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"krb5-clients", ver:"1:1.0.1-1.1", rls:"DEB6.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"krb5-ftpd", ver:"1:1.0.1-1.1", rls:"DEB6.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"krb5-rsh-server", ver:"1:1.0.1-1.1", rls:"DEB6.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"krb5-telnetd", ver:"1:1.0.1-1.1", rls:"DEB6.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_2284_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_2284_1.nasl	2011-08-07 14:31:31 UTC (rev 11402)
+++ trunk/openvas-plugins/scripts/deb_2284_1.nasl	2011-08-07 15:37:07 UTC (rev 11403)
@@ -0,0 +1,113 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 2284-1 (opensaml2)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(70058);
+ script_cve_id("CVE-2011-1411");
+ script_tag(name:"risk_factor", value:"High");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 2284-1 (opensaml2)");
+
+ desc = "The remote host is missing an update to opensaml2
+announced via advisory DSA 2284-1.
+
+Juraj Somorovsky, Andreas Mayer, Meiko Jensen, Florian Kohlar, Marco
+Kampmann and Joerg Schwenk discovered that Shibboleth, a federated web
+single sign-on system is vulnerable to XML signature wrapping attacks.
+More details can be found in the Shibboleth
+advisory at http://shibboleth.internet2.edu/security-advisories.html
+
+For the oldstable distribution (lenny), this problem has been fixed in
+version 2.0-2+lenny3.
+
+For the stable distribution (squeeze), this problem has been fixed in
+version 2.3-2+squeeze1.
+
+For the unstable distribution (sid), this problem will be fixed soon.
+
+We recommend that you upgrade your opensaml2 packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202284-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 2284-1 (opensaml2)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"libsaml2", ver:"2.0-2+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libsaml2-dev", ver:"2.0-2+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libsaml2-doc", ver:"2.0-2+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"opensaml2-schemas", ver:"2.0-2+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"opensaml2-tools", ver:"2.0-2+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libsaml2-dev", ver:"2.3-2+squeeze1", rls:"DEB6.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libsaml2-doc", ver:"2.3-2+squeeze1", rls:"DEB6.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libsaml6", ver:"2.3-2+squeeze1", rls:"DEB6.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"opensaml2-schemas", ver:"2.3-2+squeeze1", rls:"DEB6.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"opensaml2-tools", ver:"2.3-2+squeeze1", rls:"DEB6.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_2285_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_2285_1.nasl	2011-08-07 14:31:31 UTC (rev 11402)
+++ trunk/openvas-plugins/scripts/deb_2285_1.nasl	2011-08-07 15:37:07 UTC (rev 11403)
@@ -0,0 +1,151 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 2285-1 (mapserver)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(70059);
+ script_tag(name:"cvss_base", value:"7.5");
+ script_cve_id("CVE-2011-2703", "CVE-2011-2704");
+ script_tag(name:"risk_factor", value:"High");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 2285-1 (mapserver)");
+
+ desc = "The remote host is missing an update to mapserver
+announced via advisory DSA 2285-1.
+
+Several vulnerabilities have been discovered in mapserver, a CGI-based
+web framework to publish spatial data and interactive mapping applications.
+The Common Vulnerabilities and Exposures project identifies the following
+problems:
+
+CVE-2011-2703
+
+Several instances of insufficient escaping of user input, leading to
+SQL injection attacks via OGC filter encoding (in WMS, WFS, and SOS
+filters).
+
+CVE-2011-2704
+
+Missing length checks in the processing of OGC filter encoding that can
+lead to stack-based buffer overflows and the execution of arbitrary code.
+
+
+For the oldstable distribution (lenny), this problem has been fixed in
+version 5.0.3-3+lenny7.
+
+For the stable distribution (squeeze), this problem has been fixed in
+version 5.6.5-2+squeeze2.
+
+For the testing (squeeze) and unstable (sid) distributions, this problem
+will be fixed soon.
+
+
+We recommend that you upgrade your mapserver packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202285-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 2285-1 (mapserver)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"cgi-mapserver", ver:"5.0.3-3+lenny7", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libmapscript-ruby", ver:"5.0.3-3+lenny7", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libmapscript-ruby1.8", ver:"5.0.3-3+lenny7", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libmapscript-ruby1.9", ver:"5.0.3-3+lenny7", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"mapserver-bin", ver:"5.0.3-3+lenny7", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"mapserver-doc", ver:"5.0.3-3+lenny7", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"perl-mapscript", ver:"5.0.3-3+lenny7", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-mapscript", ver:"5.0.3-3+lenny7", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"python-mapscript", ver:"5.0.3-3+lenny7", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"cgi-mapserver", ver:"5.6.5-2+squeeze2", rls:"DEB6.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libmapscript-ruby", ver:"5.6.5-2+squeeze2", rls:"DEB6.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libmapscript-ruby1.8", ver:"5.6.5-2+squeeze2", rls:"DEB6.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libmapscript-ruby1.9.1", ver:"5.6.5-2+squeeze2", rls:"DEB6.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"mapserver-bin", ver:"5.6.5-2+squeeze2", rls:"DEB6.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"mapserver-doc", ver:"5.6.5-2+squeeze2", rls:"DEB6.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"perl-mapscript", ver:"5.6.5-2+squeeze2", rls:"DEB6.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"php5-mapscript", ver:"5.6.5-2+squeeze2", rls:"DEB6.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"python-mapscript", ver:"5.6.5-2+squeeze2", rls:"DEB6.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_2287_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_2287_1.nasl	2011-08-07 14:31:31 UTC (rev 11402)
+++ trunk/openvas-plugins/scripts/deb_2287_1.nasl	2011-08-07 15:37:07 UTC (rev 11403)
@@ -0,0 +1,114 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 2287-1 (libpng)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(70060);
+ script_tag(name:"cvss_base", value:"6.8");
+ script_cve_id("CVE-2011-2501", "CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692");
+ script_tag(name:"risk_factor", value:"High");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 2287-1 (libpng)");
+
+ desc = "The remote host is missing an update to libpng
+announced via advisory DSA 2287-1.
+
+The PNG library libpng has been affected by several vulnerabilities. The
+most critical one is the identified as CVE-2011-2690. Using this
+vulnerability, an  attacker is able to overwrite memory with an
+arbitrary amount of data controlled by her via a crafted PNG image.
+
+The other vulnerabilities are less critical and allow an attacker to
+cause a  crash in the program (denial of service) via a crafted PNG
+image.
+
+For the oldstable distribution (lenny), this problem has been fixed in
+version 1.2.27-2+lenny5. Due to a technical limitation in the Debian
+archive processing scripts, the updated packages cannot be released
+in paralell with the packages for Squeeze. They will appear shortly.
+
+For the stable distribution (squeeze), this problem has been fixed in
+version 1.2.44-1+squeeze1.
+
+For the unstable distribution (sid), this problem has been fixed in
+version 1.2.46-1.
+
+We recommend that you upgrade your libpng packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202287-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 2287-1 (libpng)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"libpng12-0", ver:"1.2.27-2+lenny5", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpng12-0-udeb", ver:"1.2.27-2+lenny4", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpng12-dev", ver:"1.2.27-2+lenny5", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpng3", ver:"1.2.27-2+lenny5", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpng12-0", ver:"1.2.44-1+squeeze1", rls:"DEB6.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpng12-0-udeb", ver:"1.2.44-1", rls:"DEB6.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpng12-dev", ver:"1.2.44-1+squeeze1", rls:"DEB6.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libpng3", ver:"1.2.44-1+squeeze1", rls:"DEB6.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_2288_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_2288_1.nasl	2011-08-07 14:31:31 UTC (rev 11402)
+++ trunk/openvas-plugins/scripts/deb_2288_1.nasl	2011-08-07 15:37:07 UTC (rev 11403)
@@ -0,0 +1,100 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 2288-1 (libsndfile)
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# or at your option, GNU General Public License version 3,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(70061);
+ script_cve_id("CVE-2011-2696");
+ script_tag(name:"risk_factor", value:"High");
+ script_version ("$Revision$");
+ script_name("Debian Security Advisory DSA 2288-1 (libsndfile)");
+
+ desc = "The remote host is missing an update to libsndfile
+announced via advisory DSA 2288-1.
+
+Hossein Lotfi discovered an integer overflow in libsndfile's code to
+parse Paris Audio files, which could potentially lead to the execution
+of arbitrary code.
+
+For the oldstable distribution (lenny), this problem has been fixed in
+version 1.0.17-4+lenny3.
+
+For the stable distribution (squeeze), this problem has been fixed in
+version 1.0.21-3+squeeze1
+
+For the unstable distribution (sid), this problem has been fixed in
+version 1.0.25-1.
+
+We recommend that you upgrade your libsndfile packages.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202288-1
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("Debian Security Advisory DSA 2288-1 (libsndfile)");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com");
+ script_family("Debian Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"libsndfile1", ver:"1.0.17-4+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libsndfile1-dev", ver:"1.0.17-4+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"sndfile-programs", ver:"1.0.17-4+lenny3", rls:"DEB5.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libsndfile1", ver:"1.0.21-3+squeeze1", rls:"DEB6.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libsndfile1-dev", ver:"1.0.21-3+squeeze1", rls:"DEB6.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"sndfile-programs", ver:"1.0.21-3+squeeze1", rls:"DEB6.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_libsoup.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_libsoup.nasl	2011-08-07 14:31:31 UTC (rev 11402)
+++ trunk/openvas-plugins/scripts/freebsd_libsoup.nasl	2011-08-07 15:37:07 UTC (rev 11403)
@@ -0,0 +1,87 @@
+#
+#VID 30cb4522-b94d-11e0-8182-485d60cb5385
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID 30cb4522-b94d-11e0-8182-485d60cb5385
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(70062);
+ script_cve_id("CVE-2011-2054");
+ script_tag(name:"risk_factor", value:"High");
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: libsoup");
+
+ desc = "The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: libsoup
+
+CVE-2011-2054
+** RESERVED **
+This candidate has been reserved by an organization or individual that
+will use it when announcing a new security problem.  When the
+candidate has been publicized, the details for this candidate will be
+provided.
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://mail.gnome.org/archives/ftp-release-list/2011-July/msg00176.html
+https://bugzilla.gnome.org/show_bug.cgi?id=653258
+http://www.vuxml.org/freebsd/30cb4522-b94d-11e0-8182-485d60cb5385.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: libsoup");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"libsoup");
+if(!isnull(bver) && revcomp(a:bver, b:"2.32.2_3")<0) {
+    security_note(0, data:"Package libsoup version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_opensaml2.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_opensaml2.nasl	2011-08-07 14:31:31 UTC (rev 11402)
+++ trunk/openvas-plugins/scripts/freebsd_opensaml2.nasl	2011-08-07 15:37:07 UTC (rev 11403)
@@ -0,0 +1,86 @@
+#
+#VID 9f14cb36-b6fc-11e0-a044-445c73746d79
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID 9f14cb36-b6fc-11e0-a044-445c73746d79
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(70064);
+ script_cve_id("CVE-2011-1411");
+ script_tag(name:"risk_factor", value:"High");
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: opensaml2");
+
+ desc = "The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: opensaml2
+
+CVE-2011-1411
+** RESERVED **
+This candidate has been reserved by an organization or individual that
+will use it when announcing a new security problem.  When the
+candidate has been publicized, the details for this candidate will be
+provided.
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+https://groups.google.com/a/shibboleth.net/group/announce/browse_thread/thread/cf3e0d76afbb57d9
+http://www.vuxml.org/freebsd/9f14cb36-b6fc-11e0-a044-445c73746d79.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: opensaml2");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"opensaml2");
+if(!isnull(bver) && revcomp(a:bver, b:"0")>0 && revcomp(a:bver, b:"2.4.3")<0) {
+    security_note(0, data:"Package opensaml2 version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/freebsd_phpMyAdmin24.nasl
===================================================================
--- trunk/openvas-plugins/scripts/freebsd_phpMyAdmin24.nasl	2011-08-07 14:31:31 UTC (rev 11402)
+++ trunk/openvas-plugins/scripts/freebsd_phpMyAdmin24.nasl	2011-08-07 15:37:07 UTC (rev 11403)
@@ -0,0 +1,95 @@
+#
+#VID d79fc873-b5f9-11e0-89b4-001ec9578670
+# OpenVAS Vulnerability Test
+# $
+# Description: Auto generated from VID d79fc873-b5f9-11e0-89b4-001ec9578670
+#
+# Authors:
+# Thomas Reinke <reinke at securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisories, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(70063);
+ script_tag(name:"cvss_base", value:"6.8");
+ script_cve_id("CVE-2011-2642", "CVE-2011-2643");
+ script_tag(name:"risk_factor", value:"High");
+ script_version ("$Revision$");
+ script_name("FreeBSD Ports: phpMyAdmin");
+
+ desc = "The remote host is missing an update to the system
+as announced in the referenced advisory.
+
+The following package is affected: phpMyAdmin
+
+CVE-2011-2642
+Multiple cross-site scripting (XSS) vulnerabilities in the table Print
+view implementation in tbl_printview.php in phpMyAdmin before 3.3.10.3
+and 3.4.x before 3.4.3.2 allow remote authenticated users to inject
+arbitrary web script or HTML via a crafted table name.
+
+CVE-2011-2643
+Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x
+before 3.4.3.2, when configuration storage is enabled, allows remote
+attackers to include and execute arbitrary local files via directory
+traversal sequences in a MIME-type transformation parameter.
+
+Solution:
+Update your system with the appropriate patches or
+software upgrades.
+
+http://www.phpmyadmin.net/home_page/security/PMASA-2011-9.php
+http://www.phpmyadmin.net/home_page/security/PMASA-2011-10.php
+http://www.phpmyadmin.net/home_page/security/PMASA-2011-11.php
+http://www.phpmyadmin.net/home_page/security/PMASA-2011-12.php
+http://www.vuxml.org/freebsd/d79fc873-b5f9-11e0-89b4-001ec9578670.html
+
+Risk factor : High";
+
+ script_description(desc);
+
+ script_summary("FreeBSD Ports: phpMyAdmin");
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright("Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com");
+ script_family("FreeBSD Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/freebsdrel");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-bsd.inc");
+vuln = 0;
+bver = portver(pkg:"phpMyAdmin");
+if(!isnull(bver) && revcomp(a:bver, b:"3.4.3.2")<0) {
+    security_note(0, data:"Package phpMyAdmin version " + bver + " is installed which is known to be vulnerable.");
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}



More information about the Openvas-commits mailing list