[Openvas-commits] r11625 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Fri Sep 16 17:22:21 CEST 2011


Author: veerendragg
Date: 2011-09-16 17:22:17 +0200 (Fri, 16 Sep 2011)
New Revision: 11625

Added:
   trunk/openvas-plugins/scripts/gb_RHSA-2011_1282-01_nss_and_nspr.nasl
   trunk/openvas-plugins/scripts/gb_RHSA-2011_1294-01_httpd.nasl
   trunk/openvas-plugins/scripts/gb_cms_faethon_sql_inj_vuln.nasl
   trunk/openvas-plugins/scripts/gb_esignal_detect.nasl
   trunk/openvas-plugins/scripts/gb_esignal_mult_vuln.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_11189_hplip_fc15.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_11594_phpMyAdmin_fc14.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_11630_phpMyAdmin_fc15.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_11936_ecryptfs-utils_fc15.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_11979_ecryptfs-utils_fc14.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_12131_roundcubemail_fc15.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_12275_firefox_fc14.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_12275_galeon_fc14.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_12275_gnome-python2-extras_fc14.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_12275_gnome-web-photo_fc14.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_12275_mozvoikko_fc14.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_12275_perl-Gtk2-MozEmbed_fc14.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_12275_thunderbird_fc14.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_12275_xulrunner_fc14.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_12282_rsyslog_fc14.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_12715_httpd_fc15.nasl
   trunk/openvas-plugins/scripts/gb_jboss_application_server_mult_vuln.nasl
   trunk/openvas-plugins/scripts/gb_manage_engine_servicedesk_plus_auth_bypass_vuln.nasl
   trunk/openvas-plugins/scripts/gb_manage_engine_servicedesk_plus_xss_vuln.nasl
   trunk/openvas-plugins/scripts/gb_phorum_xss_n_csrf_vuln.nasl
   trunk/openvas-plugins/scripts/gb_phorum_xss_vuln.nasl
   trunk/openvas-plugins/scripts/gb_simple_machines_forum_session_hijacking_vuln.nasl
   trunk/openvas-plugins/scripts/gb_symantec_endpoint_protection_xss_n_csrf_vuln.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1201_1.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1202_1.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1203_1.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1204_1.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1205_1.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1206_1.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1207_1.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1208_1.nasl
   trunk/openvas-plugins/scripts/gb_wordpress_ip_logger_plugin_sql_inj_vuln.nasl
Modified:
   trunk/openvas-plugins/ChangeLog
Log:
Added new LSC plugins. Added new plugins.

Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/ChangeLog	2011-09-16 15:22:17 UTC (rev 11625)
@@ -1,3 +1,46 @@
+2011-09-16  Veerendra G.G <veerendragg at secpod.com>
+
+	* scripts/gb_fedora_2011_11936_ecryptfs-utils_fc15.nasl,
+	scripts/gb_fedora_2011_11189_hplip_fc15.nasl,
+	scripts/gb_fedora_2011_12275_firefox_fc14.nasl,
+	scripts/gb_ubuntu_USN_1207_1.nasl,
+	scripts/gb_ubuntu_USN_1204_1.nasl,
+	scripts/gb_ubuntu_USN_1201_1.nasl,
+	scripts/gb_RHSA-2011_1294-01_httpd.nasl,
+	scripts/gb_fedora_2011_12131_roundcubemail_fc15.nasl,
+	scripts/gb_fedora_2011_11594_phpMyAdmin_fc14.nasl,
+	scripts/gb_RHSA-2011_1282-01_nss_and_nspr.nasl,
+	scripts/gb_fedora_2011_12275_gnome-web-photo_fc14.nasl,
+	scripts/gb_ubuntu_USN_1206_1.nasl,
+	scripts/gb_ubuntu_USN_1203_1.nasl,
+	scripts/gb_fedora_2011_11979_ecryptfs-utils_fc14.nasl,
+	scripts/gb_fedora_2011_12275_gnome-python2-extras_fc14.nasl,
+	scripts/gb_fedora_2011_12275_galeon_fc14.nasl,
+	scripts/gb_fedora_2011_12275_perl-Gtk2-MozEmbed_fc14.nasl,
+	scripts/gb_fedora_2011_12275_xulrunner_fc14.nasl,
+	scripts/gb_fedora_2011_12715_httpd_fc15.nasl,
+	scripts/gb_fedora_2011_12275_mozvoikko_fc14.nasl,
+	scripts/gb_fedora_2011_12275_thunderbird_fc14.nasl,
+	scripts/gb_ubuntu_USN_1208_1.nasl,
+	scripts/gb_ubuntu_USN_1205_1.nasl,
+	scripts/gb_ubuntu_USN_1202_1.nasl,
+	scripts/gb_fedora_2011_11630_phpMyAdmin_fc15.nasl,
+	scripts/gb_fedora_2011_12282_rsyslog_fc14.nasl:
+	Added new LSC plugins.
+
+	* scripts/gb_manage_engine_servicedesk_plus_auth_bypass_vuln.nasl,
+	scripts/gb_esignal_mult_vuln.nasl,
+	scripts/gb_simple_machines_forum_session_hijacking_vuln.nasl,
+	scripts/gb_phorum_xss_vuln.nasl,
+	scripts/gb_manage_engine_servicedesk_plus_xss_vuln.nasl,
+	scripts/gb_jboss_application_server_mult_vuln.nasl,
+	scripts/gb_symantec_endpoint_protection_xss_n_csrf_vuln.nasl,
+	scripts/gb_wordpress_ip_logger_plugin_sql_inj_vuln.nasl,
+	scripts/gb_phorum_xss_n_csrf_vuln.nasl,
+	scripts/gb_esignal_detect.nasl,
+	scripts/gb_cms_faethon_sql_inj_vuln.nasl:
+	Added new plugins.
+
 2011-09-16  Michael Meyer <michael.meyer at greenbone.net>
 
 	* scripts/openca_sign_verif.nasl,

Added: trunk/openvas-plugins/scripts/gb_RHSA-2011_1282-01_nss_and_nspr.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_RHSA-2011_1282-01_nss_and_nspr.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_RHSA-2011_1282-01_nss_and_nspr.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,196 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for nss and nspr RHSA-2011:1282-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(870486);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "RHSA", value: "2011:1282-01");
+  script_name("RedHat Update for nss and nspr RHSA-2011:1282-01");
+  desc = "
+
+  Vulnerability Insight:
+  Network Security Services (NSS) is a set of libraries designed to support
+  the cross-platform development of security-enabled client and server
+  applications.
+  
+  Netscape Portable Runtime (NSPR) provides platform independence for non-GUI
+  operating system facilities.
+  
+  It was found that a Certificate Authority (CA) issued fraudulent HTTPS
+  certificates. This update renders any HTTPS certificates signed by that CA
+  as untrusted. This covers all uses of the certificates, including SSL,
+  S/MIME, and code signing. (BZ#734316)
+  
+  Note: This fix only applies to applications using the NSS Builtin Object
+  Token. It does not render the certificates untrusted for applications that
+  use the NSS library, but do not use the NSS Builtin Object Token.
+  
+  These updated packages upgrade NSS to version 3.12.10 on Red Hat Enterprise
+  Linux 4 and 5. As well, they upgrade NSPR to version 4.8.8 on Red Hat
+  Enterprise Linux 4 and 5, as required by the NSS update. The packages for
+  Red Hat Enterprise Linux 6 include a backported patch.
+  
+  All NSS and NSPR users should upgrade to these updated packages, which
+  correct this issue. After installing the update, applications using NSS and
+  NSPR must be restarted for the changes to take effect.
+
+
+  Affected Software/OS:
+  nss and nspr on Red Hat Enterprise Linux (v. 5 server),
+  Red Hat Enterprise Linux AS version 4,
+  Red Hat Enterprise Linux ES version 4,
+  Red Hat Enterprise Linux WS version 4
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://www.redhat.com/archives/rhsa-announce/2011-September/msg00012.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of nss and nspr");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_5")
+{
+
+  if(isrpmvuln(pkg:"nspr", rpm:"nspr~4.8.8~1.el5_7", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"nspr-debuginfo", rpm:"nspr-debuginfo~4.8.8~1.el5_7", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"nspr-devel", rpm:"nspr-devel~4.8.8~1.el5_7", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"nss", rpm:"nss~3.12.10~4.el5_7", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"nss-debuginfo", rpm:"nss-debuginfo~3.12.10~4.el5_7", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"nss-devel", rpm:"nss-devel~3.12.10~4.el5_7", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"nss-pkcs11-devel", rpm:"nss-pkcs11-devel~3.12.10~4.el5_7", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"nss-tools", rpm:"nss-tools~3.12.10~4.el5_7", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "RHENT_4")
+{
+
+  if(isrpmvuln(pkg:"nspr", rpm:"nspr~4.8.8~1.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"nspr-debuginfo", rpm:"nspr-debuginfo~4.8.8~1.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"nspr-devel", rpm:"nspr-devel~4.8.8~1.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"nss", rpm:"nss~3.12.10~4.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"nss-debuginfo", rpm:"nss-debuginfo~3.12.10~4.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"nss-devel", rpm:"nss-devel~3.12.10~4.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"nss-tools", rpm:"nss-tools~3.12.10~4.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_RHSA-2011_1294-01_httpd.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_RHSA-2011_1294-01_httpd.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_RHSA-2011_1294-01_httpd.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,114 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for httpd RHSA-2011:1294-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(870487);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"7.8");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "RHSA", value: "2011:1294-01");
+  script_cve_id("CVE-2011-3192");
+  script_name("RedHat Update for httpd RHSA-2011:1294-01");
+  desc = "
+
+  Vulnerability Insight:
+  The Apache HTTP Server is a popular web server.
+  
+  A flaw was found in the way the Apache HTTP Server handled Range HTTP
+  headers. A remote attacker could use this flaw to cause httpd to use an
+  excessive amount of memory and CPU time via HTTP requests with a
+  specially-crafted Range header. (CVE-2011-3192)
+  
+  All httpd users should upgrade to these updated packages, which contain a
+  backported patch to correct this issue. After installing the updated
+  packages, the httpd daemon must be restarted for the update to take effect.
+
+
+  Affected Software/OS:
+  httpd on Red Hat Enterprise Linux (v. 5 server)
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://www.redhat.com/archives/rhsa-announce/2011-September/msg00017.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of httpd");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_5")
+{
+
+  if(isrpmvuln(pkg:"httpd", rpm:"httpd~2.2.3~45.el5_6.2", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"httpd-debuginfo", rpm:"httpd-debuginfo~2.2.3~45.el5_6.2", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"httpd-devel", rpm:"httpd-devel~2.2.3~45.el5_6.2", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"httpd-manual", rpm:"httpd-manual~2.2.3~45.el5_6.2", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"mod_ssl", rpm:"mod_ssl~2.2.3~45.el5_6.2", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_cms_faethon_sql_inj_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_cms_faethon_sql_inj_vuln.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_cms_faethon_sql_inj_vuln.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,100 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_cms_faethon_sql_inj_vuln.nasl 17115 2011-09-15 17:14:14Z sep $
+#
+# CMS Faethon 'info.php' SQL Injection Vulnerability
+#
+# Authors:
+# Madhuri D <dmadhuri at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(802162);
+  script_version("$Revision: 1.0$");
+  script_cve_id("CVE-2009-5094");
+  script_bugtraq_id(33775);
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("CMS Faethon 'info.php' SQL Injection Vulnerability");
+  desc = "
+  Overview: The host is running CMS Faethon and is prone to SQL injection
+  vulnerability.
+
+  Vulnerability Insight:
+  The flaw is caused due to input passed to the 'item' parameter in 'info.php'
+  is not properly sanitised before being used in SQL queries.
+
+  Impact:
+  Successful exploitation will let the attacker to manipulate SQL queries by
+  injecting arbitrary SQL code.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  CMS Faethon version 2.2 Ultimate.
+
+  Fix: No solution or patch is available as on 15th September, 2011. Information
+  regarding this issue will be updated once the solution details are available.
+  For updates refer, http://sourceforge.net/projects/cmsfaethon/
+
+  References:
+  http://secunia.com/advisories/30098
+  http://xforce.iss.net/xforce/xfdb/48758
+  http://www.exploit-db.com/exploits/8054/ ";
+
+  script_description(desc);
+  script_summary("Determine if CMS Faethon is prone to SQL Injection Vulnerability");
+  script_category(ACT_ATTACK);
+  script_copyright("Copyright (C) 2011 Greenbone Networks GmbH");
+  script_family("Web application abuses");
+  script_dependencies("http_version.nasl");
+  script_require_ports("Services/www", 80);
+  exit(0);
+}
+
+
+include("http_func.inc");
+include("http_keepalive.inc");
+
+## Get HTTP Port
+port = get_http_port(default:80);
+if(!port){
+  exit(0);
+}
+
+foreach dir(make_list("/faethon", "/22_ultimate", cgi_dirs()))
+{
+  ## Send and Receive the response
+  req = http_get (item: string (dir,"/index.php"), port:port);
+  res = http_keepalive_send_recv(port:port,data:req);
+
+  ## Confirm the application
+  if('>Powered by <' >< res && '>CMS Faethon' >< res)
+  {
+    ## Try SQL injection and check the response to confirm vulnerability
+    url = dir + "/info.php?item='";
+    if(http_vuln_check(port:port, url:url, pattern:'You have an error in' +
+                                  ' your SQL syntax;'))
+    {
+      security_hole(port:port);
+      exit(0);
+    }
+  }
+}

Added: trunk/openvas-plugins/scripts/gb_esignal_detect.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_esignal_detect.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_esignal_detect.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,77 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_esignal_detect.nasl 17102 2011-09-15 15:15:15Z sep $
+#
+# eSignal Version Detection
+#
+# Authors:
+# Sooraj KS <kssooraj at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(802244);
+  script_version("$Revision: 1.0$");
+  script_tag(name:"risk_factor", value:"None");
+  script_name("eSignal Version Detection");
+  desc = "
+  Overview: This script finds the installed eSignal version and saves the
+  result in KB. ";
+
+  script_description(desc);
+  script_summary("Set the Version of eSignal");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2011 Greenbone Networks GmbH");
+  script_family("Service detection");
+  script_dependencies("secpod_reg_enum.nasl");
+  script_require_keys("SMB/WindowsVersion");
+  script_require_ports(139, 445);
+  exit(0);
+}
+
+
+include("smb_nt.inc");
+include("secpod_smb_func.inc");
+
+## Confirm Windows
+if(!get_kb_item("SMB/WindowsVersion")){
+  exit(0);
+}
+
+key = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\";
+if(!registry_key_exists(key:key)) {
+  exit(0);
+}
+
+## Get eSignal Version From Registry
+foreach item (registry_enum_keys(key:key))
+{
+  name = registry_get_sz(key:key + item, item:"DisplayName");
+  if("eSignal" >< name)
+  {
+    version = registry_get_sz(key:key + item, item:"DisplayVersion");
+    if(version)
+    {
+      ## Set eSignal Version in KB
+      set_kb_item(name:"eSignal/Win/Ver", value:version);
+      security_note(data:"eSignal version " + version +
+                    " was detected on the host");
+    }
+  }
+}

Added: trunk/openvas-plugins/scripts/gb_esignal_mult_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_esignal_mult_vuln.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_esignal_mult_vuln.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,89 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_esignal_mult_vuln.nasl 17102 2011-09-15 16:16:16Z sep $
+#
+# eSignal Multiple Vulnerabilities
+#
+# Authors:
+# Sooraj KS <kssooraj at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(802245);
+  script_version("$Revision: 1.0$");
+  script_tag(name:"cvss_base", value:"10.0");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("eSignal Multiple Vulnerabilities");
+  desc = "
+  Overview: This host is installed with eSignal and is prone to multiple
+  vulnerabilities.
+
+  Vulnerability Insight:
+  - A boundary error in WinSig.exe when processing QUOTE files can be exploited
+    to cause a stack-based buffer overflow.
+  - A boundary error in WinSig.exe when processing the '<FaceName>' tag can be
+    exploited to cause a heap-based buffer overflow via a specially crafted
+    Time and Sales file.
+  - The application loads libraries in an insecure manner and can be exploited
+    to load arbitrary libraries by tricking a user into opening a QUOTE file
+    located on a remote WebDAV or SMB share.
+
+  Impact:
+  Successful exploitation allows execution of arbitrary code.
+
+  Impact Level: System/Application
+
+  Affected Software/OS:
+  eSignal version 10.6.2425.1208 and prior.
+
+  Fix: No solution or patch is available as on 15th September, 2011. Information
+  regarding this issue will be updated once the solution details are available.
+  For updates refer, http://www.esignal.com/esignal/default.aspx
+
+  References:
+  http://secunia.com/advisories/45966/
+  http://www.exploit-db.com/exploits/17837/
+  http://aluigi.altervista.org/adv/esignal_1-adv.txt ";
+
+  script_description(desc);
+  script_summary("Check for the version of eSignal");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2011 Greenbone Networks GmbH");
+  script_family("General");
+  script_dependencies("gb_esignal_detect.nasl");
+  script_require_keys("eSignal/Win/Ver");
+  exit(0);
+}
+
+
+include("smb_nt.inc");
+include("version_func.inc");
+include("secpod_smb_func.inc");
+
+## Get version from KB
+version = get_kb_item("eSignal/Win/Ver");
+if(!version){
+  exit(0);
+}
+
+## Check for eSignal versions 10.6.2425.1208 and prior.
+if(version_is_less_equal(version:version, test_version:"10.6.2425.1208")){
+  security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_11189_hplip_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_11189_hplip_fc15.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_11189_hplip_fc15.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,81 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for hplip FEDORA-2011-11189
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863512);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-11189");
+  script_cve_id("CVE-2011-2722");
+  script_name("Fedora Update for hplip FEDORA-2011-11189");
+  desc = "
+
+  Vulnerability Insight:
+  The Hewlett-Packard Linux Imaging and Printing Project provides
+  drivers for HP printers and multi-function peripherals.
+
+
+  Affected Software/OS:
+  hplip on Fedora 15
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065817.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of hplip");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC15")
+{
+
+  if(isrpmvuln(pkg:"hplip", rpm:"hplip~3.11.7~2.fc15", rls:"FC15"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_11594_phpMyAdmin_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_11594_phpMyAdmin_fc14.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_11594_phpMyAdmin_fc14.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,98 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for phpMyAdmin FEDORA-2011-11594
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863507);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"4.3");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_xref(name: "FEDORA", value: "2011-11594");
+  script_cve_id("CVE-2011-3181");
+  script_name("Fedora Update for phpMyAdmin FEDORA-2011-11594");
+  desc = "
+
+  Vulnerability Insight:
+  phpMyAdmin is a tool written in PHP intended to handle the administration of
+  MySQL over the World Wide Web. Most frequently used operations are supported
+  by the user interface (managing databases, tables, fields, relations, indexes,
+  users, permissions), while you still have the ability to directly execute any
+  SQL statement.
+  
+  Features include an intuitive web interface, support for most MySQL features
+  (browse and drop databases, tables, views, fields and indexes, create, copy,
+  drop, rename and alter databases, tables, fields and indexes, maintenance
+  server, databases and tables, with proposals on server configuration, execute,
+  edit and bookmark any SQL-statement, even batch-queries, manage MySQL users
+  and privileges, manage stored procedures and triggers), import data from CSV
+  and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument Text
+  and Spreadsheet, Word, Excel, LATEX and others, administering multiple servers,
+  creating PDF graphics of your database layout, creating complex queries using
+  Query-by-example (QBE), searching globally in a database or a subset of it,
+  transforming stored data into any format using a set of predefined functions,
+  like displaying BLOB-data as image or download-link and much more...
+
+
+  Affected Software/OS:
+  phpMyAdmin on Fedora 14
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065824.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of phpMyAdmin");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC14")
+{
+
+  if(isrpmvuln(pkg:"phpMyAdmin", rpm:"phpMyAdmin~3.4.4~1.fc14", rls:"FC14"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_11630_phpMyAdmin_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_11630_phpMyAdmin_fc15.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_11630_phpMyAdmin_fc15.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,98 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for phpMyAdmin FEDORA-2011-11630
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863516);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"4.3");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_xref(name: "FEDORA", value: "2011-11630");
+  script_cve_id("CVE-2011-3181");
+  script_name("Fedora Update for phpMyAdmin FEDORA-2011-11630");
+  desc = "
+
+  Vulnerability Insight:
+  phpMyAdmin is a tool written in PHP intended to handle the administration of
+  MySQL over the World Wide Web. Most frequently used operations are supported
+  by the user interface (managing databases, tables, fields, relations, indexes,
+  users, permissions), while you still have the ability to directly execute any
+  SQL statement.
+  
+  Features include an intuitive web interface, support for most MySQL features
+  (browse and drop databases, tables, views, fields and indexes, create, copy,
+  drop, rename and alter databases, tables, fields and indexes, maintenance
+  server, databases and tables, with proposals on server configuration, execute,
+  edit and bookmark any SQL-statement, even batch-queries, manage MySQL users
+  and privileges, manage stored procedures and triggers), import data from CSV
+  and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument Text
+  and Spreadsheet, Word, Excel, LATEX and others, administering multiple servers,
+  creating PDF graphics of your database layout, creating complex queries using
+  Query-by-example (QBE), searching globally in a database or a subset of it,
+  transforming stored data into any format using a set of predefined functions,
+  like displaying BLOB-data as image or download-link and much more...
+
+
+  Affected Software/OS:
+  phpMyAdmin on Fedora 15
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065829.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of phpMyAdmin");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC15")
+{
+
+  if(isrpmvuln(pkg:"phpMyAdmin", rpm:"phpMyAdmin~3.4.4~1.fc15", rls:"FC15"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_11936_ecryptfs-utils_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_11936_ecryptfs-utils_fc15.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_11936_ecryptfs-utils_fc15.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,85 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for ecryptfs-utils FEDORA-2011-11936
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863505);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-11936");
+  script_cve_id("CVE-2011-3145", "CVE-2011-1831", "CVE-2011-1832", "CVE-2011-1833", "CVE-2011-1834", "CVE-2011-1835", "CVE-2011-1836", "CVE-2011-1837");
+  script_name("Fedora Update for ecryptfs-utils FEDORA-2011-11936");
+  desc = "
+
+  Vulnerability Insight:
+  eCryptfs is a stacked cryptographic filesystem that ships in Linux
+  kernel versions 2.6.19 and above. This package provides the mount
+  helper and supporting libraries to perform key management and mount
+  functions.
+  
+  Install ecryptfs-utils if you would like to mount eCryptfs.
+
+
+  Affected Software/OS:
+  ecryptfs-utils on Fedora 15
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065965.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of ecryptfs-utils");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC15")
+{
+
+  if(isrpmvuln(pkg:"ecryptfs-utils", rpm:"ecryptfs-utils~90~2.fc15", rls:"FC15"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_11979_ecryptfs-utils_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_11979_ecryptfs-utils_fc14.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_11979_ecryptfs-utils_fc14.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,85 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for ecryptfs-utils FEDORA-2011-11979
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863503);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-11979");
+  script_cve_id("CVE-2011-3145", "CVE-2011-1831", "CVE-2011-1832", "CVE-2011-1833", "CVE-2011-1834", "CVE-2011-1835", "CVE-2011-1836", "CVE-2011-1837");
+  script_name("Fedora Update for ecryptfs-utils FEDORA-2011-11979");
+  desc = "
+
+  Vulnerability Insight:
+  eCryptfs is a stacked cryptographic filesystem that ships in Linux
+  kernel versions 2.6.19 and above. This package provides the mount
+  helper and supporting libraries to perform key management and mount
+  functions.
+  
+  Install ecryptfs-utils if you would like to mount eCryptfs.
+
+
+  Affected Software/OS:
+  ecryptfs-utils on Fedora 14
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065952.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of ecryptfs-utils");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC14")
+{
+
+  if(isrpmvuln(pkg:"ecryptfs-utils", rpm:"ecryptfs-utils~90~2.fc14", rls:"FC14"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12131_roundcubemail_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12131_roundcubemail_fc15.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12131_roundcubemail_fc15.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,85 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for roundcubemail FEDORA-2011-12131
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863508);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-12131");
+  script_name("Fedora Update for roundcubemail FEDORA-2011-12131");
+  desc = "
+
+  Vulnerability Insight:
+  RoundCube Webmail is a browser-based multilingual IMAP client
+  with an application-like user interface. It provides full
+  functionality you expect from an e-mail client, including MIME
+  support, address book, folder manipulation, message searching
+  and spell checking. RoundCube Webmail is written in PHP and
+  requires the MySQL database or the PostgreSQL database. The user
+  interface is fully skinnable using XHTML and CSS 2.
+
+
+  Affected Software/OS:
+  roundcubemail on Fedora 15
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065973.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of roundcubemail");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC15")
+{
+
+  if(isrpmvuln(pkg:"roundcubemail", rpm:"roundcubemail~0.5.4~1.fc15", rls:"FC15"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12275_firefox_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12275_firefox_fc14.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12275_firefox_fc14.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,80 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for firefox FEDORA-2011-12275
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863510);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-12275");
+  script_name("Fedora Update for firefox FEDORA-2011-12275");
+  desc = "
+
+  Vulnerability Insight:
+  Mozilla Firefox is an open-source web browser, designed for standards
+  compliance, performance and portability.
+
+
+  Affected Software/OS:
+  firefox on Fedora 14
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065805.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of firefox");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC14")
+{
+
+  if(isrpmvuln(pkg:"firefox", rpm:"firefox~3.6.22~1.fc14", rls:"FC14"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12275_galeon_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12275_galeon_fc14.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12275_galeon_fc14.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,82 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for galeon FEDORA-2011-12275
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863504);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-12275");
+  script_name("Fedora Update for galeon FEDORA-2011-12275");
+  desc = "
+
+  Vulnerability Insight:
+  Galeon is a web browser built around Gecko (Mozilla's rendering
+  engine) and Necko (Mozilla's networking engine). It's a GNOME web
+  browser, designed to take advantage of as many GNOME technologies as
+  makes sense. Galeon was written to do just one thing - browse the web.
+
+
+  Affected Software/OS:
+  galeon on Fedora 14
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065807.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of galeon");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC14")
+{
+
+  if(isrpmvuln(pkg:"galeon", rpm:"galeon~2.0.7~43.fc14.1", rls:"FC14"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12275_gnome-python2-extras_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12275_gnome-python2-extras_fc14.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12275_gnome-python2-extras_fc14.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,80 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for gnome-python2-extras FEDORA-2011-12275
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863509);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-12275");
+  script_name("Fedora Update for gnome-python2-extras FEDORA-2011-12275");
+  desc = "
+
+  Vulnerability Insight:
+  The gnome-python-extra package contains the source packages for additional
+  Python bindings for GNOME. It should be used together with gnome-python.
+
+
+  Affected Software/OS:
+  gnome-python2-extras on Fedora 14
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065808.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of gnome-python2-extras");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC14")
+{
+
+  if(isrpmvuln(pkg:"gnome-python2-extras", rpm:"gnome-python2-extras~2.25.3~33.fc14.1", rls:"FC14"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12275_gnome-web-photo_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12275_gnome-web-photo_fc14.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12275_gnome-web-photo_fc14.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,80 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for gnome-web-photo FEDORA-2011-12275
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863506);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-12275");
+  script_name("Fedora Update for gnome-web-photo FEDORA-2011-12275");
+  desc = "
+
+  Vulnerability Insight:
+  gnome-web-photo contains a thumbnailer that will be used by GNOME applications,
+  including the file manager, to generate screenshots of web pages.
+
+
+  Affected Software/OS:
+  gnome-web-photo on Fedora 14
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065806.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of gnome-web-photo");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC14")
+{
+
+  if(isrpmvuln(pkg:"gnome-web-photo", rpm:"gnome-web-photo~0.9~23.fc14.1", rls:"FC14"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12275_mozvoikko_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12275_mozvoikko_fc14.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12275_mozvoikko_fc14.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,80 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for mozvoikko FEDORA-2011-12275
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863513);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-12275");
+  script_name("Fedora Update for mozvoikko FEDORA-2011-12275");
+  desc = "
+
+  Vulnerability Insight:
+  This is mozvoikko, an extension for Mozilla programs for using the Finnish
+  spell-checker Voikko.
+
+
+  Affected Software/OS:
+  mozvoikko on Fedora 14
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065810.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of mozvoikko");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC14")
+{
+
+  if(isrpmvuln(pkg:"mozvoikko", rpm:"mozvoikko~1.0~24.fc14.1", rls:"FC14"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12275_perl-Gtk2-MozEmbed_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12275_perl-Gtk2-MozEmbed_fc14.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12275_perl-Gtk2-MozEmbed_fc14.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,79 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for perl-Gtk2-MozEmbed FEDORA-2011-12275
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863517);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-12275");
+  script_name("Fedora Update for perl-Gtk2-MozEmbed FEDORA-2011-12275");
+  desc = "
+
+  Vulnerability Insight:
+  This module allows you to use the Mozilla embedding widget from Perl.
+
+
+  Affected Software/OS:
+  perl-Gtk2-MozEmbed on Fedora 14
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065809.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of perl-Gtk2-MozEmbed");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC14")
+{
+
+  if(isrpmvuln(pkg:"perl-Gtk2-MozEmbed", rpm:"perl-Gtk2-MozEmbed~0.08~6.fc14.29", rls:"FC14"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12275_thunderbird_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12275_thunderbird_fc14.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12275_thunderbird_fc14.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,79 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for thunderbird FEDORA-2011-12275
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863502);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-12275");
+  script_name("Fedora Update for thunderbird FEDORA-2011-12275");
+  desc = "
+
+  Vulnerability Insight:
+  Mozilla Thunderbird is a standalone mail and newsgroup client.
+
+
+  Affected Software/OS:
+  thunderbird on Fedora 14
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065804.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of thunderbird");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC14")
+{
+
+  if(isrpmvuln(pkg:"thunderbird", rpm:"thunderbird~3.1.14~1.fc14", rls:"FC14"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12275_xulrunner_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12275_xulrunner_fc14.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12275_xulrunner_fc14.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,79 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for xulrunner FEDORA-2011-12275
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863515);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-12275");
+  script_name("Fedora Update for xulrunner FEDORA-2011-12275");
+  desc = "
+
+  Vulnerability Insight:
+  XULRunner provides the XUL Runtime environment for Gecko applications.
+
+
+  Affected Software/OS:
+  xulrunner on Fedora 14
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065811.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of xulrunner");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC14")
+{
+
+  if(isrpmvuln(pkg:"xulrunner", rpm:"xulrunner~1.9.2.22~1.fc14", rls:"FC14"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12282_rsyslog_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12282_rsyslog_fc14.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12282_rsyslog_fc14.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,86 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for rsyslog FEDORA-2011-12282
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863511);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"5.0");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_xref(name: "FEDORA", value: "2011-12282");
+  script_cve_id("CVE-2011-3200");
+  script_name("Fedora Update for rsyslog FEDORA-2011-12282");
+  desc = "
+
+  Vulnerability Insight:
+  Rsyslog is an enhanced, multi-threaded syslog daemon. It supports MySQL,
+  syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part,
+  and fine grain output format control. It is compatible with stock sysklogd
+  and can be used as a drop-in replacement. Rsyslog is simple to set up, with
+  advanced features suitable for enterprise-class, encryption-protected syslog
+  relay chains.
+
+
+  Affected Software/OS:
+  rsyslog on Fedora 14
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065941.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of rsyslog");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC14")
+{
+
+  if(isrpmvuln(pkg:"rsyslog", rpm:"rsyslog~4.6.3~3.fc14", rls:"FC14"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12715_httpd_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12715_httpd_fc15.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12715_httpd_fc15.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,82 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for httpd FEDORA-2011-12715
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863514);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"7.8");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-12715");
+  script_cve_id("CVE-2011-3348", "CVE-2011-3192");
+  script_name("Fedora Update for httpd FEDORA-2011-12715");
+  desc = "
+
+  Vulnerability Insight:
+  The Apache HTTP Server is a powerful, efficient, and extensible
+  web server.
+
+
+  Affected Software/OS:
+  httpd on Fedora 15
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066019.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of httpd");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC15")
+{
+
+  if(isrpmvuln(pkg:"httpd", rpm:"httpd~2.2.21~1.fc15", rls:"FC15"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_jboss_application_server_mult_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_jboss_application_server_mult_vuln.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_jboss_application_server_mult_vuln.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,107 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_jboss_application_server_mult_vuln.nasl 17126 2011-09-16 17:14:14Z sep $
+#
+# JBoss Application Server Multiple Vulnerabilities
+#
+# Authors:
+# Antu Sanadi <santu at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(801987);
+  script_version("$Revision: 1.0$");
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("JBoss Application Server Multiple Vulnerabilities");
+  desc = "
+  Overview: The host is running JBoss Application Server and is prone to
+  multiple vulnerabilities.
+
+  Vulnerability Insight:
+  Multiple flaws are due to,
+  - Status page is publicly accessible. Which leads to leakage of logs of last
+    connections and (in second case) leakage of all services (with their paths)
+    on the server.
+  - There is no protection against Brute Force attacks at these resources and
+    other private resources with BF vulnerability. The list of all resources of
+    concrete server can be found at page status?full=true.
+
+  Impact:
+  Successful exploitation will let the attacker to get the  all services
+  with their paths on the server and get the sensitive information.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  JBoss Application Server 5.0 and prior.
+
+  Fix: No solution or patch is available as on 16th September, 2011. Information
+  regarding this issue will be updated once the solution details are available.
+  For updates refer,http://www.jboss.org/jbossas/downloads/
+
+  References:
+  http://seclists.org/fulldisclosure/2011/Sep/139 ";
+
+  script_description(desc);
+  script_summary("Determine if JBoss Application Server is prone multiple vulnerabilities");
+  script_category(ACT_ATTACK);
+  script_copyright("Copyright (C) 2011 Greenbone Networks GmbH");
+  script_family("Web Servers");
+  script_dependencies("http_version.nasl");
+  script_require_ports("Services/www", 80);
+  exit(0);
+}
+
+
+include("http_func.inc");
+include("http_keepalive.inc");
+
+## Get HTTP Port
+port = get_http_port(default:80);
+
+## Check Port State
+if(!get_port_state(port)){
+  exit(0);
+}
+
+## Confirm the Server
+banner = get_http_banner(port: port);
+if("JBoss" >!< banner){
+  exit(0);
+}
+
+## Send and Receive the response
+req = http_get(item: "/", port:port);
+res = http_keepalive_send_recv(port:port,data:req);
+
+## Confirm the Server
+if('>JBoss Web Console</' >< res && 'Welcome to JBoss' >< res)
+{
+  ## construct the attack request
+  req = http_get(item: "/status?full=true", port:port);
+  res = http_keepalive_send_recv(port:port,data:req);
+
+  ## Confirm the exploit
+  if('Application list' >< res && 'WebCCReports' >< res &&
+     'PortComponentLinkServlet' >< res){
+   security_hole(port:port);
+  }
+}

Added: trunk/openvas-plugins/scripts/gb_manage_engine_servicedesk_plus_auth_bypass_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_manage_engine_servicedesk_plus_auth_bypass_vuln.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_manage_engine_servicedesk_plus_auth_bypass_vuln.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,94 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_manage_engine_servicedesk_plus_auth_bypass_vuln.nasl 17096 2011-09-15 15:15:15Z sep $
+#
+# ManageEngine ServiceDesk Plus Authentication Bypass Vulnerability
+#
+# Authors:
+# Antu Sanadi <santu at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(801984);
+  script_version("$Revision: 1.0$");
+  script_cve_id("CVE-2011-1509");
+  script_tag(name:"cvss_base", value:"6.5");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("ManageEngine ServiceDesk Plus Authentication Bypass Vulnerability");
+  desc = "
+  Overview: This host is running ManageEngine ServiceDesk Plus and is prone to
+  authentication bypass vulnerability.
+
+  Vulnerability Insight:
+  The flaw is due to an error in authentication process, User passwords are
+  pseudo encrypted and locally stored in user cookies. Having Javascript code
+  encrypt and decrypt passwords in Login.js file.
+
+  Impact:
+  Successful exploitation will let the attacker to get user names and
+  passwords of registered users. This may allow an attacker to steal
+  cookie-based  authentications and launch further attacks.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  ManageEngine ServiceDesk Plus 8.0 Build 8013 and prior.
+
+  Fix: No solution or patch is available as on 15th September, 2011. Information
+  regarding this issue will be updated once the solution details are available.
+  For updates refer, http://www.manageengine.com/
+
+  References:
+  http://packetstormsecurity.org/files/view/105123/CORE-2011-0506.txt
+  http://www.coresecurity.com/content/multiples-vulnerabilities-manageengine-sdp ";
+
+  script_description(desc);
+  script_summary("Check the version of ManageEngine ServiceDesk Plus");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2011 Greenbone Networks GmbH");
+  script_family("Web application abuses");
+  script_dependencies("gb_ManageEngine_ServiceDesk_Plus_detect.nasl");
+  script_require_ports("Services/www", 8080);
+  exit(0);
+}
+
+
+include("http_func.inc");
+include("version_func.inc");
+
+## Get HTTP Port
+port = get_http_port(default:8080);
+if(!get_port_state(port)) {
+  exit(0);
+}
+
+## Get ManageEngine ServiceDesk Plus Installed version
+if(!vers = get_version_from_kb(port:port,app:"ManageEngine")){
+  exit(0);
+}
+
+## Check the build version
+if(' Build ' >< vers){
+  vers = ereg_replace(pattern:" Build ", string:vers, replace:".");
+}
+
+if(version_is_less_equal(version:vers, test_version:"8.0.0.8013")){
+  security_hole(port:port);
+}

Added: trunk/openvas-plugins/scripts/gb_manage_engine_servicedesk_plus_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_manage_engine_servicedesk_plus_xss_vuln.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_manage_engine_servicedesk_plus_xss_vuln.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,93 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_manage_engine_servicedesk_plus_xss_vuln.nasl 17096 2011-09-15 15:15:15Z sep $
+#
+# ManageEngine ServiceDesk Plus 'searchText' XSS Vulnerability
+#
+# Authors:
+# Antu Sanadi <santu at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(801983);
+  script_version("$Revision: 1.0$");
+  script_cve_id("CVE-2011-1510");
+  script_tag(name:"cvss_base", value:"4.3");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("ManageEngine ServiceDesk Plus 'searchText' XSS Vulnerability");
+  desc = "
+  Overview: This host is running ManageEngine ServiceDesk Plus and is prone to
+  cross site scripting vulnerability.
+
+  Vulnerability Insight:
+  The flaw is due to an input validation error in 'SolutionSearch.do' when
+  handling search action via a 'searchText' parameter.
+
+  Impact:
+  Successful exploitation will let the attacker to execute arbitrary HTML and
+  script code in a user's browser session in the context of a vulnerable site.
+  This may allow an attacker to steal cookie-based authentications and launch
+  further attacks.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  ManageEngine ServiceDesk Plus 8.0 Build 8011 and prior.
+
+  Fix: Upgrade ManageEngine ServiceDesk Plus 8.0 Build 8012 or later,
+  For updates refer, http://www.manageengine.com/
+
+  References:
+  http://packetstormsecurity.org/files/view/105123/CORE-2011-0506.txt
+  http://www.coresecurity.com/content/multiples-vulnerabilities-manageengine-sdp ";
+
+  script_description(desc);
+  script_summary("Check the version of ManageEngine ServiceDesk Plus");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2011 Greenbone Networks GmbH");
+  script_family("Web application abuses");
+  script_dependencies("gb_ManageEngine_ServiceDesk_Plus_detect.nasl");
+  script_require_ports("Services/www", 8080);
+  exit(0);
+}
+
+
+include("http_func.inc");
+include("version_func.inc");
+
+## Get HTTP Port
+port = get_http_port(default:8080);
+if(!get_port_state(port)) {
+  exit(0);
+}
+
+## Get ManageEngine ServiceDesk Plus Installed version
+if(!vers = get_version_from_kb(port:port,app:"ManageEngine")){
+  exit(0);
+}
+
+## Check the build version
+if(' Build ' >< vers){
+  vers = ereg_replace(pattern:" Build ", string:vers, replace:".");
+}
+
+if(version_is_less(version:vers, test_version:"8.0.0.8012")){
+  security_warning(port:port);
+}

Added: trunk/openvas-plugins/scripts/gb_phorum_xss_n_csrf_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_phorum_xss_n_csrf_vuln.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_phorum_xss_n_csrf_vuln.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,87 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_phorum_xss_n_csrf_vuln.nasl 17049 2011-09-13 13:10:20Z sep $
+#
+# Phorum Cross-Site Scripting and Cross-site request forgery Vulnerabilities
+#
+# Authors:
+# Madhuri D <dmadhuri at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(802160);
+  script_version("$Revision: 1.0$");
+  script_cve_id("CVE-2011-3381", "CVE-2011-3382");
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Phorum Cross-Site Scripting and Cross-site request forgery Vulnerabilities");
+  desc = "
+  Overview: This host is running Phorum and is prone to cross-site scripting
+  and cross-site request forgery vulnerabilities.
+
+  Vulnerability Insight:
+  The flaws are caused due to unspecified errors in the application.
+
+  Impact:
+  Successful exploitation will let the attacker to execute arbitrary code in
+  the context of an application.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  Phorum version prior to 5.2.16
+
+  Fix: Upgrade Phorum to 5.2.16 or later,
+  For updates refer, http://www.phorum.org/downloads.php
+
+  References:
+  http://jvn.jp/en/jp/JVN71435255/index.html
+  http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000068.html ";
+
+  script_description(desc);
+  script_summary("Check version of Phorum");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Web application abuses");
+  script_dependencies("phorum_detect.nasl");
+  script_require_ports("Services/www", 80);
+  exit(0);
+}
+
+
+include("http_func.inc");
+include("version_func.inc");
+
+## Get HTTP Port
+phorumPort = get_http_port(default:80);
+if(!phorumPort){
+  exit(0);
+}
+
+## Get version from kb
+phorumVer =  get_version_from_kb(port:phorumPort,app:"phorum");
+if(!phorumVer){
+  exit(0);
+}
+
+# Check for Phorum Version < 5.2.16
+if(version_is_less(version:phorumVer, test_version:"5.2.16")){
+  security_hole(phorumPort);
+}

Added: trunk/openvas-plugins/scripts/gb_phorum_xss_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_phorum_xss_vuln.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_phorum_xss_vuln.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,91 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_phorum_xss_vuln.nasl 17049 2011-09-15 11:10:20Z sep $
+#
+# Phorum 'real_name' Parameter Cross-Site Scripting Vulnerability
+#
+# Authors:
+# Madhuri D <dmadhuri at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(802161);
+  script_version("$Revision: 1.0$");
+  script_cve_id("CVE-2011-3392");
+  script_bugtraq_id(49347);
+  script_tag(name:"cvss_base", value:"4.3");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Phorum 'real_name' Parameter Cross-Site Scripting Vulnerability");
+  desc = "
+  Overview: This host is running Phorum and is prone to cross-site scripting
+  vulnerability.
+
+  Vulnerability Insight:
+  The flaw is caused due to input passed via the 'real_name' parameter to the
+  'control.php' script is not properly sanitised before being returned to the
+  user.
+
+  Impact:
+  Successful exploitation will let the attacker to execute arbitrary HTML and
+  script code in a user's browser session in the context of an affected site.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  Phorum version prior to 5.2.17
+
+  Fix: Upgrade Phorum to 5.2.17 or later,
+  For updates refer, http://www.phorum.org/downloads.php
+
+  References:
+  http://secunia.com/advisories/45787
+  http://xforce.iss.net/xforce/xfdb/69456
+  http://holisticinfosec.org/content/view/184/45/ ";
+
+  script_description(desc);
+  script_summary("Check version of Phorum");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Web application abuses");
+  script_dependencies("phorum_detect.nasl");
+  script_require_ports("Services/www", 80);
+  exit(0);
+}
+
+
+include("http_func.inc");
+include("version_func.inc");
+
+## Get HTTP Port
+phorumPort = get_http_port(default:80);
+if(!phorumPort){
+  exit(0);
+}
+
+## Get version from kb
+phorumVer =  get_version_from_kb(port:phorumPort,app:"phorum");
+if(!phorumVer){
+  exit(0);
+}
+
+# Check for Phorum Version < 5.2.17
+if(version_is_less(version:phorumVer, test_version:"5.2.17")){
+  security_warning(phorumPort);
+}

Added: trunk/openvas-plugins/scripts/gb_simple_machines_forum_session_hijacking_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_simple_machines_forum_session_hijacking_vuln.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_simple_machines_forum_session_hijacking_vuln.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,90 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_simple_machines_forum_session_hijacking_vuln.nasl 16583 2011-09-15 11:25:12Z sep $
+#
+# Simple Machines Forum Session Hijacking Vulnerability
+#
+# Authors:
+# Rachana Shetty <srachana at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(802334);
+  script_version("$Revision: 1.0$");
+  script_bugtraq_id(49078);
+  script_tag(name:"cvss_base", value:"4.3");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Simple Machines Forum Session Hijacking Vulnerability");
+  desc = "
+  Overview: The host is installed with Simple Machines Forum and is prone
+  to session hijacking vulnerability.
+
+  Vulnerability Insight:
+  The flaw exists due to improper handling of user's sessions, allowing a
+  remote attacker to hijack a valid user's session via a specially crafted
+  link.
+
+  Impact:
+  Successful exploitation will let the attackers to obtain sensitive
+  information such as user's session credentials and may aid in further
+  attacks.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  Simple Machines Forum (SMF) 2.0
+
+  Fix: No solution/patch is available as on 16th September 2011. Information
+  regarding this issue will updated once the solution details are available.
+  For updates refer, http://www.simplemachines.org/
+
+  References:
+  http://xforce.iss.net/xforce/xfdb/69056
+  http://www.exploit-db.com/exploits/17637/ ";
+
+  script_description(desc);
+  script_summary("Check for the version of Simple Machines Forum");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2011 Greenbone Networks GmbH");
+  script_family("Web application abuses");
+  script_dependencies("gb_simple_machines_forum_detect.nasl");
+  script_require_ports("Services/www", 80);
+  exit(0);
+}
+
+
+include("http_func.inc");
+include("version_func.inc");
+
+## Get the default port
+smfPort = get_http_port(default:80);
+if(!smfPort){
+  exit(0);
+}
+
+## Get the version From kb
+ver = get_version_from_kb(port:smfPort, app:"SMF");
+if(!ver){
+  exit(0);
+}
+
+if(version_is_equal(version:ver, test_version:"2.0")){
+  security_warning(smfPort);
+}

Added: trunk/openvas-plugins/scripts/gb_symantec_endpoint_protection_xss_n_csrf_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_symantec_endpoint_protection_xss_n_csrf_vuln.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_symantec_endpoint_protection_xss_n_csrf_vuln.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,91 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_symantec_endpoint_protection_xss_n_csrf_vuln.nasl 16762 2011-09-15 12:12:12Z sep $
+#
+# Symantec Endpoint Protection Manager XSS and CSRF Vulnerabilities
+#
+# Authors:
+# Sooraj KS <kssooraj at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(802242);
+  script_version("$Revision: 1.0$");
+  script_cve_id("CVE-2011-0550", "CVE-2011-0551");
+  script_bugtraq_id(48231, 49101);
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Symantec Endpoint Protection Manager XSS and CSRF Vulnerabilities");
+  desc = "
+  Overview: This host is installed with Symantec Endpoint Protection Manager
+  and is prone to cross site scripting and cross site request forgery
+  vulnerabilities.
+
+  Vulnerability Insight:
+  Multiple flaws are caused due to,
+  - Input appended to the URL after /console/apps/sepm is not properly
+    sanitised before being returned to the user.
+  - Input passed via the 'token' parameter to portal/Help.jsp is not properly
+    sanitised before being returned to the user.
+  - The portal application allows users to perform certain actions via HTTP
+    requests without performing any validity checks to verify the requests.
+
+  Impact:
+  Successful exploitation will let the attacker to execute arbitrary script
+  code in the browser of an unsuspecting user in the context of the affected
+  site.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  Symantec Endpoint Protection (SEP) version 11.0.600x through 11.0.6300
+
+  Fix: Upgrade to Symantec Endpoint Protection (SEP) version 11.0.7000 RU7 or
+  later,For updates refer, http://www.symantec.com/business/endpoint-protection
+
+  References:
+  http://secunia.com/advisories/43662
+  http://securitytracker.com/id/1025919
+  http://xforce.iss.net/xforce/xfdb/69136
+  http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110810_00
+  ";
+
+  script_description(desc);
+  script_summary("Check for the version of Symantec Endpoint Protection Manager");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2011 Greenbone Networks GmbH");
+  script_family("General");
+  script_dependencies("secpod_symantec_prdts_detect.nasl");
+  script_require_keys("Symantec/Endpoint/Protection");
+  exit(0);
+}
+
+
+include("version_func.inc");
+
+## Get version from KB
+version = get_kb_item("Symantec/Endpoint/Protection");
+if(version)
+{
+  ## Check for Symantec Endpoint Protection version 11.0.600x through 11.0.6300.
+  if(version_in_range(version:version, test_version:"11.0.600", test_version2:"11.0.6300")){
+    security_hole(0);
+  }
+}

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1201_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1201_1.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1201_1.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,150 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux USN-1201-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840740);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"7.8");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "USN", value: "1201-1");
+  script_cve_id("CVE-2011-1020", "CVE-2011-1493", "CVE-2011-1770", "CVE-2011-2484", "CVE-2011-2492");
+  script_name("Ubuntu Update for linux USN-1201-1");
+  desc = "
+
+  Vulnerability Insight:
+
+  It was discovered that the /proc filesystem did not correctly handle
+  permission changes when programs executed. A local attacker could hold open
+  files to examine details about programs running with higher privileges,
+  potentially increasing the chances of exploiting additional
+  vulnerabilities. (CVE-2011-1020)
+  
+  Dan Rosenberg discovered that the X.25 Rose network stack did not correctly
+  handle certain fields. If a system was running with Rose enabled, a remote
+  attacker could send specially crafted traffic to gain root privileges.
+  (CVE-2011-1493)
+  
+  Dan Rosenberg discovered that the DCCP stack did not correctly handle
+  certain packet structures. A remote attacker could exploit this to crash
+  the system, leading to a denial of service. (CVE-2011-1770)
+  
+  Vasiliy Kulikov discovered that taskstats listeners were not correctly
+  handled. A local attacker could expoit this to exhaust memory and CPU
+  resources, leading to a denial of service. (CVE-2011-2484)
+  
+  It was discovered that Bluetooth l2cap and rfcomm did not correctly
+  initialize structures. A local attacker could exploit this to read portions
+  of the kernel stack, leading to a loss of privacy. (CVE-2011-2492)
+
+  Affected Software/OS:
+  linux on Ubuntu 10.10
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001411.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of linux");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU10.10")
+{
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.35-30-generic", ver:"2.6.35-30.59", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.35-30-generic-pae", ver:"2.6.35-30.59", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.35-30-omap", ver:"2.6.35-30.59", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.35-30-powerpc", ver:"2.6.35-30.59", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.35-30-powerpc-smp", ver:"2.6.35-30.59", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.35-30-powerpc64-smp", ver:"2.6.35-30.59", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.35-30-server", ver:"2.6.35-30.59", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.35-30-versatile", ver:"2.6.35-30.59", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.35-30-virtual", ver:"2.6.35-30.59", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1202_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1202_1.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1202_1.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,133 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux-ti-omap4 USN-1202-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840745);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"7.8");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "USN", value: "1202-1");
+  script_cve_id("CVE-2010-3296", "CVE-2010-3297", "CVE-2010-3858", "CVE-2010-3859", "CVE-2010-3874", "CVE-2010-3880", "CVE-2010-4073", "CVE-2010-4075", "CVE-2010-4076", "CVE-2010-4077", "CVE-2010-4080", "CVE-2010-4081", "CVE-2010-4082", "CVE-2010-4083", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-4162", "CVE-2010-4163", "CVE-2010-4668", "CVE-2010-4169", "CVE-2010-4175", "CVE-2010-4242", "CVE-2010-4243", "CVE-2010-4248", "CVE-2010-4256", "CVE-2010-4565", "CVE-2010-4649", "CVE-2011-1044", "CVE-2010-4655", "CVE-2010-4656", "CVE-2011-0463", "CVE-2011-0521", "CVE-2011-0695", "CVE-2011-0711", "CVE-2011-0712", "CVE-2011-0726", "CVE-2011-1010", "CVE-2011-1012", "CVE-2011-1013", "CVE-2011-1016", "CVE-2011-1017", "CVE-2011-1019", "CVE-2011-1020", "CVE-2011-1078", "CVE-2011-1079", "CVE-2011-1080", "CVE-2011-1082", "CVE-2011-1090", "CVE-2011-1093", "CVE-2011-1160", "CVE-2011-1163", "CVE-2011-1169", "CVE-2011-1170", "CVE-2011-1171", "CVE-2011-1172", "CVE-2011-2534", "CVE-2011-1173", "CVE-2011-1180", "CVE-2011-1182", "CVE-2011-1478", "CVE-2011-1493", "CVE-2011-1494", "CVE-2011-1495", "CVE-2011-1577", "CVE-2011-1593", "CVE-2011-1598", "CVE-2011-1748", "CVE-2011-1745", "CVE-2011-2022", "CVE-2011-1746", "CVE-2011-1770", "CVE-2011-1833", "CVE-2011-2484", "CVE-2011-2492", "CVE-2011-2699", "CVE-2011-2918");
+  script_name("Ubuntu Update for linux-ti-omap4 USN-1202-1");
+  desc = "
+
+  Vulnerability Insight:
+
+  Dan Rosenberg discovered that several network ioctls did not clear kernel
+  memory correctly. A local user could exploit this to read kernel stack
+  memory, leading to a loss of privacy. (CVE-2010-3296, CVE-2010-3297)
+  
+  Brad Spengler discovered that stack memory for new a process was not
+  correctly calculated. A local attacker could exploit this to crash the
+  system, leading to a denial of service. (CVE-2010-3858)
+  
+  Dan Rosenberg discovered that the Linux kernel TIPC implementation
+  contained multiple integer signedness errors. A local attacker could
+  exploit this to gain root privileges. (CVE-2010-3859)
+  
+  Dan Rosenberg discovered that the CAN protocol on 64bit systems did not
+  correctly calculate the size of certain buffers. A local attacker could
+  exploit this to crash the system or possibly execute arbitrary code as the
+  root user. (CVE-2010-3874)
+  
+  Nelson Elhage discovered that the Linux kernel IPv4 implementation did not
+  properly audit certain bytecodes in netlink messages. A local attacker
+  could exploit this to cause the kernel to hang, leading to a denial of
+  service. (CVE-2010-3880)
+  
+  Dan Rosenberg discovered that IPC structures were not correctly initialized
+  on 64bit systems. A local attacker could exploit this to read kernel stack
+  memory, leading to a loss of privacy. (CVE-2010-4073)
+  
+  Dan Rosenberg discovered that multiple terminal ioctls did not correctly
+  initialize structure memory. A local attacker could exploit this to read
+  portions of kernel stack memory, leading to a loss of privacy.
+  (CVE-2010-4075, CVE-2010-4076, CVE-2010-4077)
+  
+  Dan Rosenberg discovered that the RME Hammerfall DSP audio interface driver
+  did not correctly clear kernel memory. A local attacker could exploit this
+  to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080,
+  CVE-2010-4081)
+  
+  Dan Rosenberg discovered that the VIA video driver did not correctly clear
+  kernel memory. A local attacker could exploit this to read kernel stack
+  memory, leading to a loss of privacy. (CVE-2010-4082)
+  
+  Dan Rosenberg discovered that the semctl syscall did not correctly clear
+  kernel memory. A local attacker could exploit this to read kernel stack
+  memory, leading to a loss of privacy. (CVE-2010-4083)
+  
+  James Bottomley discovered that the ICP vortex storage array controller
+  driver did not validate certain sizes. A local attacker on a 64bit system
+  could exploit this to crash the kernel, leading to a denial of service.
+  (CVE-2010-4157)
+  
+  Dan Rosenberg discovered that the Linux kernel L2TP implementation
+  contained multiple integer sign ... 
+
+  Description truncated, for more information please check the Reference URL
+
+  Affected Software/OS:
+  linux-ti-omap4 on Ubuntu 10.10
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001412.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of linux-ti-omap4");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU10.10")
+{
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.35-903-omap4", ver:"2.6.35-903.24", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1203_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1203_1.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1203_1.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,131 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux-mvl-dove USN-1203-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840746);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"6.1");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "USN", value: "1203-1");
+  script_cve_id("CVE-2010-4076", "CVE-2010-4077", "CVE-2010-4251", "CVE-2010-4805", "CVE-2011-1020", "CVE-2011-1493", "CVE-2011-1577", "CVE-2011-2213", "CVE-2011-2484", "CVE-2011-2492", "CVE-2011-2700", "CVE-2011-2723", "CVE-2011-2918");
+  script_name("Ubuntu Update for linux-mvl-dove USN-1203-1");
+  desc = "
+
+  Vulnerability Insight:
+
+  Dan Rosenberg discovered that multiple terminal ioctls did not correctly
+  initialize structure memory. A local attacker could exploit this to read
+  portions of kernel stack memory, leading to a loss of privacy.
+  (CVE-2010-4076, CVE-2010-4077)
+  
+  Alex Shi and Eric Dumazet discovered that the network stack did not
+  correctly handle packet backlogs. A remote attacker could exploit this by
+  sending a large amount of network traffic to cause the system to run out of
+  memory, leading to a denial of service. (CVE-2010-4251, CVE-2010-4805)
+  
+  It was discovered that the /proc filesystem did not correctly handle
+  permission changes when programs executed. A local attacker could hold open
+  files to examine details about programs running with higher privileges,
+  potentially increasing the chances of exploiting additional
+  vulnerabilities. (CVE-2011-1020)
+  
+  Dan Rosenberg discovered that the X.25 Rose network stack did not correctly
+  handle certain fields. If a system was running with Rose enabled, a remote
+  attacker could send specially crafted traffic to gain root privileges.
+  (CVE-2011-1493)
+  
+  Timo Warns discovered that the GUID partition parsing routines did not
+  correctly validate certain structures. A local attacker with physical
+  access could plug in a specially crafted block device to crash the system,
+  leading to a denial of service. (CVE-2011-1577)
+  
+  Dan Rosenberg discovered that the IPv4 diagnostic routines did not
+  correctly validate certain requests. A local attacker could exploit this to
+  consume CPU resources, leading to a denial of service. (CVE-2011-2213)
+  
+  Vasiliy Kulikov discovered that taskstats listeners were not correctly
+  handled. A local attacker could expoit this to exhaust memory and CPU
+  resources, leading to a denial of service. (CVE-2011-2484)
+  
+  It was discovered that Bluetooth l2cap and rfcomm did not correctly
+  initialize structures. A local attacker could exploit this to read portions
+  of the kernel stack, leading to a loss of privacy. (CVE-2011-2492)
+  
+  Mauro Carvalho Chehab discovered that the si4713 radio driver did not
+  correctly check the length of memory copies. If this hardware was
+  available, a local attacker could exploit this to crash the system or gain
+  root privileges. (CVE-2011-2700)
+  
+  Herbert Xu discovered that certain fields were incorrectly handled when
+  Generic Receive Offload (GRO) is enabled. If a system was running with GRO
+  enabled, a remote attacker could send specially crafted traffic to crash
+  the system, leading to a denial of service. (CVE-2011-2723)
+  
+  The performance counter subsystem did not correctly handle certain
+  counters. A local attacker could exploit this to crash the system, leading
+  to a denial of service. (CVE-2011-2918)
+
+  Affected Software/OS:
+  linux-mvl-dove on Ubuntu 10.04 LTS
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001413.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of linux-mvl-dove");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.32-218-dove", ver:"2.6.32-218.36", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1204_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1204_1.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1204_1.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,132 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux-fsl-imx51 USN-1204-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840744);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"7.8");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "USN", value: "1204-1");
+  script_cve_id("CVE-2010-3859", "CVE-2010-4075", "CVE-2010-4076", "CVE-2010-4077", "CVE-2010-4158", "CVE-2010-4160", "CVE-2010-4162", "CVE-2010-4163", "CVE-2010-4668", "CVE-2010-4175", "CVE-2010-4242", "CVE-2010-4243", "CVE-2010-4251", "CVE-2010-4805", "CVE-2010-4526", "CVE-2010-4649", "CVE-2011-1044", "CVE-2011-0726", "CVE-2011-1010", "CVE-2011-1012", "CVE-2011-1013", "CVE-2011-1020", "CVE-2011-1078", "CVE-2011-1079", "CVE-2011-1080", "CVE-2011-1082", "CVE-2011-1090", "CVE-2011-1093", "CVE-2011-1160", "CVE-2011-1163", "CVE-2011-1170", "CVE-2011-1171", "CVE-2011-1172", "CVE-2011-2534", "CVE-2011-1173", "CVE-2011-1180", "CVE-2011-1478", "CVE-2011-1493", "CVE-2011-1577", "CVE-2011-1598", "CVE-2011-1770", "CVE-2011-1833", "CVE-2011-2484", "CVE-2011-2492", "CVE-2011-2699", "CVE-2011-2918");
+  script_name("Ubuntu Update for linux-fsl-imx51 USN-1204-1");
+  desc = "
+
+  Vulnerability Insight:
+
+  Dan Rosenberg discovered that the Linux kernel TIPC implementation
+  contained multiple integer signedness errors. A local attacker could
+  exploit this to gain root privileges. (CVE-2010-3859)
+  
+  Dan Rosenberg discovered that multiple terminal ioctls did not correctly
+  initialize structure memory. A local attacker could exploit this to read
+  portions of kernel stack memory, leading to a loss of privacy.
+  (CVE-2010-4075, CVE-2010-4076, CVE-2010-4077)
+  
+  Dan Rosenberg discovered that the socket filters did not correctly
+  initialize structure memory. A local attacker could create malicious
+  filters to read portions of kernel stack memory, leading to a loss of
+  privacy. (CVE-2010-4158)
+  
+  Dan Rosenberg discovered that the Linux kernel L2TP implementation
+  contained multiple integer signedness errors. A local attacker could
+  exploit this to to crash the kernel, or possibly gain root privileges.
+  (CVE-2010-4160)
+  
+  Dan Rosenberg discovered that certain iovec operations did not calculate
+  page counts correctly. A local attacker could exploit this to crash the
+  system, leading to a denial of service. (CVE-2010-4162)
+  
+  Dan Rosenberg discovered that the SCSI subsystem did not correctly validate
+  iov segments. A local attacker with access to a SCSI device could send
+  specially crafted requests to crash the system, leading to a denial of
+  service. (CVE-2010-4163, CVE-2010-4668)
+  
+  Dan Rosenberg discovered that the RDS protocol did not correctly check
+  ioctl arguments. A local attacker could exploit this to crash the system,
+  leading to a denial of service. (CVE-2010-4175)
+  
+  Alan Cox discovered that the HCI UART driver did not correctly check if a
+  write operation was available. If the mmap_min-addr sysctl was changed from
+  the Ubuntu default to a value of 0, a local attacker could exploit this
+  flaw to gain root privileges. (CVE-2010-4242)
+  
+  Brad Spengler discovered that the kernel did not correctly account for
+  userspace memory allocations during exec() calls. A local attacker could
+  exploit this to consume all system memory, leading to a denial of service.
+  (CVE-2010-4243)
+  
+  Alex Shi and Eric Dumazet discovered that the network stack did not
+  correctly handle packet backlogs. A remote attacker could exploit this by
+  sending a large amount of network traffic to cause the system to run out of
+  memory, leading to a denial of service. (CVE-2010-4251, CVE-2010-4805)
+  
+  It was discovered that the ICMP stack did not correctly handle certain
+  unreachable messages. If a remote attacker were able to acquire a socket
+  lock, they could send specially  ... 
+
+  Description truncated, for more information please check the Reference URL
+
+  Affected Software/OS:
+  linux-fsl-imx51 on Ubuntu 10.04 LTS
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001414.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of linux-fsl-imx51");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.31-610-imx51", ver:"2.6.31-610.28", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1205_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1205_1.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1205_1.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,120 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux-lts-backport-maverick USN-1205-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840739);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"7.8");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "USN", value: "1205-1");
+  script_cve_id("CVE-2011-1020", "CVE-2011-1493", "CVE-2011-1770", "CVE-2011-2484", "CVE-2011-2492");
+  script_name("Ubuntu Update for linux-lts-backport-maverick USN-1205-1");
+  desc = "
+
+  Vulnerability Insight:
+
+  It was discovered that the /proc filesystem did not correctly handle
+  permission changes when programs executed. A local attacker could hold open
+  files to examine details about programs running with higher privileges,
+  potentially increasing the chances of exploiting additional
+  vulnerabilities. (CVE-2011-1020)
+  
+  Dan Rosenberg discovered that the X.25 Rose network stack did not correctly
+  handle certain fields. If a system was running with Rose enabled, a remote
+  attacker could send specially crafted traffic to gain root privileges.
+  (CVE-2011-1493)
+  
+  Dan Rosenberg discovered that the DCCP stack did not correctly handle
+  certain packet structures. A remote attacker could exploit this to crash
+  the system, leading to a denial of service. (CVE-2011-1770)
+  
+  Vasiliy Kulikov discovered that taskstats listeners were not correctly
+  handled. A local attacker could expoit this to exhaust memory and CPU
+  resources, leading to a denial of service. (CVE-2011-2484)
+  
+  It was discovered that Bluetooth l2cap and rfcomm did not correctly
+  initialize structures. A local attacker could exploit this to read portions
+  of the kernel stack, leading to a loss of privacy. (CVE-2011-2492)
+
+  Affected Software/OS:
+  linux-lts-backport-maverick on Ubuntu 10.04 LTS
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001415.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of linux-lts-backport-maverick");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.35-30-generic", ver:"2.6.35-30.59~lucid1", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.35-30-generic-pae", ver:"2.6.35-30.59~lucid1", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.35-30-server", ver:"2.6.35-30.59~lucid1", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.35-30-virtual", ver:"2.6.35-30.59~lucid1", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1206_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1206_1.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1206_1.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,164 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for librsvg USN-1206-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840742);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "USN", value: "1206-1");
+  script_cve_id("CVE-2011-3146");
+  script_name("Ubuntu Update for librsvg USN-1206-1");
+  desc = "
+
+  Vulnerability Insight:
+
+  Sauli Pahlman discovered that librsvg did not correctly handle malformed
+  filter names. If a user or automated system were tricked into processing a
+  specially crafted SVG image, a remote attacker could gain user privileges.
+
+  Affected Software/OS:
+  librsvg on Ubuntu 11.04 ,
+  Ubuntu 10.10 ,
+  Ubuntu 10.04 LTS
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001416.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of librsvg");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU10.10")
+{
+
+  if(isdpkgvuln(pkg:"librsvg2-2", ver:"2.32.0-0ubuntu1.1", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"librsvg2-bin", ver:"2.32.0-0ubuntu1.1", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"librsvg2-common", ver:"2.32.0-0ubuntu1.1", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"librsvg2-dev", ver:"2.32.0-0ubuntu1.1", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if(isdpkgvuln(pkg:"librsvg2-2", ver:"2.26.3-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"librsvg2-bin", ver:"2.26.3-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"librsvg2-common", ver:"2.26.3-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"librsvg2-dev", ver:"2.26.3-0ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "UBUNTU11.04")
+{
+
+  if(isdpkgvuln(pkg:"librsvg2-2", ver:"2.32.1-0ubuntu3.1", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"librsvg2-bin", ver:"2.32.1-0ubuntu3.1", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"librsvg2-common", ver:"2.32.1-0ubuntu3.1", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"librsvg2-dev", ver:"2.32.1-0ubuntu3.1", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1207_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1207_1.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1207_1.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,125 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for cups USN-1207-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840741);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"5.1");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "USN", value: "1207-1");
+  script_cve_id("CVE-2011-2896", "CVE-2011-3170");
+  script_name("Ubuntu Update for cups USN-1207-1");
+  desc = "
+
+  Vulnerability Insight:
+
+  Tomas Hoger discovered that the CUPS image library incorrectly handled LZW
+  streams. A remote attacker could use this flaw to cause a denial of service
+  or possibly execute arbitrary code.
+
+  Affected Software/OS:
+  cups on Ubuntu 11.04 ,
+  Ubuntu 10.10 ,
+  Ubuntu 10.04 LTS ,
+  Ubuntu 8.04 LTS
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001417.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of cups");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU10.10")
+{
+
+  if(isdpkgvuln(pkg:"libcupsimage2", ver:"1.4.4-6ubuntu2.4", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if(isdpkgvuln(pkg:"libcupsimage2", ver:"1.4.3-1ubuntu1.5", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "UBUNTU11.04")
+{
+
+  if(isdpkgvuln(pkg:"libcupsimage2", ver:"1.4.6-5ubuntu1.4", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "UBUNTU8.04 LTS")
+{
+
+  if(isdpkgvuln(pkg:"libcupsimage2", ver:"1.3.7-1ubuntu3.13", rls:"UBUNTU8.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1208_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1208_1.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1208_1.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,129 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux-mvl-dove USN-1208-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840743);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"6.1");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "USN", value: "1208-1");
+  script_cve_id("CVE-2010-4076", "CVE-2010-4077", "CVE-2010-4251", "CVE-2010-4805", "CVE-2011-1020", "CVE-2011-1493", "CVE-2011-1577", "CVE-2011-2213", "CVE-2011-2484", "CVE-2011-2492", "CVE-2011-2700", "CVE-2011-2723", "CVE-2011-2918");
+  script_name("Ubuntu Update for linux-mvl-dove USN-1208-1");
+  desc = "
+
+  Vulnerability Insight:
+
+  Dan Rosenberg discovered that multiple terminal ioctls did not correctly
+  initialize structure memory. A local attacker could exploit this to read
+  portions of kernel stack memory, leading to a loss of privacy.
+  (CVE-2010-4076, CVE-2010-4077)
+  
+  Alex Shi and Eric Dumazet discovered that the network stack did not
+  correctly handle packet backlogs. A remote attacker could exploit this by
+  sending a large amount of network traffic to cause the system to run out of
+  memory, leading to a denial of service. (CVE-2010-4251, CVE-2010-4805)
+  
+  It was discovered that the /proc filesystem did not correctly handle
+  permission changes when programs executed. A local attacker could hold open
+  files to examine details about programs running with higher privileges,
+  potentially increasing the chances of exploiting additional
+  vulnerabilities. (CVE-2011-1020)
+  
+  Dan Rosenberg discovered that the X.25 Rose network stack did not correctly
+  handle certain fields. If a system was running with Rose enabled, a remote
+  attacker could send specially crafted traffic to gain root privileges.
+  (CVE-2011-1493)
+  
+  Timo Warns discovered that the GUID partition parsing routines did not
+  correctly validate certain structures. A local attacker with physical
+  access could plug in a specially crafted block device to crash the system,
+  leading to a denial of service. (CVE-2011-1577)
+  
+  Dan Rosenberg discovered that the IPv4 diagnostic routines did not
+  correctly validate certain requests. A local attacker could exploit this to
+  consume CPU resources, leading to a denial of service. (CVE-2011-2213)
+  
+  Vasiliy Kulikov discovered that taskstats listeners were not correctly
+  handled. A local attacker could expoit this to exhaust memory and CPU
+  resources, leading to a denial of service. (CVE-2011-2484)
+  
+  It was discovered that Bluetooth l2cap and rfcomm did not correctly
+  initialize structures. A local attacker could exploit this to read portions
+  of the kernel stack, leading to a loss of privacy. (CVE-2011-2492)
+  
+  Mauro Carvalho Chehab discovered that the si4713 radio driver did not
+  correctly check the length of memory copies. If this hardware was
+  available, a local attacker could exploit this to crash the system or gain
+  root privileges. (CVE-2011-2700)
+  
+  Herbert Xu discovered that certain fields were incorrectly handled when
+  Generic Receive Offload (CVE-2011-2723)
+  
+  The performance counter subsystem did not correctly handle certain
+  counters. A local attacker could exploit this to crash the system, leading
+  to a denial of service. (CVE-2011-2918)
+
+  Affected Software/OS:
+  linux-mvl-dove on Ubuntu 10.10
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001418.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of linux-mvl-dove");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU10.10")
+{
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.32-418-dove", ver:"2.6.32-418.36", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_wordpress_ip_logger_plugin_sql_inj_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_wordpress_ip_logger_plugin_sql_inj_vuln.nasl	2011-09-16 14:31:46 UTC (rev 11624)
+++ trunk/openvas-plugins/scripts/gb_wordpress_ip_logger_plugin_sql_inj_vuln.nasl	2011-09-16 15:22:17 UTC (rev 11625)
@@ -0,0 +1,104 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_wordpress_ip_logger_plugin_sql_inj_vuln.nasl 16760 2011-09-13 18:15:15Z sep $
+#
+# WordPress IP Logger Plugin map-details.php SQL Injection Vulnerability
+#
+# Authors:
+# Veerendra G.G <veerendragg at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(802035);
+  script_version("$Revision: 1.0$");
+  script_bugtraq_id(49168);
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("WordPress IP Logger Plugin map-details.php SQL Injection Vulnerability");
+  desc = "
+  Overview: This host is installed with WordPress IP Logger plugin and is prone
+  to sql injection vulnerability.
+
+  Vulnerability Insight:
+  The flaw is caused due to improper validation of user-supplied input passed
+  via multiple parameters to '/wp-content/plugins/ip-logger/map-details.php',
+  which allows attackers to manipulate SQL queries by injecting arbitrary
+  SQL code.
+
+  Impact:
+  Successful exploitation will let the attacker to perform SQL Injection attack
+  and gain sensitive information.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  WordPress IP Logger Version 3.0, Other versions may also be affected.
+
+  Fix: No solution or patch is available as on 13th September 2011. Information
+  regarding this issue will be updated once the solution details are available.
+  For updates refer, http://wordpress.org/extend/plugins
+
+  References:
+  http://xforce.iss.net/xforce/xfdb/69255
+  http://www.exploit-db.com/exploits/17673
+  http://packetstormsecurity.org/files/view/104086
+  ";
+
+  script_description(desc);
+  script_summary("Check if WordPress IP Logger plugin is vulnerable to SQL Injection");
+  script_category(ACT_ATTACK);
+  script_copyright("Copyright (C) 2011 Greenbone Networks GmbH");
+  script_family("Web application abuses");
+  script_dependencies("secpod_wordpress_detect_900182.nasl");
+  script_require_ports("Services/www", 80);
+  exit(0);
+}
+
+
+include("http_func.inc");
+include("version_func.inc");
+include("http_keepalive.inc");
+
+## Get HTTP Port
+port = get_http_port(default:80);
+if(!port){
+  exit(0);
+}
+
+## Check Host Supports PHP
+if(!can_host_php(port:port)){
+  exit(0);
+}
+
+## Get WordPress Installed Location
+if(!dir = get_dir_from_kb(port:port, app:"WordPress")){
+  exit(0);
+}
+
+## Construct the Attack Request
+url = dir + "/wp-content/plugins/ip-logger/map-details.php?lat=-1'[SQLi]--";
+
+## Try attack and check the response to confirm vulnerability.
+if(http_vuln_check(port:port, url:url, pattern:"mysql_fetch_assoc\(\): suppli"+
+   "ed argument is not a valid MySQL result|You have an error in your SQL " +
+   "syntax;")){
+  security_hole(port);
+  exit(0);
+}



More information about the Openvas-commits mailing list