[Openvas-commits] r10626 - in trunk/openvas-plugins: . scripts
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Thu Mar 24 14:29:57 CET 2011
Author: veerendragg
Date: 2011-03-24 14:29:52 +0100 (Thu, 24 Mar 2011)
New Revision: 10626
Added:
trunk/openvas-plugins/scripts/gb_RHSA-2011_0370-01_wireshark.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_1255_openssl_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_2102_mailman_fc14.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_2125_mailman_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_2531_perl-File-FcntlLock_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_2531_perl-Mail-Box_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_2590_vsftpd_fc14.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_2615_vsftpd_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_2657_subversion_fc14.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_2698_subversion_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_2794_whatsup_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_2796_seamonkey_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_2797_seamonkey_fc14.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_2801_whatsup_fc14.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_2803_cgit_fc14.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_2815_cgit_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_3043_policycoreutils_fc14.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_3113_pidgin_fc14.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_3118_samba_fc14.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_3120_samba_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_3132_pidgin_fc13.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_3194_pango_fc14.nasl
trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_049.nasl
trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_050.nasl
trunk/openvas-plugins/scripts/gb_ubuntu_USN_1085_2.nasl
trunk/openvas-plugins/scripts/gb_ubuntu_USN_1088_1.nasl
trunk/openvas-plugins/scripts/gb_ubuntu_USN_1089_1.nasl
trunk/openvas-plugins/scripts/gb_ubuntu_USN_1090_1.nasl
Modified:
trunk/openvas-plugins/ChangeLog
Log:
Added new LSC plugins.
Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/ChangeLog 2011-03-24 13:29:52 UTC (rev 10626)
@@ -1,3 +1,35 @@
+2011-03-24 Veerendra G.G <veerendragg at secpod.com>
+
+ * scripts/gb_fedora_2011_2590_vsftpd_fc14.nasl,
+ scripts/gb_ubuntu_USN_1085_2.nasl,
+ scripts/gb_fedora_2011_2801_whatsup_fc14.nasl,
+ scripts/gb_mandriva_MDVSA_2011_050.nasl,
+ scripts/gb_ubuntu_USN_1090_1.nasl,
+ scripts/gb_fedora_2011_2531_perl-Mail-Box_fc13.nasl,
+ scripts/gb_ubuntu_USN_1089_1.nasl,
+ scripts/gb_fedora_2011_2531_perl-File-FcntlLock_fc13.nasl,
+ scripts/gb_fedora_2011_1255_openssl_fc13.nasl,
+ scripts/gb_RHSA-2011_0370-01_wireshark.nasl,
+ scripts/gb_fedora_2011_2794_whatsup_fc13.nasl,
+ scripts/gb_fedora_2011_2796_seamonkey_fc13.nasl,
+ scripts/gb_mandriva_MDVSA_2011_049.nasl,
+ scripts/gb_fedora_2011_2657_subversion_fc14.nasl,
+ scripts/gb_fedora_2011_2803_cgit_fc14.nasl,
+ scripts/gb_ubuntu_USN_1088_1.nasl,
+ scripts/gb_fedora_2011_2815_cgit_fc13.nasl,
+ scripts/gb_fedora_2011_3043_policycoreutils_fc14.nasl,
+ scripts/gb_fedora_2011_3113_pidgin_fc14.nasl,
+ scripts/gb_fedora_2011_3120_samba_fc13.nasl,
+ scripts/gb_fedora_2011_2125_mailman_fc13.nasl,
+ scripts/gb_fedora_2011_3132_pidgin_fc13.nasl,
+ scripts/gb_fedora_2011_2698_subversion_fc13.nasl,
+ scripts/gb_fedora_2011_2797_seamonkey_fc14.nasl,
+ scripts/gb_fedora_2011_3118_samba_fc14.nasl,
+ scripts/gb_fedora_2011_2102_mailman_fc14.nasl,
+ scripts/gb_fedora_2011_3194_pango_fc14.nasl,
+ scripts/gb_fedora_2011_2615_vsftpd_fc13.nasl:
+ Added new LSC plugins.
+
2011-03-23 Michael Meyer <michael.meyer at greenbone.net>
* scripts/gb_emc_networker_detect.nasl,
Added: trunk/openvas-plugins/scripts/gb_RHSA-2011_0370-01_wireshark.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_RHSA-2011_0370-01_wireshark.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_RHSA-2011_0370-01_wireshark.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,135 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for wireshark RHSA-2011:0370-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(870411);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"6.8");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "RHSA", value: "2011:0370-01");
+ script_cve_id("CVE-2010-3445", "CVE-2011-0024", "CVE-2011-0538", "CVE-2011-1139", "CVE-2011-1140", "CVE-2011-1141", "CVE-2011-1143");
+ script_name("RedHat Update for wireshark RHSA-2011:0370-01");
+ desc = "
+
+ Vulnerability Insight:
+ Wireshark is a program for monitoring network traffic. Wireshark was
+ previously known as Ethereal.
+
+ A heap-based buffer overflow flaw was found in Wireshark. If Wireshark
+ opened a specially-crafted capture file, it could crash or, possibly,
+ execute arbitrary code as the user running Wireshark. (CVE-2011-0024)
+
+ Several denial of service flaws were found in Wireshark. Wireshark could
+ crash or stop responding if it read a malformed packet off a network, or
+ opened a malicious dump file. (CVE-2010-3445, CVE-2011-0538, CVE-2011-1139,
+ CVE-2011-1140, CVE-2011-1141, CVE-2011-1143)
+
+ Users of Wireshark should upgrade to these updated packages, which contain
+ backported patches to correct these issues. All running instances of
+ Wireshark must be restarted for the update to take effect.
+
+
+ Affected Software/OS:
+ wireshark on Red Hat Enterprise Linux (v. 5 server),
+ Red Hat Enterprise Linux AS version 4,
+ Red Hat Enterprise Linux ES version 4,
+ Red Hat Enterprise Linux WS version 4
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://www.redhat.com/archives/rhsa-announce/2011-March/msg00034.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of wireshark");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "RHENT_5")
+{
+
+ if(isrpmvuln(pkg:"wireshark", rpm:"wireshark~1.0.15~1.el5_6.4", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"wireshark-debuginfo", rpm:"wireshark-debuginfo~1.0.15~1.el5_6.4", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"wireshark-gnome", rpm:"wireshark-gnome~1.0.15~1.el5_6.4", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "RHENT_4")
+{
+
+ if(isrpmvuln(pkg:"wireshark", rpm:"wireshark~1.0.15~2.el4", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"wireshark-debuginfo", rpm:"wireshark-debuginfo~1.0.15~2.el4", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"wireshark-gnome", rpm:"wireshark-gnome~1.0.15~2.el4", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_1255_openssl_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_1255_openssl_fc13.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_1255_openssl_fc13.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,84 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for openssl FEDORA-2011-1255
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862920);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"7.6");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2011-1255");
+ script_cve_id("CVE-2011-0014", "CVE-2010-4180", "CVE-2010-3864", "CVE-2010-0742", "CVE-2010-1633");
+ script_name("Fedora Update for openssl FEDORA-2011-1255");
+ desc = "
+
+ Vulnerability Insight:
+ The OpenSSL toolkit provides support for secure communications between
+ machines. OpenSSL includes a certificate management tool and shared
+ libraries which provide various cryptographic algorithms and
+ protocols.
+
+
+ Affected Software/OS:
+ openssl on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056102.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of openssl");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"openssl", rpm:"openssl~1.0.0d~1.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_2102_mailman_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_2102_mailman_fc14.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_2102_mailman_fc14.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,93 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for mailman FEDORA-2011-2102
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862916);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "FEDORA", value: "2011-2102");
+ script_cve_id("CVE-2011-0707", "CVE-2010-3089");
+ script_name("Fedora Update for mailman FEDORA-2011-2102");
+ desc = "
+
+ Vulnerability Insight:
+ Mailman is software to help manage email discussion lists, much like
+ Majordomo and Smartmail. Unlike most similar products, Mailman gives
+ each mailing list a webpage, and allows users to subscribe,
+ unsubscribe, etc. over the Web. Even the list manager can administer
+ his or her list entirely from the Web. Mailman also integrates most
+ things people want to do with mailing lists, including archiving, mail
+ <-> news gateways, and so on.
+
+ Documentation can be found in: /usr/share/doc/mailman-2.1.13
+
+ When the package has finished installing, you will need to perform some
+ additional installation steps, these are described in:
+ /usr/share/doc/mailman-2.1.13/INSTALL.REDHAT
+
+
+ Affected Software/OS:
+ mailman on Fedora 14
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056387.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of mailman");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC14")
+{
+
+ if(isrpmvuln(pkg:"mailman", rpm:"mailman~2.1.13~7.fc14", rls:"FC14"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_2125_mailman_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_2125_mailman_fc13.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_2125_mailman_fc13.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,93 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for mailman FEDORA-2011-2125
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862912);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "FEDORA", value: "2011-2125");
+ script_cve_id("CVE-2011-0707", "CVE-2010-3089");
+ script_name("Fedora Update for mailman FEDORA-2011-2125");
+ desc = "
+
+ Vulnerability Insight:
+ Mailman is software to help manage email discussion lists, much like
+ Majordomo and Smartmail. Unlike most similar products, Mailman gives
+ each mailing list a webpage, and allows users to subscribe,
+ unsubscribe, etc. over the Web. Even the list manager can administer
+ his or her list entirely from the Web. Mailman also integrates most
+ things people want to do with mailing lists, including archiving, mail
+ <-> news gateways, and so on.
+
+ Documentation can be found in: /usr/share/doc/mailman-2.1.12
+
+ When the package has finished installing, you will need to perform some
+ additional installation steps, these are described in:
+ /usr/share/doc/mailman-2.1.12/INSTALL.REDHAT
+
+
+ Affected Software/OS:
+ mailman on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056363.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of mailman");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"mailman", rpm:"mailman~2.1.12~17.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_2531_perl-File-FcntlLock_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_2531_perl-File-FcntlLock_fc13.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_2531_perl-File-FcntlLock_fc13.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,82 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for perl-File-FcntlLock FEDORA-2011-2531
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862913);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2011-2531");
+ script_name("Fedora Update for perl-File-FcntlLock FEDORA-2011-2531");
+ desc = "
+
+ Vulnerability Insight:
+ FcntlLock is a module to do file locking in an object oriented
+ fashion using the fcntl(2) system call. This allows locks on parts
+ of a file as well as on the whole file and overcomes some known
+ problems with flock(2), on which Perl's flock() function is based.
+
+
+ Affected Software/OS:
+ perl-File-FcntlLock on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055873.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of perl-File-FcntlLock");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"perl-File-FcntlLock", rpm:"perl-File-FcntlLock~0.12~1.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_2531_perl-Mail-Box_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_2531_perl-Mail-Box_fc13.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_2531_perl-Mail-Box_fc13.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,81 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for perl-Mail-Box FEDORA-2011-2531
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862930);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2011-2531");
+ script_name("Fedora Update for perl-Mail-Box FEDORA-2011-2531");
+ desc = "
+
+ Vulnerability Insight:
+ The Mail::Box folder is a modern mail-folder manager -- at least at
+ the moment of this writing ;) It is written to replace Mail::Folder,
+ although its interface is different.
+
+
+ Affected Software/OS:
+ perl-Mail-Box on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055872.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of perl-Mail-Box");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"perl-Mail-Box", rpm:"perl-Mail-Box~2.097~1.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_2590_vsftpd_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_2590_vsftpd_fc14.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_2590_vsftpd_fc14.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,82 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for vsftpd FEDORA-2011-2590
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862925);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"4.0");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "FEDORA", value: "2011-2590");
+ script_cve_id("CVE-2011-0762");
+ script_name("Fedora Update for vsftpd FEDORA-2011-2590");
+ desc = "
+
+ Vulnerability Insight:
+ vsftpd is a Very Secure FTP daemon. It was written completely from
+ scratch.
+
+
+ Affected Software/OS:
+ vsftpd on Fedora 14
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055882.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of vsftpd");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC14")
+{
+
+ if(isrpmvuln(pkg:"vsftpd", rpm:"vsftpd~2.3.4~1.fc14", rls:"FC14"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_2615_vsftpd_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_2615_vsftpd_fc13.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_2615_vsftpd_fc13.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,82 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for vsftpd FEDORA-2011-2615
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862926);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"4.0");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "FEDORA", value: "2011-2615");
+ script_cve_id("CVE-2011-0762");
+ script_name("Fedora Update for vsftpd FEDORA-2011-2615");
+ desc = "
+
+ Vulnerability Insight:
+ vsftpd is a Very Secure FTP daemon. It was written completely from
+ scratch.
+
+
+ Affected Software/OS:
+ vsftpd on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055881.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of vsftpd");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"vsftpd", rpm:"vsftpd~2.3.4~1.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_2657_subversion_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_2657_subversion_fc14.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_2657_subversion_fc14.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,86 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for subversion FEDORA-2011-2657
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862918);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "FEDORA", value: "2011-2657");
+ script_cve_id("CVE-2011-0715");
+ script_name("Fedora Update for subversion FEDORA-2011-2657");
+ desc = "
+
+ Vulnerability Insight:
+ Subversion is a concurrent version control system which enables one
+ or more users to collaborate in developing and maintaining a
+ hierarchy of files and directories while keeping a history of all
+ changes. Subversion only stores the differences between versions,
+ instead of every complete file. Subversion is intended to be a
+ compelling replacement for CVS.
+
+
+ Affected Software/OS:
+ subversion on Fedora 14
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056071.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of subversion");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC14")
+{
+
+ if(isrpmvuln(pkg:"subversion", rpm:"subversion~1.6.16~1.fc14", rls:"FC14"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_2698_subversion_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_2698_subversion_fc13.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_2698_subversion_fc13.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,86 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for subversion FEDORA-2011-2698
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862924);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "FEDORA", value: "2011-2698");
+ script_cve_id("CVE-2011-0715");
+ script_name("Fedora Update for subversion FEDORA-2011-2698");
+ desc = "
+
+ Vulnerability Insight:
+ Subversion is a concurrent version control system which enables one
+ or more users to collaborate in developing and maintaining a
+ hierarchy of files and directories while keeping a history of all
+ changes. Subversion only stores the differences between versions,
+ instead of every complete file. Subversion is intended to be a
+ compelling replacement for CVS.
+
+
+ Affected Software/OS:
+ subversion on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056072.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of subversion");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"subversion", rpm:"subversion~1.6.16~1.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_2794_whatsup_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_2794_whatsup_fc13.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_2794_whatsup_fc13.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,87 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for whatsup FEDORA-2011-2794
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862919);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "FEDORA", value: "2011-2794");
+ script_cve_id("CVE-2009-3720");
+ script_name("Fedora Update for whatsup FEDORA-2011-2794");
+ desc = "
+
+ Vulnerability Insight:
+ Whatsup is a cluster node up/down detection utility.
+
+ Whatsup can quickly calculate and output the up and down nodes of a cluster.
+ Whatsup allows some tools, such as Pdsh, to operate more quickly by
+ not operating on down nodes. Whatsup calculates the up and down nodes of a
+ cluster through one of several possible backend tools
+ and several optional cluster node databases.
+
+
+ Affected Software/OS:
+ whatsup on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055920.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of whatsup");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"whatsup", rpm:"whatsup~1.12~1.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_2796_seamonkey_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_2796_seamonkey_fc13.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_2796_seamonkey_fc13.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,82 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for seamonkey FEDORA-2011-2796
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862921);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2011-2796");
+ script_name("Fedora Update for seamonkey FEDORA-2011-2796");
+ desc = "
+
+ Vulnerability Insight:
+ SeaMonkey is an all-in-one Internet application suite. It includes
+ a browser, mail/news client, IRC client, JavaScript debugger, and
+ a tool to inspect the DOM for web pages. It is derived from the
+ application formerly known as Mozilla Application Suite.
+
+
+ Affected Software/OS:
+ seamonkey on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056070.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of seamonkey");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"seamonkey", rpm:"seamonkey~2.0.12~1.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_2797_seamonkey_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_2797_seamonkey_fc14.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_2797_seamonkey_fc14.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,82 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for seamonkey FEDORA-2011-2797
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862914);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2011-2797");
+ script_name("Fedora Update for seamonkey FEDORA-2011-2797");
+ desc = "
+
+ Vulnerability Insight:
+ SeaMonkey is an all-in-one Internet application suite. It includes
+ a browser, mail/news client, IRC client, JavaScript debugger, and
+ a tool to inspect the DOM for web pages. It is derived from the
+ application formerly known as Mozilla Application Suite.
+
+
+ Affected Software/OS:
+ seamonkey on Fedora 14
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056038.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of seamonkey");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC14")
+{
+
+ if(isrpmvuln(pkg:"seamonkey", rpm:"seamonkey~2.0.12~1.fc14", rls:"FC14"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_2801_whatsup_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_2801_whatsup_fc14.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_2801_whatsup_fc14.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,87 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for whatsup FEDORA-2011-2801
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862928);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "FEDORA", value: "2011-2801");
+ script_cve_id("CVE-2009-3720");
+ script_name("Fedora Update for whatsup FEDORA-2011-2801");
+ desc = "
+
+ Vulnerability Insight:
+ Whatsup is a cluster node up/down detection utility.
+
+ Whatsup can quickly calculate and output the up and down nodes of a cluster.
+ Whatsup allows some tools, such as Pdsh, to operate more quickly by
+ not operating on down nodes. Whatsup calculates the up and down nodes of a
+ cluster through one of several possible backend tools
+ and several optional cluster node databases.
+
+
+ Affected Software/OS:
+ whatsup on Fedora 14
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055925.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of whatsup");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC14")
+{
+
+ if(isrpmvuln(pkg:"whatsup", rpm:"whatsup~1.12~1.fc14", rls:"FC14"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_2803_cgit_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_2803_cgit_fc14.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_2803_cgit_fc14.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,81 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for cgit FEDORA-2011-2803
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862931);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "FEDORA", value: "2011-2803");
+ script_cve_id("CVE-2011-1027");
+ script_name("Fedora Update for cgit FEDORA-2011-2803");
+ desc = "
+
+ Vulnerability Insight:
+ Cgit is a fast web interface for git. It uses caching to increase performance.
+
+
+ Affected Software/OS:
+ cgit on Fedora 14
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055896.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of cgit");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC14")
+{
+
+ if(isrpmvuln(pkg:"cgit", rpm:"cgit~0.9~1.fc14", rls:"FC14"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_2815_cgit_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_2815_cgit_fc13.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_2815_cgit_fc13.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,81 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for cgit FEDORA-2011-2815
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862923);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2011-2815");
+ script_cve_id("CVE-2011-1027", "CVE-2010-2542");
+ script_name("Fedora Update for cgit FEDORA-2011-2815");
+ desc = "
+
+ Vulnerability Insight:
+ Cgit is a fast web interface for git. It uses caching to increase performance.
+
+
+ Affected Software/OS:
+ cgit on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055898.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of cgit");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"cgit", rpm:"cgit~0.9~1.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_3043_policycoreutils_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_3043_policycoreutils_fc14.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_3043_policycoreutils_fc14.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,95 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for policycoreutils FEDORA-2011-3043
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862929);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"6.9");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2011-3043");
+ script_cve_id("CVE-2011-1011");
+ script_name("Fedora Update for policycoreutils FEDORA-2011-3043");
+ desc = "
+
+ Vulnerability Insight:
+ Security-enhanced Linux is a feature of the Linux® kernel and a number
+ of utilities with enhanced security functionality designed to add
+ mandatory access controls to Linux. The Security-enhanced Linux
+ kernel contains new architectural components originally developed to
+ improve the security of the Flask operating system. These
+ architectural components provide general support for the enforcement
+ of many kinds of mandatory access control policies, including those
+ based on the concepts of Type Enforcement®, Role-based Access
+ Control, and Multi-level Security.
+
+ policycoreutils contains the policy core utilities that are required
+ for basic operation of a SELinux system. These utilities include
+ load_policy to load policies, setfiles to label filesystems, newrole
+ to switch roles, and run_init to run /etc/init.d scripts in the proper
+ context.
+
+
+ Affected Software/OS:
+ policycoreutils on Fedora 14
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056227.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of policycoreutils");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC14")
+{
+
+ if(isrpmvuln(pkg:"policycoreutils", rpm:"policycoreutils~2.0.85~19.fc14", rls:"FC14"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_3113_pidgin_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_3113_pidgin_fc14.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_3113_pidgin_fc14.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,92 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for pidgin FEDORA-2011-3113
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862917);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"4.0");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "FEDORA", value: "2011-3113");
+ script_cve_id("CVE-2011-1091", "CVE-2010-3711");
+ script_name("Fedora Update for pidgin FEDORA-2011-3113");
+ desc = "
+
+ Vulnerability Insight:
+ Pidgin allows you to talk to anyone using a variety of messaging
+ protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu,
+ ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and
+ Zephyr. These protocols are implemented using a modular, easy to
+ use design. To use a protocol, just add an account using the
+ account editor.
+
+ Pidgin supports many common features of other clients, as well as many
+ unique features, such as perl scripting, TCL scripting and C plugins.
+
+ Pidgin is not affiliated with or endorsed by America Online, Inc.,
+ Microsoft Corporation, Yahoo! Inc., or ICQ Inc.
+
+
+ Affected Software/OS:
+ pidgin on Fedora 14
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055874.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of pidgin");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC14")
+{
+
+ if(isrpmvuln(pkg:"pidgin", rpm:"pidgin~2.7.11~1.fc14", rls:"FC14"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_3118_samba_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_3118_samba_fc14.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_3118_samba_fc14.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,89 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for samba FEDORA-2011-3118
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862922);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "FEDORA", value: "2011-3118");
+ script_cve_id("CVE-2011-0719");
+ script_name("Fedora Update for samba FEDORA-2011-3118");
+ desc = "
+
+ Vulnerability Insight:
+ Samba is the suite of programs by which a lot of PC-related machines
+ share files, printers, and other information (such as lists of
+ available files and printers). The Windows NT, OS/2, and Linux
+ operating systems support this natively, and add-on packages can
+ enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS,
+ and more. This package provides an SMB/CIFS server that can be used to
+ provide network services to SMB/CIFS clients.
+ Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT
+ need the NetBEUI (Microsoft Raw NetBIOS frame) protocol.
+
+
+ Affected Software/OS:
+ samba on Fedora 14
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056241.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of samba");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC14")
+{
+
+ if(isrpmvuln(pkg:"samba", rpm:"samba~3.5.8~74.fc14", rls:"FC14"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_3120_samba_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_3120_samba_fc13.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_3120_samba_fc13.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,89 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for samba FEDORA-2011-3120
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862911);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2011-3120");
+ script_cve_id("CVE-2011-0719", "CVE-2010-3069");
+ script_name("Fedora Update for samba FEDORA-2011-3120");
+ desc = "
+
+ Vulnerability Insight:
+ Samba is the suite of programs by which a lot of PC-related machines
+ share files, printers, and other information (such as lists of
+ available files and printers). The Windows NT, OS/2, and Linux
+ operating systems support this natively, and add-on packages can
+ enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS,
+ and more. This package provides an SMB/CIFS server that can be used to
+ provide network services to SMB/CIFS clients.
+ Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT
+ need the NetBEUI (Microsoft Raw NetBIOS frame) protocol.
+
+
+ Affected Software/OS:
+ samba on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056229.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of samba");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"samba", rpm:"samba~3.5.8~74.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_3132_pidgin_fc13.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_3132_pidgin_fc13.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_3132_pidgin_fc13.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,92 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for pidgin FEDORA-2011-3132
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862927);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "FEDORA", value: "2011-3132");
+ script_cve_id("CVE-2011-1091", "CVE-2010-3711", "CVE-2010-2528", "CVE-2010-1624");
+ script_name("Fedora Update for pidgin FEDORA-2011-3132");
+ desc = "
+
+ Vulnerability Insight:
+ Pidgin allows you to talk to anyone using a variety of messaging
+ protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu,
+ ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and
+ Zephyr. These protocols are implemented using a modular, easy to
+ use design. To use a protocol, just add an account using the
+ account editor.
+
+ Pidgin supports many common features of other clients, as well as many
+ unique features, such as perl scripting, TCL scripting and C plugins.
+
+ Pidgin is not affiliated with or endorsed by America Online, Inc.,
+ Microsoft Corporation, Yahoo! Inc., or ICQ Inc.
+
+
+ Affected Software/OS:
+ pidgin on Fedora 13
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056282.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of pidgin");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC13")
+{
+
+ if(isrpmvuln(pkg:"pidgin", rpm:"pidgin~2.7.11~1.fc13", rls:"FC13"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_3194_pango_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_3194_pango_fc14.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_3194_pango_fc14.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,90 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for pango FEDORA-2011-3194
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(862915);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"6.8");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2011-3194");
+ script_cve_id("CVE-2011-0064");
+ script_name("Fedora Update for pango FEDORA-2011-3194");
+ desc = "
+
+ Vulnerability Insight:
+ Pango is a library for laying out and rendering of text, with an emphasis
+ on internationalization. Pango can be used anywhere that text layout is needed,
+ though most of the work on Pango so far has been done in the context of the
+ GTK+ widget toolkit. Pango forms the core of text and font handling for GTK+.
+
+ Pango is designed to be modular; the core Pango layout engine can be used
+ with different font backends.
+
+ The integration of Pango with Cairo provides a complete solution with high
+ quality text handling and graphics rendering.
+
+
+ Affected Software/OS:
+ pango on Fedora 14
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056065.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of pango");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC14")
+{
+
+ if(isrpmvuln(pkg:"pango", rpm:"pango~1.28.1~5.fc14", rls:"FC14"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_049.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_049.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_049.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,124 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Mandriva Update for vsftpd MDVSA-2011:049 (vsftpd)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(831351);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"7.8");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "MDVSA", value: "2011:049");
+ script_cve_id("CVE-2010-2632", "CVE-2011-0762");
+ script_name("Mandriva Update for vsftpd MDVSA-2011:049 (vsftpd)");
+ desc = "
+
+ Vulnerability Insight:
+
+ A vulnerability was discovered and corrected in vsftpd:
+
+ The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3
+ allows remote authenticated users to cause a denial of service (CPU
+ consumption and process slot exhaustion) via crafted glob expressions
+ in STAT commands in multiple FTP sessions, a different vulnerability
+ than CVE-2010-2632 (CVE-2011-0762).
+
+ Packages for 2009.0 are provided as of the Extended Maintenance
+ Program. Please visit this link to learn more:
+ http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490
+
+ The updated packages have been patched to correct this issue.
+
+ Affected Software/OS:
+ vsftpd on Mandriva Linux 2009.0,
+ Mandriva Linux 2009.0/X86_64,
+ Mandriva Linux 2010.0,
+ Mandriva Linux 2010.0/X86_64,
+ Mandriva Linux 2010.1,
+ Mandriva Linux 2010.1/X86_64
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.mandriva.com/security-announce/2011-03/msg00008.php
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of vsftpd");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "MNDK_2010.1")
+{
+
+ if(isrpmvuln(pkg:"vsftpd", rpm:"vsftpd~2.2.2~4.1mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2010.0")
+{
+
+ if(isrpmvuln(pkg:"vsftpd", rpm:"vsftpd~2.1.2~2.1mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2009.0")
+{
+
+ if(isrpmvuln(pkg:"vsftpd", rpm:"vsftpd~2.0.7~1.1mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_050.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_050.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_050.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,515 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Mandriva Update for pidgin MDVSA-2011:050 (pidgin)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(831350);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"4.0");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "MDVSA", value: "2011:050");
+ script_cve_id("CVE-2011-1091");
+ script_name("Mandriva Update for pidgin MDVSA-2011:050 (pidgin)");
+ desc = "
+
+ Vulnerability Insight:
+
+ Multiple vulnerabilities has been identified and fixed in pidgin:
+
+ It was discovered that libpurple versions prior to 2.7.10 do not
+ properly clear certain data structures used in libpurple/cipher.c
+ prior to freeing. An attacker could potentially extract partial
+ information from memory regions freed by libpurple.
+
+ The Yahoo protocol plugin in libpurple versions 2.6.0 through 2.7.10
+ do not properly handle malformed YMSG packets, leading to NULL pointer
+ dereferences and application crash (CVE-2011-1091).
+
+ Packages for 2009.0 are provided as of the Extended Maintenance
+ Program. Please visit this link to learn more:
+ http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490
+
+ This update provides pidgin 2.7.11, which is not vulnerable to
+ these issues.
+
+ Affected Software/OS:
+ pidgin on Mandriva Linux 2009.0,
+ Mandriva Linux 2009.0/X86_64,
+ Mandriva Linux 2010.0,
+ Mandriva Linux 2010.0/X86_64,
+ Mandriva Linux 2010.1,
+ Mandriva Linux 2010.1/X86_64,
+ Mandriva Enterprise Server 5,
+ Mandriva Enterprise Server 5/X86_64
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.mandriva.com/security-announce/2011-03/msg00009.php
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of pidgin");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "MNDK_mes5")
+{
+
+ if(isrpmvuln(pkg:"finch", rpm:"finch~2.7.11~0.2mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libfinch0", rpm:"libfinch0~2.7.11~0.2mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libpurple0", rpm:"libpurple0~2.7.11~0.2mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libpurple-devel", rpm:"libpurple-devel~2.7.11~0.2mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin", rpm:"pidgin~2.7.11~0.2mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-bonjour", rpm:"pidgin-bonjour~2.7.11~0.2mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-client", rpm:"pidgin-client~2.7.11~0.2mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-gevolution", rpm:"pidgin-gevolution~2.7.11~0.2mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-i18n", rpm:"pidgin-i18n~2.7.11~0.2mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-meanwhile", rpm:"pidgin-meanwhile~2.7.11~0.2mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-perl", rpm:"pidgin-perl~2.7.11~0.2mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-plugins", rpm:"pidgin-plugins~2.7.11~0.2mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-silc", rpm:"pidgin-silc~2.7.11~0.2mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-tcl", rpm:"pidgin-tcl~2.7.11~0.2mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64finch0", rpm:"lib64finch0~2.7.11~0.2mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64purple0", rpm:"lib64purple0~2.7.11~0.2mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64purple-devel", rpm:"lib64purple-devel~2.7.11~0.2mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2010.1")
+{
+
+ if(isrpmvuln(pkg:"finch", rpm:"finch~2.7.11~0.2mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libfinch0", rpm:"libfinch0~2.7.11~0.2mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libpurple0", rpm:"libpurple0~2.7.11~0.2mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libpurple-devel", rpm:"libpurple-devel~2.7.11~0.2mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin", rpm:"pidgin~2.7.11~0.2mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-bonjour", rpm:"pidgin-bonjour~2.7.11~0.2mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-client", rpm:"pidgin-client~2.7.11~0.2mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-i18n", rpm:"pidgin-i18n~2.7.11~0.2mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-meanwhile", rpm:"pidgin-meanwhile~2.7.11~0.2mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-perl", rpm:"pidgin-perl~2.7.11~0.2mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-plugins", rpm:"pidgin-plugins~2.7.11~0.2mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-silc", rpm:"pidgin-silc~2.7.11~0.2mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-tcl", rpm:"pidgin-tcl~2.7.11~0.2mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64finch0", rpm:"lib64finch0~2.7.11~0.2mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64purple0", rpm:"lib64purple0~2.7.11~0.2mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64purple-devel", rpm:"lib64purple-devel~2.7.11~0.2mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2010.0")
+{
+
+ if(isrpmvuln(pkg:"finch", rpm:"finch~2.7.11~0.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libfinch0", rpm:"libfinch0~2.7.11~0.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libpurple0", rpm:"libpurple0~2.7.11~0.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libpurple-devel", rpm:"libpurple-devel~2.7.11~0.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin", rpm:"pidgin~2.7.11~0.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-bonjour", rpm:"pidgin-bonjour~2.7.11~0.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-client", rpm:"pidgin-client~2.7.11~0.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-i18n", rpm:"pidgin-i18n~2.7.11~0.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-meanwhile", rpm:"pidgin-meanwhile~2.7.11~0.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-perl", rpm:"pidgin-perl~2.7.11~0.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-plugins", rpm:"pidgin-plugins~2.7.11~0.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-silc", rpm:"pidgin-silc~2.7.11~0.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-tcl", rpm:"pidgin-tcl~2.7.11~0.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64finch0", rpm:"lib64finch0~2.7.11~0.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64purple0", rpm:"lib64purple0~2.7.11~0.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64purple-devel", rpm:"lib64purple-devel~2.7.11~0.2mdv2010.0", rls:"MNDK_2010.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2009.0")
+{
+
+ if(isrpmvuln(pkg:"finch", rpm:"finch~2.7.11~0.2mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libfinch0", rpm:"libfinch0~2.7.11~0.2mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libpurple0", rpm:"libpurple0~2.7.11~0.2mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libpurple-devel", rpm:"libpurple-devel~2.7.11~0.2mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin", rpm:"pidgin~2.7.11~0.2mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-bonjour", rpm:"pidgin-bonjour~2.7.11~0.2mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-client", rpm:"pidgin-client~2.7.11~0.2mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-gevolution", rpm:"pidgin-gevolution~2.7.11~0.2mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-i18n", rpm:"pidgin-i18n~2.7.11~0.2mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-meanwhile", rpm:"pidgin-meanwhile~2.7.11~0.2mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-perl", rpm:"pidgin-perl~2.7.11~0.2mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-plugins", rpm:"pidgin-plugins~2.7.11~0.2mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-silc", rpm:"pidgin-silc~2.7.11~0.2mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"pidgin-tcl", rpm:"pidgin-tcl~2.7.11~0.2mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64finch0", rpm:"lib64finch0~2.7.11~0.2mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64purple0", rpm:"lib64purple0~2.7.11~0.2mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64purple-devel", rpm:"lib64purple-devel~2.7.11~0.2mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1085_2.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1085_2.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1085_2.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,324 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for tiff regression USN-1085-2
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(840613);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_xref(name: "USN", value: "1085-2");
+ script_cve_id("CVE-2010-2482", "CVE-2010-2595", "CVE-2010-2597", "CVE-2010-2598", "CVE-2010-2630", "CVE-2010-3087", "CVE-2011-0191");
+ script_name("Ubuntu Update for tiff regression USN-1085-2");
+ desc = "
+
+ Vulnerability Insight:
+
+ USN-1085-1 fixed vulnerabilities in the system TIFF library. The upstream
+ fixes were incomplete and created problems for certain CCITTFAX4 files.
+ This update fixes the problem.
+
+ We apologize for the inconvenience.
+
+ Original advisory details:
+
+ Sauli Pahlman discovered that the TIFF library incorrectly handled invalid
+ td_stripbytecount fields. If a user or automated system were tricked into
+ opening a specially crafted TIFF image, a remote attacker could crash the
+ application, leading to a denial of service. This issue only affected
+ Ubuntu 10.04 LTS and 10.10. (CVE-2010-2482)
+
+ Sauli Pahlman discovered that the TIFF library incorrectly handled TIFF
+ files with an invalid combination of SamplesPerPixel and Photometric
+ values. If a user or automated system were tricked into opening a specially
+ crafted TIFF image, a remote attacker could crash the application, leading
+ to a denial of service. This issue only affected Ubuntu 10.10.
+ (CVE-2010-2482)
+
+ Nicolae Ghimbovschi discovered that the TIFF library incorrectly handled
+ invalid ReferenceBlackWhite values. If a user or automated system were
+ tricked into opening a specially crafted TIFF image, a remote attacker
+ could crash the application, leading to a denial of service.
+ (CVE-2010-2595)
+
+ Sauli Pahlman discovered that the TIFF library incorrectly handled certain
+ default fields. If a user or automated system were tricked into opening a
+ specially crafted TIFF image, a remote attacker could crash the
+ application, leading to a denial of service. (CVE-2010-2597, CVE-2010-2598)
+
+ It was discovered that the TIFF library incorrectly validated certain
+ data types. If a user or automated system were tricked into opening a
+ specially crafted TIFF image, a remote attacker could crash the
+ application, leading to a denial of service. (CVE-2010-2630)
+
+ It was discovered that the TIFF library incorrectly handled downsampled
+ JPEG data. If a user or automated system were tricked into opening a
+ specially crafted TIFF image, a remote attacker could execute arbitrary
+ code with user privileges, or crash the application, leading to a denial of
+ service. This issue only affected Ubuntu 10.04 LTS and 10.10.
+ (CVE-2010-3087)
+
+ It was discovered that the TIFF library incorrectly handled certain JPEG
+ data. If a user or automated system were tricked into opening a specially
+ crafted TIFF image, a remote attacker could execute arbitrary code with
+ user privileges, or crash the application, leading to a denial of servi ...
+
+ Description truncated, for more information please check the Reference URL
+
+ Affected Software/OS:
+ tiff regression on Ubuntu 6.06 LTS ,
+ Ubuntu 8.04 LTS ,
+ Ubuntu 9.10 ,
+ Ubuntu 10.04 LTS ,
+ Ubuntu 10.10
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-March/001277.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of tiff regression");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "UBUNTU9.10")
+{
+
+ if(isdpkgvuln(pkg:"libtiff-tools", ver:"3.8.2-13ubuntu0.5", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiff4-dev", ver:"3.8.2-13ubuntu0.5", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiff4", ver:"3.8.2-13ubuntu0.5", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiffxx0c2", ver:"3.8.2-13ubuntu0.5", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiff-opengl", ver:"3.8.2-13ubuntu0.5", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiff-doc", ver:"3.8.2-13ubuntu0.5", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU6.06 LTS")
+{
+
+ if(isdpkgvuln(pkg:"libtiff-tools", ver:"3.7.4-1ubuntu3.10", rls:"UBUNTU6.06 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiff4-dev", ver:"3.7.4-1ubuntu3.10", rls:"UBUNTU6.06 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiff4", ver:"3.7.4-1ubuntu3.10", rls:"UBUNTU6.06 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiffxx0c2", ver:"3.7.4-1ubuntu3.10", rls:"UBUNTU6.06 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiff-opengl", ver:"3.7.4-1ubuntu3.10", rls:"UBUNTU6.06 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+ if(isdpkgvuln(pkg:"libtiff-tools", ver:"3.9.2-2ubuntu0.5", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiff4-dev", ver:"3.9.2-2ubuntu0.5", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiff4", ver:"3.9.2-2ubuntu0.5", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiffxx0c2", ver:"3.9.2-2ubuntu0.5", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiff-opengl", ver:"3.9.2-2ubuntu0.5", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiff-doc", ver:"3.9.2-2ubuntu0.5", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU8.04 LTS")
+{
+
+ if(isdpkgvuln(pkg:"libtiff-tools", ver:"3.8.2-7ubuntu3.8", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiff4-dev", ver:"3.8.2-7ubuntu3.8", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiff4", ver:"3.8.2-7ubuntu3.8", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiffxx0c2", ver:"3.8.2-7ubuntu3.8", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiff-opengl", ver:"3.8.2-7ubuntu3.8", rls:"UBUNTU8.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU10.10")
+{
+
+ if(isdpkgvuln(pkg:"libtiff-tools", ver:"3.9.4-2ubuntu0.2", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiff4-dev", ver:"3.9.4-2ubuntu0.2", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiff4", ver:"3.9.4-2ubuntu0.2", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiffxx0c2", ver:"3.9.4-2ubuntu0.2", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiff-opengl", ver:"3.9.4-2ubuntu0.2", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libtiff-doc", ver:"3.9.4-2ubuntu0.2", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1088_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1088_1.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1088_1.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,419 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for krb5 vulnerability USN-1088-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(840616);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_xref(name: "USN", value: "1088-1");
+ script_cve_id("CVE-2011-0284");
+ script_name("Ubuntu Update for krb5 vulnerability USN-1088-1");
+ desc = "
+
+ Vulnerability Insight:
+
+ Cameron Meadors discovered that the MIT Kerberos 5 Key Distribution
+ Center (KDC) daemon is vulnerable to a double-free condition if
+ the Public Key Cryptography for Initial Authentication (PKINIT)
+ capability is enabled. This could allow a remote attacker to cause
+ a denial of service.
+
+ Affected Software/OS:
+ krb5 vulnerability on Ubuntu 9.10 ,
+ Ubuntu 10.04 LTS ,
+ Ubuntu 10.10
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-March/001279.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of krb5 vulnerability");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "UBUNTU9.10")
+{
+
+ if(isdpkgvuln(pkg:"krb5-user", ver:"1.7dfsg~beta3-1ubuntu0.12", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libgssapi-krb5-2", ver:"1.7dfsg~beta3-1ubuntu0.12", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libgssrpc4", ver:"1.7dfsg~beta3-1ubuntu0.12", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libk5crypto3", ver:"1.7dfsg~beta3-1ubuntu0.12", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkadm5clnt6", ver:"1.7dfsg~beta3-1ubuntu0.12", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkadm5srv6", ver:"1.7dfsg~beta3-1ubuntu0.12", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkdb5-4", ver:"1.7dfsg~beta3-1ubuntu0.12", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkrb5-3", ver:"1.7dfsg~beta3-1ubuntu0.12", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkrb5-dbg", ver:"1.7dfsg~beta3-1ubuntu0.12", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkrb5-dev", ver:"1.7dfsg~beta3-1ubuntu0.12", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkrb5support0", ver:"1.7dfsg~beta3-1ubuntu0.12", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"krb5-admin-server", ver:"1.7dfsg~beta3-1ubuntu0.12", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"krb5-clients", ver:"1.7dfsg~beta3-1ubuntu0.12", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"krb5-ftpd", ver:"1.7dfsg~beta3-1ubuntu0.12", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"krb5-kdc-ldap", ver:"1.7dfsg~beta3-1ubuntu0.12", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"krb5-kdc", ver:"1.7dfsg~beta3-1ubuntu0.12", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"krb5-pkinit", ver:"1.7dfsg~beta3-1ubuntu0.12", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"krb5-rsh-server", ver:"1.7dfsg~beta3-1ubuntu0.12", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"krb5-telnetd", ver:"1.7dfsg~beta3-1ubuntu0.12", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"krb5-doc", ver:"1.7dfsg~beta3-1ubuntu0.12", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU10.10")
+{
+
+ if(isdpkgvuln(pkg:"krb5-multidev", ver:"1.8.1+dfsg-5ubuntu0.6", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"krb5-user", ver:"1.8.1+dfsg-5ubuntu0.6", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libgssapi-krb5-2", ver:"1.8.1+dfsg-5ubuntu0.6", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libgssrpc4", ver:"1.8.1+dfsg-5ubuntu0.6", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libk5crypto3", ver:"1.8.1+dfsg-5ubuntu0.6", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkadm5clnt-mit7", ver:"1.8.1+dfsg-5ubuntu0.6", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkadm5srv-mit7", ver:"1.8.1+dfsg-5ubuntu0.6", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkdb5-4", ver:"1.8.1+dfsg-5ubuntu0.6", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkrb5-3", ver:"1.8.1+dfsg-5ubuntu0.6", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkrb5-dbg", ver:"1.8.1+dfsg-5ubuntu0.6", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkrb5-dev", ver:"1.8.1+dfsg-5ubuntu0.6", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkrb5support0", ver:"1.8.1+dfsg-5ubuntu0.6", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"krb5-admin-server", ver:"1.8.1+dfsg-5ubuntu0.6", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"krb5-kdc-ldap", ver:"1.8.1+dfsg-5ubuntu0.6", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"krb5-kdc", ver:"1.8.1+dfsg-5ubuntu0.6", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"krb5-pkinit", ver:"1.8.1+dfsg-5ubuntu0.6", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"krb5-doc", ver:"1.8.1+dfsg-5ubuntu0.6", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+ if(isdpkgvuln(pkg:"krb5-multidev", ver:"1.8.1+dfsg-2ubuntu0.8", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"krb5-user", ver:"1.8.1+dfsg-2ubuntu0.8", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libgssapi-krb5-2", ver:"1.8.1+dfsg-2ubuntu0.8", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libgssrpc4", ver:"1.8.1+dfsg-2ubuntu0.8", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libk5crypto3", ver:"1.8.1+dfsg-2ubuntu0.8", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkadm5clnt-mit7", ver:"1.8.1+dfsg-2ubuntu0.8", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkadm5srv-mit7", ver:"1.8.1+dfsg-2ubuntu0.8", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkdb5-4", ver:"1.8.1+dfsg-2ubuntu0.8", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkrb5-3", ver:"1.8.1+dfsg-2ubuntu0.8", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkrb5-dbg", ver:"1.8.1+dfsg-2ubuntu0.8", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkrb5-dev", ver:"1.8.1+dfsg-2ubuntu0.8", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"libkrb5support0", ver:"1.8.1+dfsg-2ubuntu0.8", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"krb5-admin-server", ver:"1.8.1+dfsg-2ubuntu0.8", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"krb5-kdc-ldap", ver:"1.8.1+dfsg-2ubuntu0.8", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"krb5-kdc", ver:"1.8.1+dfsg-2ubuntu0.8", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"krb5-pkinit", ver:"1.8.1+dfsg-2ubuntu0.8", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"krb5-doc", ver:"1.8.1+dfsg-2ubuntu0.8", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1089_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1089_1.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1089_1.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,389 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1089-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(840614);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"4.9");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "USN", value: "1089-1");
+ script_cve_id("CVE-2010-4076", "CVE-2010-4077", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4163", "CVE-2010-4175", "CVE-2010-4242");
+ script_name("Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1089-1");
+ desc = "
+
+ Vulnerability Insight:
+
+ Dan Rosenberg discovered that multiple terminal ioctls did not correctly
+ initialize structure memory. A local attacker could exploit this to read
+ portions of kernel stack memory, leading to a loss of privacy.
+ (CVE-2010-4076, CVE-2010-4077)
+
+ Dan Rosenberg discovered that the socket filters did not correctly
+ initialize structure memory. A local attacker could create malicious
+ filters to read portions of kernel stack memory, leading to a loss of
+ privacy. (CVE-2010-4158)
+
+ Dan Rosenberg discovered that certain iovec operations did not calculate
+ page counts correctly. A local attacker could exploit this to crash the
+ system, leading to a denial of service. (CVE-2010-4162)
+
+ Dan Rosenberg discovered that the SCSI subsystem did not correctly validate
+ iov segments. A local attacker with access to a SCSI device could send
+ specially crafted requests to crash the system, leading to a denial of
+ service. (CVE-2010-4163)
+
+ Dan Rosenberg discovered that the RDS protocol did not correctly check
+ ioctl arguments. A local attacker could exploit this to crash the system,
+ leading to a denial of service. (CVE-2010-4175)
+
+ Alan Cox discovered that the HCI UART driver did not correctly check if
+ a write operation was available. If the mmap_min-addr sysctl was changed
+ from the Ubuntu default to a value of 0, a local attacker could exploit
+ this flaw to gain root privileges. (CVE-2010-4242)
+
+ Affected Software/OS:
+ linux, linux-ec2 vulnerabilities on Ubuntu 9.10
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-March/001281.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of linux, linux-ec2 vulnerabilities");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "UBUNTU9.10")
+{
+
+ if(isdpkgvuln(pkg:"linux-headers-2.6.31-308-ec2", ver:"2.6.31-308.28", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.31-308-ec2", ver:"2.6.31-308.28", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-headers-2.6.31-23-386", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-headers-2.6.31-23-generic-pae", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-headers-2.6.31-23-generic", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.31-23-386", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.31-23-generic-pae", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.31-23-generic", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.31-23-virtual", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-libc-dev", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-ec2-doc", ver:"2.6.31-308.28", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-ec2-source-2.6.31", ver:"2.6.31-308.28", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-headers-2.6.31-308", ver:"2.6.31-308.28", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-doc", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-headers-2.6.31-23", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-source-2.6.31", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"block-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"char-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"crypto-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fat-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fb-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"firewire-core-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"floppy-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fs-core-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fs-secondary-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"input-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"irda-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kernel-image-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"md-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"message-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"mouse-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nfs-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-pcmcia-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-shared-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-usb-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"parport-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"pata-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"pcmcia-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"pcmcia-storage-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"plip-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"ppp-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"sata-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"scsi-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"serial-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"storage-core-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"usb-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"virtio-modules-2.6.31-23-generic-di", ver:"2.6.31-23.74", rls:"UBUNTU9.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1090_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1090_1.nasl 2011-03-23 21:23:21 UTC (rev 10625)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1090_1.nasl 2011-03-24 13:29:52 UTC (rev 10626)
@@ -0,0 +1,1198 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux vulnerabilities USN-1090-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(840615);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"4.9");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "USN", value: "1090-1");
+ script_cve_id("CVE-2010-4076", "CVE-2010-4077", "CVE-2010-4158", "CVE-2010-4163", "CVE-2010-4175");
+ script_name("Ubuntu Update for linux vulnerabilities USN-1090-1");
+ desc = "
+
+ Vulnerability Insight:
+
+ Dan Rosenberg discovered that multiple terminal ioctls did not correctly
+ initialize structure memory. A local attacker could exploit this to read
+ portions of kernel stack memory, leading to a loss of privacy.
+ (CVE-2010-4076, CVE-2010-4077)
+
+ Dan Rosenberg discovered that the socket filters did not correctly
+ initialize structure memory. A local attacker could create malicious
+ filters to read portions of kernel stack memory, leading to a loss of
+ privacy. (Ubuntu 10.10 was already fixed in a prior update.) (CVE-2010-4158)
+
+ Dan Rosenberg discovered that the SCSI subsystem did not correctly validate
+ iov segments. A local attacker with access to a SCSI device could send
+ specially crafted requests to crash the system, leading to a denial of
+ service. (CVE-2010-4163)
+
+ Dan Rosenberg discovered that the RDS protocol did not correctly check
+ ioctl arguments. A local attacker could exploit this to crash the system,
+ leading to a denial of service. (CVE-2010-4175)
+
+ Affected Software/OS:
+ linux vulnerabilities on Ubuntu 10.04 LTS ,
+ Ubuntu 10.10
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-March/001282.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of linux vulnerabilities");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "UBUNTU10.10")
+{
+
+ if(isdpkgvuln(pkg:"linux-headers-2.6.35-28-generic-pae", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-headers-2.6.35-28-generic", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-headers-2.6.35-28-virtual", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.35-28-generic-pae", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.35-28-generic", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.35-28-virtual", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-libc-dev", ver:"2.6.35-1028.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-tools-2.6.35-28", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-doc", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-headers-2.6.35-28", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-source-2.6.35", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-tools-common", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"block-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"block-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"block-modules-2.6.35-28-virtual-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"char-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"char-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"crypto-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"crypto-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"crypto-modules-2.6.35-28-virtual-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fat-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fat-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fat-modules-2.6.35-28-virtual-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fb-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fb-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fb-modules-2.6.35-28-virtual-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"firewire-core-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"firewire-core-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"floppy-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"floppy-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"floppy-modules-2.6.35-28-virtual-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fs-core-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fs-core-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fs-core-modules-2.6.35-28-virtual-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fs-secondary-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fs-secondary-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fs-secondary-modules-2.6.35-28-virtual-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"input-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"input-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"irda-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"irda-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"irda-modules-2.6.35-28-virtual-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kernel-image-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kernel-image-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kernel-image-2.6.35-28-virtual-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"md-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"md-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"md-modules-2.6.35-28-virtual-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"message-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"message-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"message-modules-2.6.35-28-virtual-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"mouse-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"mouse-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"mouse-modules-2.6.35-28-virtual-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nfs-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nfs-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-modules-2.6.35-28-virtual-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-pcmcia-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-pcmcia-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-shared-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-shared-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-shared-modules-2.6.35-28-virtual-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-usb-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-usb-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"parport-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"parport-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"parport-modules-2.6.35-28-virtual-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"pata-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"pata-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"pcmcia-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"pcmcia-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"pcmcia-storage-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"pcmcia-storage-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"plip-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"plip-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"ppp-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"ppp-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"ppp-modules-2.6.35-28-virtual-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"sata-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"sata-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"sata-modules-2.6.35-28-virtual-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"scsi-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"scsi-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"scsi-modules-2.6.35-28-virtual-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"serial-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"serial-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"squashfs-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"squashfs-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"squashfs-modules-2.6.35-28-virtual-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"storage-core-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"storage-core-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"storage-core-modules-2.6.35-28-virtual-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"usb-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"usb-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"virtio-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"virtio-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"virtio-modules-2.6.35-28-virtual-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"vlan-modules-2.6.35-28-generic-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"vlan-modules-2.6.35-28-generic-pae-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"vlan-modules-2.6.35-28-virtual-di", ver:"2.6.35-28.49", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+ if(isdpkgvuln(pkg:"linux-headers-2.6.32-30-386", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-headers-2.6.32-30-generic-pae", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-headers-2.6.32-30-generic", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.32-30-386", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.32-30-generic-pae", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.32-30-generic", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.32-30-virtual", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-libc-dev", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-tools-2.6.32-30", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-doc", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-headers-2.6.32-30", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-source-2.6.32", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-tools-common", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"block-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"block-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"char-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"char-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"crypto-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"crypto-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fat-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fat-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fb-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fb-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"firewire-core-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"firewire-core-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"floppy-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"floppy-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fs-core-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fs-core-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fs-secondary-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"fs-secondary-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"input-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"input-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"irda-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"irda-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kernel-image-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"kernel-image-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"md-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"md-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"message-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"message-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"mouse-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"mouse-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nfs-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nfs-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-pcmcia-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-pcmcia-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-shared-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-shared-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-usb-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"nic-usb-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"parport-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"parport-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"pata-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"pata-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"pcmcia-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"pcmcia-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"pcmcia-storage-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"pcmcia-storage-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"plip-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"plip-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"ppp-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"ppp-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"sata-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"sata-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"scsi-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"scsi-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"serial-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"serial-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"squashfs-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"squashfs-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"storage-core-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"storage-core-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"usb-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"usb-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"virtio-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"virtio-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"vlan-modules-2.6.32-30-generic-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"vlan-modules-2.6.32-30-generic-pae-di", ver:"2.6.32-30.59", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
More information about the Openvas-commits
mailing list