[Openvas-commits] r12213 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Tue Nov 29 17:10:57 CET 2011


Author: hdoreau
Date: 2011-11-29 17:10:47 +0100 (Tue, 29 Nov 2011)
New Revision: 12213

Modified:
   trunk/openvas-plugins/ChangeLog
   trunk/openvas-plugins/scripts/clamav-CB-A08-0001.nasl
   trunk/openvas-plugins/scripts/fcore_2009_7937.nasl
   trunk/openvas-plugins/scripts/fcore_2009_7952.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2007_035_xorg-x11-server_fc6.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2007_425_xorg-x11-server_fc6.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2007_426_libX11_fc6.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2007_427_libX11_fc5.nasl
Log:
* scripts/gb_fedora_2007_427_libX11_fc5.nasl,
scripts/gb_fedora_2007_425_xorg-x11-server_fc6.nasl,
scripts/gb_fedora_2007_035_xorg-x11-server_fc6.nasl,
scripts/fcore_2009_7937.nasl,
scripts/clamav-CB-A08-0001.nasl,
scripts/gb_fedora_2007_426_libX11_fc6.nasl,
scripts/fcore_2009_7952.nasl:
Added missing CVE and CVSS. Updated risk factor accordingly.


Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2011-11-29 14:58:35 UTC (rev 12212)
+++ trunk/openvas-plugins/ChangeLog	2011-11-29 16:10:47 UTC (rev 12213)
@@ -1,3 +1,14 @@
+2011-11-29  Henri Doreau <henri.doreau at greenbone.net>
+
+	* scripts/gb_fedora_2007_427_libX11_fc5.nasl,
+	scripts/gb_fedora_2007_425_xorg-x11-server_fc6.nasl,
+	scripts/gb_fedora_2007_035_xorg-x11-server_fc6.nasl,
+	scripts/fcore_2009_7937.nasl,
+	scripts/clamav-CB-A08-0001.nasl,
+	scripts/gb_fedora_2007_426_libX11_fc6.nasl,
+	scripts/fcore_2009_7952.nasl:
+	Added missing CVE and CVSS. Updated risk factor accordingly.
+
 2011-11-29  Jan-Oliver Wagner <jan-oliver.wagner at greenbone.net>
 
 	* scripts/slad_fetch_results.nasl, scripts/scan_info.nasl:

Modified: trunk/openvas-plugins/scripts/clamav-CB-A08-0001.nasl
===================================================================
--- trunk/openvas-plugins/scripts/clamav-CB-A08-0001.nasl	2011-11-29 14:58:35 UTC (rev 12212)
+++ trunk/openvas-plugins/scripts/clamav-CB-A08-0001.nasl	2011-11-29 16:10:47 UTC (rev 12213)
@@ -32,7 +32,9 @@
   script_version("$Revision$");
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2008-02-29 23:43:58 +0100 (Fri, 29 Feb 2008)");
-  script_tag(name:"risk_factor", value:"High");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_tag(name:"cvss_base", value:"10.0");
+  script_cve_id("CVE-2007-6335", "CVE-2007-6336", "CVE-2007-6337", "CVE-2008-0318", "CVE-2008-1100", "CVE-2008-1387", "CVE-2008-2713");
   script_name("ClamAV < 0.93.1 vulnerability");
 
   desc = "The remote host is probably affected by the

Modified: trunk/openvas-plugins/scripts/fcore_2009_7937.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_7937.nasl	2011-11-29 14:58:35 UTC (rev 12212)
+++ trunk/openvas-plugins/scripts/fcore_2009_7937.nasl	2011-11-29 16:10:47 UTC (rev 12213)
@@ -32,6 +32,8 @@
  script_tag(name:"last_modification", value:"$Date$");
  script_tag(name:"creation_date", value:"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)");
  script_tag(name:"risk_factor", value:"High");
+ script_tag(name:"cvss_base", value:"7.5");
+ script_cve_id("CVE-2009-2658");
  script_name("Fedora Core 10 FEDORA-2009-7937 (znc)");
 
  desc = "The remote host is missing an update to znc
@@ -39,13 +41,12 @@
 
 Update Information:
 
-No CVE yet, one has been requested.    Upgrade to 0.072 of ZNC, fixes security
-issue in bug 513152    An users data directory traversal flaw was found in the
-way ZNC used to handle file upload requests via Direct Client Connection (DCC)
-/dcc SEND messages. A remote IRC user could issue a /dcc SEND message with a
-specially-crafted content (file to upload), which once accepted by a local,
-unsuspecting ZNC user, would overwrite relevant files in the
-users//downloads data directory.
+Upgrade to 0.072 of ZNC, fixes security issue in bug 513152    An users data
+directory traversal flaw was found in the way ZNC used to handle file upload
+requests via Direct Client Connection (DCC) /dcc SEND messages. A remote IRC
+user could issue a /dcc SEND message with a specially-crafted content (file to
+upload), which once accepted by a local, unsuspecting ZNC user, would overwrite
+relevant files in the users//downloads data directory.
 
 References:
 

Modified: trunk/openvas-plugins/scripts/fcore_2009_7952.nasl
===================================================================
--- trunk/openvas-plugins/scripts/fcore_2009_7952.nasl	2011-11-29 14:58:35 UTC (rev 12212)
+++ trunk/openvas-plugins/scripts/fcore_2009_7952.nasl	2011-11-29 16:10:47 UTC (rev 12213)
@@ -32,6 +32,8 @@
  script_tag(name:"last_modification", value:"$Date$");
  script_tag(name:"creation_date", value:"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)");
  script_tag(name:"risk_factor", value:"High");
+ script_tag(name:"cvss_base", value:"7.5");
+ script_cve_id("CVE-2009-2658");
  script_name("Fedora Core 11 FEDORA-2009-7952 (znc)");
 
  desc = "The remote host is missing an update to znc
@@ -39,13 +41,12 @@
 
 Update Information:
 
-No CVE yet, one has been requested.    Upgrade to 0.072 of ZNC, fixes security
-issue in bug 513152    An users data directory traversal flaw was found in the
-way ZNC used to handle file upload requests via Direct Client Connection (DCC)
-/dcc SEND messages. A remote IRC user could issue a /dcc SEND message with a
-specially-crafted content (file to upload), which once accepted by a local,
-unsuspecting ZNC user, would overwrite relevant files in the
-users//downloads data directory.
+Upgrade to 0.072 of ZNC, fixes security issue in bug 513152    An users data
+directory traversal flaw was found in the way ZNC used to handle file upload
+requests via Direct Client Connection (DCC) /dcc SEND messages. A remote IRC
+user could issue a /dcc SEND message with a specially-crafted content (file to
+upload), which once accepted by a local, unsuspecting ZNC user, would overwrite
+relevant files in the users//downloads data directory.
 
 References:
 

Modified: trunk/openvas-plugins/scripts/gb_fedora_2007_035_xorg-x11-server_fc6.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2007_035_xorg-x11-server_fc6.nasl	2011-11-29 14:58:35 UTC (rev 12212)
+++ trunk/openvas-plugins/scripts/gb_fedora_2007_035_xorg-x11-server_fc6.nasl	2011-11-29 16:10:47 UTC (rev 12213)
@@ -30,6 +30,8 @@
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2009-02-27 16:31:39 +0100 (Fri, 27 Feb 2009)");
   script_tag(name:"risk_factor", value:"High");
+  script_tag(name:"cvss_base", value:"6.6");
+  script_cve_id("CVE-2006-6101");
   script_xref(name: "FEDORA", value: "2007-035");
   script_name( "Fedora Update for xorg-x11-server FEDORA-2007-035");
   desc = "
@@ -40,7 +42,7 @@
   ---------------------------------------------------------------------
   
   * Tue Jan  9 2007 Adam Jackson &lt;ajax redhat com&gt; 1.1.1-47.4.fc6
-  - xorg-xserver-1.1.0-dbe-render.diff: CVE #2006-6101.
+  - xorg-xserver-1.1.0-dbe-render.diff: CVE-2006-6101.
   * Tue Dec  5 2006 Adam Jackson &lt;ajax redhat com&gt; 1.1.1-47.3.fc6
   - xorg-x11-server-1.1.1-xf86config-comment-less.patch: Added, makes
     pyxf86config not grow the config file every time it's run
@@ -168,4 +170,4 @@
   }
 
   exit(0);
-}
\ No newline at end of file
+}

Modified: trunk/openvas-plugins/scripts/gb_fedora_2007_425_xorg-x11-server_fc6.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2007_425_xorg-x11-server_fc6.nasl	2011-11-29 14:58:35 UTC (rev 12212)
+++ trunk/openvas-plugins/scripts/gb_fedora_2007_425_xorg-x11-server_fc6.nasl	2011-11-29 16:10:47 UTC (rev 12213)
@@ -29,7 +29,9 @@
   script_version("$Revision$");
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2009-02-27 16:27:46 +0100 (Fri, 27 Feb 2009)");
-  script_tag(name:"risk_factor", value:"High");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_tag(name:"cvss_base", value:"9.0");
+  script_cve_id("CVE-2007-1003");
   script_xref(name: "FEDORA", value: "2007-425");
   script_name( "Fedora Update for xorg-x11-server FEDORA-2007-425");
   desc = "
@@ -165,4 +167,4 @@
   }
 
   exit(0);
-}
\ No newline at end of file
+}

Modified: trunk/openvas-plugins/scripts/gb_fedora_2007_426_libX11_fc6.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2007_426_libX11_fc6.nasl	2011-11-29 14:58:35 UTC (rev 12212)
+++ trunk/openvas-plugins/scripts/gb_fedora_2007_426_libX11_fc6.nasl	2011-11-29 16:10:47 UTC (rev 12213)
@@ -30,6 +30,8 @@
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2009-02-27 16:27:46 +0100 (Fri, 27 Feb 2009)");
   script_tag(name:"risk_factor", value:"High");
+  script_tag(name:"cvss_base", value:"9.3");
+  script_cve_id("CVE-2007-1667");
   script_xref(name: "FEDORA", value: "2007-426");
   script_name( "Fedora Update for libX11 FEDORA-2007-426");
   desc = "
@@ -117,4 +119,4 @@
   }
 
   exit(0);
-}
\ No newline at end of file
+}

Modified: trunk/openvas-plugins/scripts/gb_fedora_2007_427_libX11_fc5.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2007_427_libX11_fc5.nasl	2011-11-29 14:58:35 UTC (rev 12212)
+++ trunk/openvas-plugins/scripts/gb_fedora_2007_427_libX11_fc5.nasl	2011-11-29 16:10:47 UTC (rev 12213)
@@ -29,7 +29,9 @@
   script_version("$Revision$");
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2009-02-27 16:27:46 +0100 (Fri, 27 Feb 2009)");
-  script_tag(name:"risk_factor", value:"High");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_tag(name:"cvss_base", value:"9.3");
+  script_cve_id("CVE-2007-1667");
   script_xref(name: "FEDORA", value: "2007-427");
   script_name( "Fedora Update for libX11 FEDORA-2007-427");
   desc = "
@@ -122,4 +124,4 @@
   }
 
   exit(0);
-}
\ No newline at end of file
+}



More information about the Openvas-commits mailing list