[Openvas-commits] r11681 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Fri Sep 23 16:39:55 CEST 2011


Author: veerendragg
Date: 2011-09-23 16:39:49 +0200 (Fri, 23 Sep 2011)
New Revision: 11681

Added:
   trunk/openvas-plugins/scripts/gb_CESA-2011_0975_sssd_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_0999_rsync_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1000_rgmanager_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1005_sysstat_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1019_libvirt_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1065_kernel_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1073_bash_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1089_systemtap_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1104_libpng_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1109_foomatic_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1132_dbus_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1154_libXfont_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1160_dhclient_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1164_firefox_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1164_xulrunner_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1165_thunderbird_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1187_dovecot_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1196_system-config-printer_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1212_kernel_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1219_libsmbclient_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1220_samba3x_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1241_ecryptfs-utils-75-5.el5__centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1242_xulrunner_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1243_thunderbird_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1267_thunderbird_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1268_xulrunner_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1282_nspr_centos4_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1282_nspr_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1317_cyrus-imapd_centos4_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1317_cyrus-imapd_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1324_qt4_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1325_evolution28-pango_centos4_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1326_pango_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1327_frysk_centos4_i386.nasl
   trunk/openvas-plugins/scripts/gb_RHSA-2011_1317-01_cyrus-imapd.nasl
   trunk/openvas-plugins/scripts/gb_RHSA-2011_1321-01_kernel.nasl
   trunk/openvas-plugins/scripts/gb_RHSA-2011_1324-01_qt4.nasl
   trunk/openvas-plugins/scripts/gb_RHSA-2011_1325-01_evolution28-pango.nasl
   trunk/openvas-plugins/scripts/gb_RHSA-2011_1326-01_pango.nasl
   trunk/openvas-plugins/scripts/gb_RHSA-2011_1327-01_frysk.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_12301_librsvg2_fc14.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_12423_wireshark_fc14.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_12975_openttd_fc14.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1197_6.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1209_1.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1209_2.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1211_1.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1212_1.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1214_1.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1215_1.nasl
   trunk/openvas-plugins/scripts/secpod_acdsee_fotoslate_mult_bof_vuln.nasl
   trunk/openvas-plugins/scripts/secpod_authenex_asas_server_sql_inj_vuln.nasl
   trunk/openvas-plugins/scripts/secpod_colasoft_capsa_snmp_dos_vuln.nasl
   trunk/openvas-plugins/scripts/secpod_dotproject_sql_inj_vuln.nasl
   trunk/openvas-plugins/scripts/secpod_ea_gbook_inc_ordner_parameter_lfi_vuln.nasl
   trunk/openvas-plugins/scripts/secpod_google_chrome_mult_vuln_sep11_lin.nasl
   trunk/openvas-plugins/scripts/secpod_google_chrome_mult_vuln_sep11_macosx.nasl
   trunk/openvas-plugins/scripts/secpod_google_chrome_mult_vuln_sep11_win.nasl
   trunk/openvas-plugins/scripts/secpod_ibm_lotus_domino_xss_n_bof_vuln.nasl
   trunk/openvas-plugins/scripts/secpod_macosx_keychain_impl_sec_bypass_vuln.nasl
   trunk/openvas-plugins/scripts/secpod_nam_carportal_sql_inj_vuln.nasl
   trunk/openvas-plugins/scripts/secpod_rpc_rstatd.nasl
   trunk/openvas-plugins/scripts/secpod_scriptftp_cmd_bof_vuln.nasl
Modified:
   trunk/openvas-plugins/ChangeLog
   trunk/openvas-plugins/scripts/gb_win_xp_chm_dos_vuln.nasl
   trunk/openvas-plugins/scripts/misc_func.inc
Log:
Added new plugins. Added new LSC plugins. Fixed a FP. Added New function construct_rpc_packet()

Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/ChangeLog	2011-09-23 14:39:49 UTC (rev 11681)
@@ -1,3 +1,78 @@
+2011-09-22  Veerendra G.G <veerendragg at secpod.com>,
+
+	* scripts/secpod_colasoft_capsa_snmp_dos_vuln.nasl,
+	scripts/secpod_google_chrome_mult_vuln_sep11_lin.nasl,
+	scripts/secpod_google_chrome_mult_vuln_sep11_macosx.nasl,
+	scripts/secpod_acdsee_fotoslate_mult_bof_vuln.nasl,
+	scripts/secpod_rpc_rstatd.nasl,
+	scripts/secpod_authenex_asas_server_sql_inj_vuln.nasl,
+	scripts/secpod_google_chrome_mult_vuln_sep11_win.nasl,
+	scripts/secpod_ea_gbook_inc_ordner_parameter_lfi_vuln.nasl,
+	scripts/secpod_nam_carportal_sql_inj_vuln.nasl,
+	scripts/secpod_dotproject_sql_inj_vuln.nasl,
+	scripts/secpod_ibm_lotus_domino_xss_n_bof_vuln.nasl,
+	scripts/secpod_scriptftp_cmd_bof_vuln.nasl,
+	scripts/secpod_macosx_keychain_impl_sec_bypass_vuln.nasl:
+	Added new plugins.
+
+	* scripts/gb_CESA-2011_1212_kernel_centos5_i386.nasl,
+	scripts/gb_CESA-2011_1019_libvirt_centos5_i386.nasl,
+	scripts/gb_RHSA-2011_1317-01_cyrus-imapd.nasl,
+	scripts/gb_CESA-2011_1065_kernel_centos5_i386.nasl,
+	scripts/gb_ubuntu_USN_1214_1.nasl,
+	scripts/gb_CESA-2011_1326_pango_centos5_i386.nasl,
+	scripts/gb_fedora_2011_12975_openttd_fc14.nasl,
+	scripts/gb_ubuntu_USN_1211_1.nasl,
+	scripts/gb_CESA-2011_1317_cyrus-imapd_centos5_i386.nasl,
+	scripts/gb_CESA-2011_1164_firefox_centos5_i386.nasl,
+	scripts/gb_CESA-2011_1165_thunderbird_centos5_i386.nasl,
+	scripts/gb_fedora_2011_12301_librsvg2_fc14.nasl,
+	scripts/gb_CESA-2011_1000_rgmanager_centos5_i386.nasl,
+	scripts/gb_RHSA-2011_1326-01_pango.nasl,
+	scripts/gb_CESA-2011_1073_bash_centos5_i386.nasl,
+	scripts/gb_RHSA-2011_1325-01_evolution28-pango.nasl,
+	scripts/gb_CESA-2011_1109_foomatic_centos5_i386.nasl,
+	scripts/gb_CESA-2011_1268_xulrunner_centos5_i386.nasl,
+	scripts/gb_CESA-2011_1164_xulrunner_centos5_i386.nasl,
+	scripts/gb_CESA-2011_1324_qt4_centos5_i386.nasl,
+	scripts/gb_CESA-2011_1160_dhclient_centos5_i386.nasl,
+	scripts/gb_CESA-2011_1104_libpng_centos5_i386.nasl,
+	scripts/gb_CESA-2011_1243_thunderbird_centos5_i386.nasl,
+	scripts/gb_CESA-2011_1005_sysstat_centos5_i386.nasl,
+	scripts/gb_CESA-2011_1154_libXfont_centos5_i386.nasl,
+	scripts/gb_CESA-2011_0999_rsync_centos5_i386.nasl,
+	scripts/gb_fedora_2011_12423_wireshark_fc14.nasl,
+	scripts/gb_CESA-2011_0975_sssd_centos5_i386.nasl,
+	scripts/gb_CESA-2011_1282_nspr_centos4_i386.nasl,
+	scripts/gb_RHSA-2011_1327-01_frysk.nasl,
+	scripts/gb_CESA-2011_1325_evolution28-pango_centos4_i386.nasl,
+	scripts/gb_CESA-2011_1219_libsmbclient_centos5_i386.nasl,
+	scripts/gb_CESA-2011_1241_ecryptfs-utils-75-5.el5__centos5_i386.nasl,
+	scripts/gb_CESA-2011_1196_system-config-printer_centos5_i386.nasl,
+	scripts/gb_CESA-2011_1327_frysk_centos4_i386.nasl,
+	scripts/gb_ubuntu_USN_1209_1.nasl,
+	scripts/gb_ubuntu_USN_1197_6.nasl,
+	scripts/gb_CESA-2011_1089_systemtap_centos5_i386.nasl,
+	scripts/gb_CESA-2011_1132_dbus_centos5_i386.nasl,
+	scripts/gb_CESA-2011_1317_cyrus-imapd_centos4_i386.nasl,
+	scripts/gb_CESA-2011_1242_xulrunner_centos5_i386.nasl,
+	scripts/gb_ubuntu_USN_1215_1.nasl,
+	scripts/gb_RHSA-2011_1321-01_kernel.nasl,
+	scripts/gb_ubuntu_USN_1212_1.nasl,
+	scripts/gb_CESA-2011_1220_samba3x_centos5_i386.nasl,
+	scripts/gb_CESA-2011_1282_nspr_centos5_i386.nasl,
+	scripts/gb_ubuntu_USN_1209_2.nasl,
+	scripts/gb_CESA-2011_1187_dovecot_centos5_i386.nasl,
+	scripts/gb_RHSA-2011_1324-01_qt4.nasl,
+	scripts/gb_CESA-2011_1267_thunderbird_centos5_i386.nasl:
+	Added new LSC plugins.
+
+	* scripts/gb_win_xp_chm_dos_vuln.nasl:
+	Fixed a FP.
+
+	* scripts/misc_func.inc:
+	Added New function construct_rpc_packet()
+
 2011-09-23  Michael Meyer <michael.meyer at greenbone.net>
 
 	* scripts/quicktime_admin.nasl:

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_0975_sssd_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_0975_sssd_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_0975_sssd_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,115 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for sssd CESA-2011:0975 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(880983);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"2.1");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_xref(name: "CESA", value: "2011:0975");
+  script_cve_id("CVE-2010-4341");
+  script_name("CentOS Update for sssd CESA-2011:0975 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  The System Security Services Daemon (SSSD) provides a set of daemons to
+  manage access to remote directories and authentication mechanisms. It
+  provides an NSS and PAM interface toward the system and a pluggable
+  back-end system to connect to multiple different account sources. It is
+  also the basis to provide client auditing and policy services for projects
+  such as FreeIPA.
+  
+  A flaw was found in the SSSD PAM responder that could allow a local
+  attacker to force SSSD to enter an infinite loop via a carefully-crafted
+  packet. With SSSD unresponsive, legitimate users could be denied the
+  ability to log in to the system. (CVE-2010-4341)
+  
+  Red Hat would like to thank Sebastian Krahmer for reporting this issue.
+  
+  These updated sssd packages include a number of bug fixes and enhancements.
+  Space precludes documenting all of these changes in this advisory. Refer to
+  the Red Hat Enterprise Linux 5.7 Technical Notes for information about
+  these changes:
+  https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.7_Technical_Notes/sssd.html#RHSA-2011-0975
+  
+  All sssd users are advised to upgrade to these updated sssd packages, which
+  upgrade SSSD to upstream version 1.5.1 to correct this issue, and fix the
+  bugs and add the enhancements noted in the Technical Notes.
+
+
+  Affected Software/OS:
+  sssd on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017982.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of sssd");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"sssd", rpm:"sssd~1.5.1~37.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"sssd-client", rpm:"sssd-client~1.5.1~37.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"sssd-tools", rpm:"sssd-tools~1.5.1~37.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_0999_rsync_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_0999_rsync_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_0999_rsync_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,124 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for rsync CESA-2011:0999 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(881002);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"10.0");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_xref(name: "CESA", value: "2011:0999");
+  script_cve_id("CVE-2007-6200");
+  script_name("CentOS Update for rsync CESA-2011:0999 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  rsync is a program for synchronizing files over a network.
+  
+  A flaw was found in the way the rsync daemon handled the &quot;filter&quot;,
+  &quot;exclude&quot;, and &quot;exclude from&quot; options, used for hiding files and preventing
+  access to them from rsync clients. A remote attacker could use this flaw to
+  bypass those restrictions by using certain command line options and
+  symbolic links, allowing the attacker to overwrite those files if they knew
+  their file names and had write access to them. (CVE-2007-6200)
+  
+  Note: This issue only affected users running rsync as a writable daemon:
+  &quot;read only&quot; set to &quot;false&quot; in the rsync configuration file (for example,
+  &quot;/etc/rsyncd.conf&quot;). By default, this option is set to &quot;true&quot;.
+  
+  This update also fixes the following bugs:
+  
+  * The rsync package has been upgraded to upstream version 3.0.6, which
+  provides a number of bug fixes and enhancements over the previous version.
+  (BZ#339971)
+  
+  * When running an rsync daemon that was receiving files, a deferred info,
+  error or log message could have been sent directly to the sender instead of
+  being handled by the &quot;rwrite()&quot; function in the generator. Also, under
+  certain circumstances, a deferred info or error message from the receiver
+  could have bypassed the log file and could have been sent only to the
+  client process. As a result, an &quot;unexpected tag 3&quot; fatal error could have
+  been displayed. These problems have been fixed in this update so that an
+  rsync daemon receiving files now works as expected. (BZ#471182)
+  
+  * Prior to this update, the rsync daemon called a number of timezone-using
+  functions after doing a chroot. As a result, certain C libraries were
+  unable to generate proper timestamps from inside a chrooted daemon. This
+  bug has been fixed in this update so that the rsync daemon now calls the
+  respective timezone-using functions prior to doing a chroot, and proper
+  timestamps are now generated as expected. (BZ#575022)
+  
+  * When running rsync under a non-root user with the &quot;-A&quot; (&quot;--acls&quot;) option
+  and without using the &quot;--numeric-ids&quot; option, if there was an Access
+  Control List (ACL) that included a group entry for a group that the
+  respective user was not a member of on the receiving side, the
+  &quot;acl_set_file()&quot; function returned an invalid argument value (&quot;EINVAL&quot;).
+  This was caused by rsync mistakenly mapping the group name to the Group ID
+  &quot;GID_NONE&quot; (&quot;-1&quot;), which failed. The bug has been fixed in this update so
+  that no ... 
+
+  Description truncated, for more information please check the Reference URL
+
+  Affected Software/OS:
+  rsync on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017961.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of rsync");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"rsync", rpm:"rsync~3.0.6~4.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1000_rgmanager_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1000_rgmanager_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1000_rgmanager_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,145 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for rgmanager CESA-2011:1000 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(881000);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"6.9");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "CESA", value: "2011:1000");
+  script_cve_id("CVE-2010-3389");
+  script_name("CentOS Update for rgmanager CESA-2011:1000 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  The rgmanager package contains the Red Hat Resource Group Manager, which
+  provides the ability to create and manage high-availability server
+  applications in the event of system downtime.
+  
+  It was discovered that certain resource agent scripts set the
+  LD_LIBRARY_PATH environment variable to an insecure value containing empty
+  path elements. A local user able to trick a user running those scripts to
+  run them while working from an attacker-writable directory could use this
+  flaw to escalate their privileges via a specially-crafted dynamic library.
+  (CVE-2010-3389)
+  
+  Red Hat would like to thank Raphael Geissert for reporting this issue.
+  
+  This update also fixes the following bugs:
+  
+  * The failover domain &quot;nofailback&quot; option was not honored if a service was
+  in the &quot;starting&quot; state. This bug has been fixed. (BZ#669440)
+  
+  * PID files with white spaces in the file name are now handled correctly.
+  (BZ#632704)
+  
+  * The /usr/sbin/rhev-check.sh script can now be used from within Cron.
+  (BZ#634225)
+  
+  * The clustat utility now reports the correct version. (BZ#654160)
+  
+  * The oracledb.sh agent now attempts to try the &quot;shutdown immediate&quot;
+  command instead of using the &quot;shutdown abort&quot; command. (BZ#633992)
+  
+  * The SAPInstance and SAPDatabase scripts now use proper directory name
+  quoting so they no longer collide with directory names like &quot;/u&quot;.
+  (BZ#637154)
+  
+  * The clufindhostname utility now returns the correct value in all cases.
+  (BZ#592613)
+  
+  * The nfsclient resource agent now handles paths with trailing slashes
+  correctly. (BZ#592624)
+  
+  * The last owner of a service is now reported correctly after a failover.
+  (BZ#610483)
+  
+  * The /usr/share/cluster/fs.sh script no longer runs the &quot;quotaoff&quot; command
+  if quotas were not configured. (BZ#637678)
+  
+  * The &quot;listen&quot; line in the /etc/httpd/conf/httpd.conf file generated by the
+  Apache resource agent is now correct. (BZ#675739)
+  
+  * The tomcat-5 resource agent no longer generates incorrect configurations.
+  (BZ#637802)
+  
+  * The time required to stop an NFS resource when the server is unavailable
+  has been reduced. (BZ#678494)
+  
+  * When using exclusive prioritization, a higher priority service now
+  preempts a lower priority service after status check failures. (BZ#680256)
+  
+  * The postgres-8 resource agent now correctly detects failed start
+  operations. (BZ#663827)
+  
+  * The handling of reference counts passed by rgmanager to resource agents
+  now works properly, as expected. (BZ#692771)
+  
+  As well, this update adds the  ... 
+
+  Description truncated, for more information please check the Reference URL
+
+  Affected Software/OS:
+  rgmanager on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017958.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of rgmanager");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"rgmanager", rpm:"rgmanager~2.0.52~21.el5.centos", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1005_sysstat_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1005_sysstat_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1005_sysstat_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,133 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for sysstat CESA-2011:1005 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(880987);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"4.4");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_xref(name: "CESA", value: "2011:1005");
+  script_cve_id("CVE-2007-3852");
+  script_name("CentOS Update for sysstat CESA-2011:1005 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  The sysstat package contains a set of utilities which enable system
+  monitoring of disks, network, and other I/O activity.
+  
+  It was found that the sysstat initscript created a temporary file in an
+  insecure way. A local attacker could use this flaw to create arbitrary
+  files via a symbolic link attack. (CVE-2007-3852)
+  
+  This update fixes the following bugs:
+  
+  * On systems under heavy load, the sadc utility would sometimes output the
+  following error message if a write() call was unable to write all of the
+  requested input:
+  
+  &quot;Cannot write data to system activity file: Success.&quot;
+  
+  In this updated package, the sadc utility tries to write the remaining
+  input, resolving this issue. (BZ#454617)
+  
+  * On the Itanium architecture, the &quot;sar -I&quot; command provided incorrect
+  information about the interrupt statistics of the system. With this update,
+  the &quot;sar -I&quot; command has been disabled for this architecture, preventing
+  this bug. (BZ#468340)
+  
+  * Previously, the &quot;iostat -n&quot; command used invalid data to create
+  statistics for read and write operations. With this update, the data source
+  for these statistics has been fixed, and the iostat utility now returns
+  correct information. (BZ#484439)
+  
+  * The &quot;sar -d&quot; command used to output invalid data about block devices.
+  With this update, the sar utility recognizes disk registration and disk
+  overflow statistics properly, and only correct and relevant data is now
+  displayed. (BZ#517490)
+  
+  * Previously, the sar utility set the maximum number of days to be logged
+  in one month too high. Consequently, data from a month was appended to
+  data from the preceding month. With this update, the maximum number of days
+  has been set to 25, and data from a month now correctly replaces data from
+  the preceding month. (BZ#578929)
+  
+  * In previous versions of the iostat utility, the number of NFS mount
+  points was hard-coded. Consequently, various issues occurred while iostat
+  was running and NFS mount points were mounted or unmounted; certain values
+  in iostat reports overflowed and some mount points were not reported at
+  all. With this update, iostat properly recognizes when an NFS mount point
+  mounts or unmounts, fixing these issues. (BZ#675058, BZ#706095, BZ#694767)
+  
+  * When a device name was longer than 13 characters, the iostat utility
+  printed a redundant new line character, making its output less readable.
+  This bug has been fixed and now, no extra characters are printed if a long
+  device name occurs in iostat output. (BZ#604637)
+  
+  * Previously, if kernel inte ... 
+
+  Description truncated, for more information please check the Reference URL
+
+  Affected Software/OS:
+  sysstat on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/018036.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of sysstat");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"sysstat", rpm:"sysstat~7.0.2~11.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1019_libvirt_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1019_libvirt_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1019_libvirt_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,140 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for libvirt CESA-2011:1019 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(880996);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"4.0");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_xref(name: "CESA", value: "2011:1019");
+  script_cve_id("CVE-2011-2511");
+  script_name("CentOS Update for libvirt CESA-2011:1019 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  The libvirt library is a C API for managing and interacting with the
+  virtualization capabilities of Linux and other operating systems.
+  
+  An integer overflow flaw was found in libvirtd's RPC call handling. An
+  attacker able to establish read-only connections to libvirtd could trigger
+  this flaw by calling virDomainGetVcpus() with specially-crafted parameters,
+  causing libvirtd to crash. (CVE-2011-2511)
+  
+  This update fixes the following bugs:
+  
+  * libvirt was rebased from version 0.6.3 to version 0.8.2 in Red Hat
+  Enterprise Linux 5.6. A code audit found a minor API change that effected
+  error messages seen by libvirt 0.8.2 clients talking to libvirt 0.7.1 
+  0.7.7 (0.7.x) servers. A libvirt 0.7.x server could send
+  VIR_ERR_BUILD_FIREWALL errors where a libvirt 0.8.2 client expected
+  VIR_ERR_CONFIG_UNSUPPORTED errors. In other circumstances, a libvirt 0.8.2
+  client saw a &quot;Timed out during operation&quot; message where it should see an
+  &quot;Invalid network filter&quot; error. This update adds a backported patch that
+  allows libvirt 0.8.2 clients to interoperate with the API as used by
+  libvirt 0.7.x servers, ensuring correct error messages are sent.
+  (BZ#665075)
+  
+  * libvirt could crash if the maximum number of open file descriptors
+  (_SC_OPEN_MAX) grew larger than the FD_SETSIZE value because it accessed
+  file descriptors outside the bounds of the set. With this update the
+  maximum number of open file descriptors can no longer grow larger than the
+  FD_SETSIZE value. (BZ#665549)
+  
+  * A libvirt race condition was found. An array in the libvirt event
+  handlers was accessed with a lock temporarily released. In rare cases, if
+  one thread attempted to access this array but a second thread reallocated
+  the array before the first thread reacquired a lock, it could lead to the
+  first thread attempting to access freed memory, potentially causing libvirt
+  to crash. With this update libvirt no longer refers to the old array and,
+  consequently, behaves as expected. (BZ#671569)
+  
+  * Guests connected to a passthrough NIC would kernel panic if a
+  system_reset signal was sent through the QEMU monitor. With this update you
+  can reset such guests as expected. (BZ#689880)
+  
+  * When using the Xen kernel, the rpmbuild command failed on the xencapstest
+  test. With this update you can run rpmbuild successfully when using the Xen
+  kernel. (BZ#690459)
+  
+  * When a disk was hot unplugged, &quot;ret &gt;= 0&quot; was passed to the qemuAuditDisk
+  calls in disk hotunplug operations before ret was, in fact, set to 0. As
+  well, the error path jumped to the &quot;cleanup&q ... 
+
+  Description truncated, for more information please check the Reference URL
+
+  Affected Software/OS:
+  libvirt on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017880.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of libvirt");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"libvirt", rpm:"libvirt~0.8.2~22.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"libvirt-devel", rpm:"libvirt-devel~0.8.2~22.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"libvirt-python", rpm:"libvirt-python~0.8.2~22.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1065_kernel_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1065_kernel_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1065_kernel_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,169 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for kernel CESA-2011:1065 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(880988);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"4.9");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_xref(name: "CESA", value: "2011:1065");
+  script_cve_id("CVE-2011-1780", "CVE-2011-2525", "CVE-2011-2689");
+  script_name("CentOS Update for kernel CESA-2011:1065 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  The kernel packages contain the Linux kernel, the core of any Linux
+  operating system.
+  
+  This update fixes the following security issues:
+  
+  * A flaw was found in the way the Xen hypervisor implementation handled
+  instruction emulation during virtual machine exits. A malicious user-space
+  process running in an SMP guest could trick the emulator into reading a
+  different instruction than the one that caused the virtual machine to exit.
+  An unprivileged guest user could trigger this flaw to crash the host. This
+  only affects systems with both an AMD x86 processor and the AMD
+  Virtualization (AMD-V) extensions enabled. (CVE-2011-1780, Important)
+  
+  * A flaw allowed the tc_fill_qdisc() function in the Linux kernel's packet
+  scheduler API implementation to be called on built-in qdisc structures. A
+  local, unprivileged user could use this flaw to trigger a NULL pointer
+  dereference, resulting in a denial of service. (CVE-2011-2525, Moderate)
+  
+  * A flaw was found in the way space was allocated in the Linux kernel's
+  Global File System 2 (GFS2) implementation. If the file system was almost
+  full, and a local, unprivileged user made an fallocate() request, it could
+  result in a denial of service. Note: Setting quotas to prevent users from
+  using all available disk space would prevent exploitation of this flaw.
+  (CVE-2011-2689, Moderate)
+  
+  These updated kernel packages include a number of bug fixes and
+  enhancements. Space precludes documenting all of these changes in this
+  advisory. Refer to the Red Hat Enterprise Linux 5.7 Technical Notes for
+  information about the most significant bug fixes and enhancements included
+  in this update:
+  https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.7_Technical_Notes/kernel.html#RHSA-2011-1065
+  
+  All Red Hat Enterprise Linux 5 users are advised to install these updated
+  packages, which correct these issues. The system must be rebooted for this
+  update to take effect.
+
+
+  Affected Software/OS:
+  kernel on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017864.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of kernel");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.18~274.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.18~274.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.18~274.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.18~274.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.18~274.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.18~274.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-PAE", rpm:"kernel-PAE~2.6.18~274.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-PAE-devel", rpm:"kernel-PAE-devel~2.6.18~274.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.18~274.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-xen-devel", rpm:"kernel-xen-devel~2.6.18~274.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1073_bash_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1073_bash_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1073_bash_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,130 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for bash CESA-2011:1073 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(880990);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"6.9");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "CESA", value: "2011:1073");
+  script_cve_id("CVE-2008-5374");
+  script_name("CentOS Update for bash CESA-2011:1073 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  Bash is the default shell for Red Hat Enterprise Linux.
+  
+  It was found that certain scripts bundled with the Bash documentation
+  created temporary files in an insecure way. A malicious, local user could
+  use this flaw to conduct a symbolic link attack, allowing them to overwrite
+  the contents of arbitrary files accessible to the victim running the
+  scripts. (CVE-2008-5374)
+  
+  This update fixes the following bugs:
+  
+  * When using the source builtin at location &quot;.&quot;, occasionally, bash
+  opted to preserve internal consistency and abort scripts. This caused
+  bash to abort scripts that assigned values to read-only variables.
+  This is now fixed to ensure that such scripts are now executed as
+  written and not aborted. (BZ#448508)
+  
+  * When the tab key was pressed for auto-completion options for the typed
+  text, the cursor moved to an unexpected position on a previous line if
+  the prompt contained characters that cannot be viewed and a &quot;\]&quot;. This
+  is now fixed to retain the cursor at the expected position at the end of
+  the target line after autocomplete options correctly display. (BZ#463880)
+  
+  * Bash attempted to interpret the NOBITS .dynamic section of the ELF
+  header. This resulted in a &quot;^D: bad ELF interpreter: No such
+  file or directory&quot; message. This is fixed to ensure that the invalid
+  &quot;^D&quot; does not appear in the error message. (BZ#484809)
+  
+  * The $RANDOM variable in Bash carried over values from a previous
+  execution for later jobs. This is fixed and the $RANDOM variable
+  generates a new random number for each use. (BZ#492908)
+  
+  * When Bash ran a shell script with an embedded null character, bash's
+  source builtin parsed the script incorrectly. This is fixed and
+  bash's source builtin correctly parses shell script null characters.
+  (BZ#503701)
+  
+  * The bash manual page for &quot;trap&quot; did not mention that signals ignored upon
+  entry cannot be listed later. The manual page was updated for this update
+  and now specifically notes that &quot;Signals ignored upon entry to the shell
+  cannot be trapped, reset or listed&quot;. (BZ#504904)
+  
+  * Bash's readline incorrectly displayed additional text when resizing
+  the terminal window when text spanned more than one line, which caused
+  incorrect display output. This is now fixed to ensure that text in more
+  than one line in a resized window displays as expected. (BZ#525474)
+  
+  * Previously, bash incorrectly displayed &quot;Broken pipe&quot; messages for
+  builtins like &quot;echo&quot; and &quot;printf&quot; when output did not succeed due to
+  EPIPE. This is fixed t ... 
+
+  Description truncated, for more information please check the Reference URL
+
+  Affected Software/OS:
+  bash on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017760.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of bash");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"bash", rpm:"bash~3.2~32.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1089_systemtap_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1089_systemtap_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1089_systemtap_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,126 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for systemtap CESA-2011:1089 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(880982);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "CESA", value: "2011:1089");
+  script_cve_id("CVE-2011-2503");
+  script_name("CentOS Update for systemtap CESA-2011:1089 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  SystemTap is an instrumentation system for systems running the Linux
+  kernel. The system allows developers to write scripts to collect data on
+  the operation of the system.
+  
+  A race condition flaw was found in the way the staprun utility performed
+  module loading. A local user who is a member of the stapusr group could use
+  this flaw to modify a signed module while it is being loaded, allowing them
+  to escalate their privileges. (CVE-2011-2503)
+  
+  SystemTap users should upgrade to these updated packages, which contain a
+  backported patch to correct this issue.
+
+
+  Affected Software/OS:
+  systemtap on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017996.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of systemtap");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"systemtap", rpm:"systemtap~1.3~9.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"systemtap-client", rpm:"systemtap-client~1.3~9.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"systemtap-initscript", rpm:"systemtap-initscript~1.3~9.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"systemtap-runtime", rpm:"systemtap-runtime~1.3~9.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"systemtap-sdt-devel", rpm:"systemtap-sdt-devel~1.3~9.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"systemtap-server", rpm:"systemtap-server~1.3~9.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"systemtap-testsuite", rpm:"systemtap-testsuite~1.3~9.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1104_libpng_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1104_libpng_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1104_libpng_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,107 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for libpng CESA-2011:1104 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(880989);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "CESA", value: "2011:1104");
+  script_cve_id("CVE-2011-2690", "CVE-2011-2692");
+  script_name("CentOS Update for libpng CESA-2011:1104 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  The libpng packages contain a library of functions for creating and
+  manipulating PNG (Portable Network Graphics) image format files.
+  
+  A buffer overflow flaw was found in the way libpng processed certain PNG
+  image files. An attacker could create a specially-crafted PNG image that,
+  when opened, could cause an application using libpng to crash or,
+  potentially, execute arbitrary code with the privileges of the user running
+  the application. (CVE-2011-2690)
+  
+  Note: The application behavior required to exploit CVE-2011-2690 is rarely
+  used. No application shipped with Red Hat Enterprise Linux behaves this
+  way, for example.
+  
+  An uninitialized memory read issue was found in the way libpng processed
+  certain PNG images that use the Physical Scale (sCAL) extension. An
+  attacker could create a specially-crafted PNG image that, when opened,
+  could cause an application using libpng to crash. (CVE-2011-2692)
+  
+  Users of libpng should upgrade to these updated packages, which contain
+  backported patches to correct these issues. All running applications using
+  libpng must be restarted for the update to take effect.
+
+
+  Affected Software/OS:
+  libpng on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017876.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of libpng");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"libpng", rpm:"libpng~1.2.10~7.1.el5_7.5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"libpng-devel", rpm:"libpng-devel~1.2.10~7.1.el5_7.5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1109_foomatic_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1109_foomatic_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1109_foomatic_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,95 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for foomatic CESA-2011:1109 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(880991);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "CESA", value: "2011:1109");
+  script_cve_id("CVE-2011-2697");
+  script_name("CentOS Update for foomatic CESA-2011:1109 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  Foomatic is a comprehensive, spooler-independent database of printers,
+  printer drivers, and driver descriptions. The package also includes
+  spooler-independent command line interfaces to manipulate queues and to
+  print files and manipulate print jobs. foomatic-rip is a print filter
+  written in Perl.
+  
+  An input sanitization flaw was found in the foomatic-rip print filter. An
+  attacker could submit a print job with the username, title, or job options
+  set to appear as a command line option that caused the filter to use a
+  specified PostScript printer description (PPD) file, rather than the
+  administrator-set one. This could lead to arbitrary code execution with the
+  privileges of the &quot;lp&quot; user. (CVE-2011-2697)
+  
+  All foomatic users should upgrade to this updated package, which contains
+  a backported patch to resolve this issue.
+
+
+  Affected Software/OS:
+  foomatic on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017825.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of foomatic");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"foomatic", rpm:"foomatic~3.0.2~38.3.el5_7.1", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1132_dbus_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1132_dbus_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1132_dbus_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,112 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for dbus CESA-2011:1132 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(880994);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"4.6");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_xref(name: "CESA", value: "2011:1132");
+  script_cve_id("CVE-2011-2200");
+  script_name("CentOS Update for dbus CESA-2011:1132 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  D-Bus is a system for sending messages between applications. It is used for
+  the system-wide message bus service and as a per-user-login-session
+  messaging facility.
+  
+  A denial of service flaw was found in the way the D-Bus library handled
+  endianness conversion when receiving messages. A local user could use this
+  flaw to send a specially-crafted message to dbus-daemon or to a service
+  using the bus, such as Avahi or NetworkManager, possibly causing the
+  daemon to exit or the service to disconnect from the bus. (CVE-2011-2200)
+  
+  All users are advised to upgrade to these updated packages, which contain a
+  backported patch to correct this issue. For the update to take effect, all
+  running instances of dbus-daemon and all running applications using the
+  libdbus library must be restarted, or the system rebooted.
+
+
+  Affected Software/OS:
+  dbus on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017794.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of dbus");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"dbus", rpm:"dbus~1.1.2~16.el5_7", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"dbus-devel", rpm:"dbus-devel~1.1.2~16.el5_7", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"dbus-libs", rpm:"dbus-libs~1.1.2~16.el5_7", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"dbus-x11", rpm:"dbus-x11~1.1.2~16.el5_7", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1154_libXfont_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1154_libXfont_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1154_libXfont_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,98 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for libXfont CESA-2011:1154 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(880993);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"9.3");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_xref(name: "CESA", value: "2011:1154");
+  script_cve_id("CVE-2011-2895");
+  script_name("CentOS Update for libXfont CESA-2011:1154 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  The libXfont packages provide the X.Org libXfont runtime library. X.Org is
+  an open source implementation of the X Window System.
+  
+  A buffer overflow flaw was found in the way the libXfont library, used by
+  the X.Org server, handled malformed font files compressed using UNIX
+  compress. A malicious, local user could exploit this issue to potentially
+  execute arbitrary code with the privileges of the X.Org server.
+  (CVE-2011-2895)
+  
+  Users of libXfont should upgrade to these updated packages, which contain a
+  backported patch to resolve this issue. All running X.Org server instances
+  must be restarted for the update to take effect.
+
+
+  Affected Software/OS:
+  libXfont on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017882.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of libXfont");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"libXfont", rpm:"libXfont~1.2.2~1.0.4.el5_7", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"libXfont-devel", rpm:"libXfont-devel~1.2.2~1.0.4.el5_7", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1160_dhclient_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1160_dhclient_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1160_dhclient_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,117 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for dhclient CESA-2011:1160 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(881001);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"7.8");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "CESA", value: "2011:1160");
+  script_cve_id("CVE-2011-2748", "CVE-2011-2749");
+  script_name("CentOS Update for dhclient CESA-2011:1160 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows
+  individual devices on an IP network to get their own network configuration
+  information, including an IP address, a subnet mask, and a broadcast
+  address.
+  
+  Two denial of service flaws were found in the way the dhcpd daemon handled
+  certain incomplete request packets. A remote attacker could use these flaws
+  to crash dhcpd via a specially-crafted request. (CVE-2011-2748,
+  CVE-2011-2749)
+  
+  Users of DHCP should upgrade to these updated packages, which contain a
+  backported patch to correct these issues. After installing this update, all
+  DHCP servers will be restarted automatically.
+
+
+  Affected Software/OS:
+  dhclient on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017851.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of dhclient");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"dhclient", rpm:"dhclient~3.0.5~29.el5_7.1", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"dhcp", rpm:"dhcp~3.0.5~29.el5_7.1", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"dhcp-devel", rpm:"dhcp-devel~3.0.5~29.el5_7.1", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"libdhcp4client", rpm:"libdhcp4client~3.0.5~29.el5_7.1", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"libdhcp4client-devel", rpm:"libdhcp4client-devel~3.0.5~29.el5_7.1", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1164_firefox_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1164_firefox_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1164_firefox_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,118 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for firefox CESA-2011:1164 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(880979);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"10.0");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_xref(name: "CESA", value: "2011:1164");
+  script_cve_id("CVE-2011-0084", "CVE-2011-2378", "CVE-2011-2981", "CVE-2011-2982", "CVE-2011-2983", "CVE-2011-2984");
+  script_name("CentOS Update for firefox CESA-2011:1164 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  Mozilla Firefox is an open source web browser. XULRunner provides the XUL
+  Runtime environment for Mozilla Firefox.
+  
+  Several flaws were found in the processing of malformed web content. A web
+  page containing malicious content could cause Firefox to crash or,
+  potentially, execute arbitrary code with the privileges of the user running
+  Firefox. (CVE-2011-2982)
+  
+  A dangling pointer flaw was found in the Firefox Scalable Vector Graphics
+  (SVG) text manipulation routine. A web page containing a malicious SVG
+  image could cause Firefox to crash or, potentially, execute arbitrary code
+  with the privileges of the user running Firefox. (CVE-2011-0084)
+  
+  A dangling pointer flaw was found in the way Firefox handled a certain
+  Document Object Model (DOM) element. A web page containing malicious
+  content could cause Firefox to crash or, potentially, execute arbitrary
+  code with the privileges of the user running Firefox. (CVE-2011-2378)
+  
+  A flaw was found in the event management code in Firefox. A website
+  containing malicious JavaScript could cause Firefox to execute that
+  JavaScript with the privileges of the user running Firefox. (CVE-2011-2981)
+  
+  A flaw was found in the way Firefox handled malformed JavaScript. A web
+  page containing malicious JavaScript could cause Firefox to access already
+  freed memory, causing Firefox to crash or, potentially, execute arbitrary
+  code with the privileges of the user running Firefox. (CVE-2011-2983)
+  
+  It was found that a malicious web page could execute arbitrary code with
+  the privileges of the user running Firefox if the user dropped a tab onto
+  the malicious web page. (CVE-2011-2984)
+  
+  For technical details regarding these flaws, refer to the Mozilla security
+  advisories for Firefox 3.6.20. You can find a link to the Mozilla
+  advisories in the References section of this erratum.
+  
+  All Firefox users should upgrade to these updated packages, which contain
+  Firefox version 3.6.20, which corrects these issues. After installing the
+  update, Firefox must be restarted for the changes to take effect.
+
+
+  Affected Software/OS:
+  firefox on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017821.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of firefox");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"firefox", rpm:"firefox~3.6.20~2.el5.centos", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1164_xulrunner_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1164_xulrunner_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1164_xulrunner_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,124 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for xulrunner CESA-2011:1164 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(881006);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"10.0");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_xref(name: "CESA", value: "2011:1164");
+  script_cve_id("CVE-2011-0084", "CVE-2011-2378", "CVE-2011-2981", "CVE-2011-2982", "CVE-2011-2983", "CVE-2011-2984");
+  script_name("CentOS Update for xulrunner CESA-2011:1164 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  Mozilla Firefox is an open source web browser. XULRunner provides the XUL
+  Runtime environment for Mozilla Firefox.
+  
+  Several flaws were found in the processing of malformed web content. A web
+  page containing malicious content could cause Firefox to crash or,
+  potentially, execute arbitrary code with the privileges of the user running
+  Firefox. (CVE-2011-2982)
+  
+  A dangling pointer flaw was found in the Firefox Scalable Vector Graphics
+  (SVG) text manipulation routine. A web page containing a malicious SVG
+  image could cause Firefox to crash or, potentially, execute arbitrary code
+  with the privileges of the user running Firefox. (CVE-2011-0084)
+  
+  A dangling pointer flaw was found in the way Firefox handled a certain
+  Document Object Model (DOM) element. A web page containing malicious
+  content could cause Firefox to crash or, potentially, execute arbitrary
+  code with the privileges of the user running Firefox. (CVE-2011-2378)
+  
+  A flaw was found in the event management code in Firefox. A website
+  containing malicious JavaScript could cause Firefox to execute that
+  JavaScript with the privileges of the user running Firefox. (CVE-2011-2981)
+  
+  A flaw was found in the way Firefox handled malformed JavaScript. A web
+  page containing malicious JavaScript could cause Firefox to access already
+  freed memory, causing Firefox to crash or, potentially, execute arbitrary
+  code with the privileges of the user running Firefox. (CVE-2011-2983)
+  
+  It was found that a malicious web page could execute arbitrary code with
+  the privileges of the user running Firefox if the user dropped a tab onto
+  the malicious web page. (CVE-2011-2984)
+  
+  For technical details regarding these flaws, refer to the Mozilla security
+  advisories for Firefox 3.6.20. You can find a link to the Mozilla
+  advisories in the References section of this erratum.
+  
+  All Firefox users should upgrade to these updated packages, which contain
+  Firefox version 3.6.20, which corrects these issues. After installing the
+  update, Firefox must be restarted for the changes to take effect.
+
+
+  Affected Software/OS:
+  xulrunner on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/018054.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of xulrunner");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"xulrunner", rpm:"xulrunner~1.9.2.20~2.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"xulrunner-devel", rpm:"xulrunner-devel~1.9.2.20~2.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1165_thunderbird_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1165_thunderbird_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1165_thunderbird_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,98 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for thunderbird CESA-2011:1165 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(881003);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"10.0");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_xref(name: "CESA", value: "2011:1165");
+  script_cve_id("CVE-2011-2982", "CVE-2011-2983");
+  script_name("CentOS Update for thunderbird CESA-2011:1165 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  Mozilla Thunderbird is a standalone mail and newsgroup client.
+  
+  Several flaws were found in the processing of malformed HTML content.
+  Malicious HTML content could cause Thunderbird to crash or, potentially,
+  execute arbitrary code with the privileges of the user running
+  Thunderbird. (CVE-2011-2982)
+  
+  A flaw was found in the way Thunderbird handled malformed JavaScript.
+  Malicious content could cause Thunderbird to access already freed memory,
+  causing Thunderbird to crash or, potentially, execute arbitrary code with
+  the privileges of the user running Thunderbird. (CVE-2011-2983)
+  
+  Note: This update disables support for Scalable Vector Graphics (SVG)
+  images in Thunderbird on Red Hat Enterprise Linux 5.
+  
+  All Thunderbird users should upgrade to this updated package, which
+  resolves these issues. All running instances of Thunderbird must be
+  restarted for the update to take effect.
+
+
+  Affected Software/OS:
+  thunderbird on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/018006.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of thunderbird");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"thunderbird", rpm:"thunderbird~2.0.0.24~21.el5.centos", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1187_dovecot_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1187_dovecot_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1187_dovecot_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,93 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for dovecot CESA-2011:1187 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(880980);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"5.0");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_xref(name: "CESA", value: "2011:1187");
+  script_cve_id("CVE-2011-1929");
+  script_name("CentOS Update for dovecot CESA-2011:1187 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  Dovecot is an IMAP server for Linux, UNIX, and similar operating systems,
+  primarily written with security in mind.
+  
+  A denial of service flaw was found in the way Dovecot handled NULL
+  characters in certain header names. A mail message with specially-crafted
+  headers could cause the Dovecot child process handling the target user's
+  connection to crash, blocking them from downloading the message
+  successfully and possibly leading to the corruption of their mailbox.
+  (CVE-2011-1929)
+  
+  Users of dovecot are advised to upgrade to these updated packages, which
+  contain a backported patch to resolve this issue. After installing the
+  updated packages, the dovecot service will be restarted automatically.
+
+
+  Affected Software/OS:
+  dovecot on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017807.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of dovecot");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"dovecot", rpm:"dovecot~1.0.7~7.el5_7.1", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1196_system-config-printer_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1196_system-config-printer_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1196_system-config-printer_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,98 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for system-config-printer CESA-2011:1196 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(881008);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"5.1");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "CESA", value: "2011:1196");
+  script_cve_id("CVE-2011-2899");
+  script_name("CentOS Update for system-config-printer CESA-2011:1196 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  system-config-printer is a print queue configuration tool with a graphical
+  user interface.
+  
+  It was found that system-config-printer did not properly sanitize NetBIOS
+  and workgroup names when searching for network printers. A remote attacker
+  could use this flaw to execute arbitrary code with the privileges of the
+  user running system-config-printer. (CVE-2011-2899)
+  
+  All users of system-config-printer are advised to upgrade to these updated
+  packages, which contain a backported patch to resolve this issue. Running
+  instances of system-config-printer must be restarted for this update to
+  take effect.
+
+
+  Affected Software/OS:
+  system-config-printer on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017991.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of system-config-printer");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"system-config-printer", rpm:"system-config-printer~0.7.32.10~1.el5_7.1", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"system-config-printer-libs", rpm:"system-config-printer-libs~0.7.32.10~1.el5_7.1", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1212_kernel_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1212_kernel_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1212_kernel_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,183 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for kernel CESA-2011:1212 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(880995);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "CESA", value: "2011:1212");
+  script_cve_id("CVE-2011-2482", "CVE-2011-2491", "CVE-2011-2495", "CVE-2011-2517", "CVE-2011-2519", "CVE-2011-2901");
+  script_name("CentOS Update for kernel CESA-2011:1212 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  The kernel packages contain the Linux kernel, the core of any Linux
+  operating system.
+  
+  This update fixes the following security issues:
+  
+  * A NULL pointer dereference flaw was found in the Linux kernel's Stream
+  Control Transmission Protocol (SCTP) implementation. A remote attacker
+  could send a specially-crafted SCTP packet to a target system, resulting in
+  a denial of service. (CVE-2011-2482, Important)
+  
+  * A flaw in the Linux kernel's client-side NFS Lock Manager (NLM)
+  implementation could allow a local, unprivileged user to cause a denial of
+  service. (CVE-2011-2491, Important)
+  
+  * Buffer overflow flaws in the Linux kernel's netlink-based wireless
+  configuration interface implementation could allow a local user, who has
+  the CAP_NET_ADMIN capability, to cause a denial of service or escalate
+  their privileges on systems that have an active wireless interface.
+  (CVE-2011-2517, Important)
+  
+  * A flaw was found in the way the Linux kernel's Xen hypervisor
+  implementation emulated the SAHF instruction. When using a
+  fully-virtualized guest on a host that does not use hardware assisted
+  paging (HAP), such as those running CPUs that do not have support for (or
+  those that have it disabled) Intel Extended Page Tables (EPT) or AMD
+  Virtualization (AMD-V) Rapid Virtualization Indexing (RVI), a privileged
+  guest user could trigger this flaw to cause the hypervisor to crash.
+  (CVE-2011-2519, Moderate)
+  
+  * An off-by-one flaw was found in the __addr_ok() macro in the Linux
+  kernel's Xen hypervisor implementation when running on 64-bit systems. A
+  privileged guest user could trigger this flaw to cause the hypervisor to
+  crash. (CVE-2011-2901, Moderate)
+  
+  * /proc/[PID]/io is world-readable by default. Previously, these files
+  could be read without any further restrictions. A local, unprivileged user
+  could read these files, belonging to other, possibly privileged processes
+  to gather confidential information, such as the length of a password used
+  in a process. (CVE-2011-2495, Low)
+  
+  Red Hat would like to thank Vasily Averin for reporting CVE-2011-2491, and
+  Vasiliy Kulikov of Openwall for reporting CVE-2011-2495.
+  
+  This update also fixes several bugs. Documentation for these bug fixes will
+  be available shortly from the Technical Notes document linked to in the
+  References section.
+  
+  Users should upgrade to these updated packages, which contain backported
+  patches to correct these issues, and fix the bugs noted in the Technical
+  Notes. The system must be rebooted for this update to take effect.
+
+
+  Affected Software/OS:
+  kernel on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017862.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of kernel");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.18~274.3.1.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.18~274.3.1.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.18~274.3.1.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.18~274.3.1.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.18~274.3.1.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.18~274.3.1.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-PAE", rpm:"kernel-PAE~2.6.18~274.3.1.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-PAE-devel", rpm:"kernel-PAE-devel~2.6.18~274.3.1.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.18~274.3.1.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-xen-devel", rpm:"kernel-xen-devel~2.6.18~274.3.1.el5", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1219_libsmbclient_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1219_libsmbclient_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1219_libsmbclient_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,158 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for libsmbclient CESA-2011:1219 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(880981);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "CESA", value: "2011:1219");
+  script_cve_id("CVE-2010-0547", "CVE-2010-0787", "CVE-2011-1678", "CVE-2011-2522", "CVE-2011-2694");
+  script_name("CentOS Update for libsmbclient CESA-2011:1219 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  Samba is a suite of programs used by machines to share files, printers, and
+  other information.
+  
+  A cross-site scripting (XSS) flaw was found in the password change page of
+  the Samba Web Administration Tool (SWAT). If a remote attacker could trick
+  a user, who was logged into the SWAT interface, into visiting a
+  specially-crafted URL, it would lead to arbitrary web script execution in
+  the context of the user's SWAT session. (CVE-2011-2694)
+  
+  It was found that SWAT web pages did not protect against Cross-Site
+  Request Forgery (CSRF) attacks. If a remote attacker could trick a user,
+  who was logged into the SWAT interface, into visiting a specially-crafted
+  URL, the attacker could perform Samba configuration changes with the
+  privileges of the logged in user. (CVE-2011-2522)
+  
+  A race condition flaw was found in the way the mount.cifs tool mounted CIFS
+  (Common Internet File System) shares. If mount.cifs had the setuid bit set,
+  a local attacker could conduct a symbolic link attack to trick mount.cifs
+  into mounting a share over an arbitrary directory they were otherwise not
+  allowed to mount to, possibly allowing them to escalate their privileges.
+  (CVE-2010-0787)
+  
+  It was found that the mount.cifs tool did not properly handle share or
+  directory names containing a newline character. If mount.cifs had the
+  setuid bit set, a local attacker could corrupt the mtab (mounted file
+  systems table) file via a specially-crafted CIFS share mount request.
+  (CVE-2010-0547)
+  
+  It was found that the mount.cifs tool did not handle certain errors
+  correctly when updating the mtab file. If mount.cifs had the setuid bit
+  set, a local attacker could corrupt the mtab file by setting a small file
+  size limit before running mount.cifs. (CVE-2011-1678)
+  
+  Note: mount.cifs from the samba packages distributed by Red Hat does not
+  have the setuid bit set. We recommend that administrators do not manually
+  set the setuid bit for mount.cifs.
+  
+  Red Hat would like to thank the Samba project for reporting CVE-2011-2694
+  and CVE-2011-2522; the Debian Security Team for reporting CVE-2010-0787;
+  and Dan Rosenberg for reporting CVE-2011-1678. Upstream acknowledges
+  Nobuhiro Tsuji of NTT DATA Security Corporation as the original reporter of
+  CVE-2011-2694; Yoshihiro Ishikawa of LAC Co., Ltd. as the original reporter
+  of CVE-2011-2522; and the Debian Security Team acknowledges Ronald Volgers
+  as the original reporter of CVE-2010-0787.
+  
+  Users of Samba are advised to upgrade to these updated packages, which
+  contain backported patches to resolve these issues. After installing this
+  update, the smb service will be restarted automatically.
+
+
+  Affected Software/OS:
+  libsmbclient on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017966.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of libsmbclient");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"libsmbclient", rpm:"libsmbclient~3.0.33~3.29.el5_7.4", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"libsmbclient-devel", rpm:"libsmbclient-devel~3.0.33~3.29.el5_7.4", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"samba", rpm:"samba~3.0.33~3.29.el5_7.4", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"samba-client", rpm:"samba-client~3.0.33~3.29.el5_7.4", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"samba-common", rpm:"samba-common~3.0.33~3.29.el5_7.4", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"samba-swat", rpm:"samba-swat~3.0.33~3.29.el5_7.4", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1220_samba3x_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1220_samba3x_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1220_samba3x_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,162 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for samba3x CESA-2011:1220 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(880985);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "CESA", value: "2011:1220");
+  script_cve_id("CVE-2011-1678", "CVE-2011-2522", "CVE-2011-2694", "CVE-2011-2724", "CVE-2010-0547");
+  script_name("CentOS Update for samba3x CESA-2011:1220 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  Samba is a suite of programs used by machines to share files, printers, and
+  other information.
+  
+  A cross-site scripting (XSS) flaw was found in the password change page of
+  the Samba Web Administration Tool (SWAT). If a remote attacker could trick
+  a user, who was logged into the SWAT interface, into visiting a
+  specially-crafted URL, it would lead to arbitrary web script execution in
+  the context of the user's SWAT session. (CVE-2011-2694)
+  
+  It was found that SWAT web pages did not protect against Cross-Site
+  Request Forgery (CSRF) attacks. If a remote attacker could trick a user,
+  who was logged into the SWAT interface, into visiting a specially-crafted
+  URL, the attacker could perform Samba configuration changes with the
+  privileges of the logged in user. (CVE-2011-2522)
+  
+  It was found that the fix for CVE-2010-0547, provided by the Samba rebase
+  in RHBA-2011:0054, was incomplete. The mount.cifs tool did not properly
+  handle share or directory names containing a newline character, allowing a
+  local attacker to corrupt the mtab (mounted file systems table) file via a
+  specially-crafted CIFS (Common Internet File System) share mount request,
+  if mount.cifs had the setuid bit set. (CVE-2011-2724)
+  
+  It was found that the mount.cifs tool did not handle certain errors
+  correctly when updating the mtab file. If mount.cifs had the setuid bit
+  set, a local attacker could corrupt the mtab file by setting a small file
+  size limit before running mount.cifs. (CVE-2011-1678)
+  
+  Note: mount.cifs from the samba3x packages distributed by Red Hat does not
+  have the setuid bit set. We recommend that administrators do not manually
+  set the setuid bit for mount.cifs.
+  
+  Red Hat would like to thank the Samba project for reporting CVE-2011-2694
+  and CVE-2011-2522, and Dan Rosenberg for reporting CVE-2011-1678. Upstream
+  acknowledges Nobuhiro Tsuji of NTT DATA Security Corporation as the
+  original reporter of CVE-2011-2694, and Yoshihiro Ishikawa of LAC Co., Ltd.
+  as the original reporter of CVE-2011-2522.
+  
+  Users of Samba are advised to upgrade to these updated packages, which
+  contain backported patches to resolve these issues. After installing this
+  update, the smb service will be restarted automatically.
+
+
+  Affected Software/OS:
+  samba3x on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017970.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of samba3x");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"samba3x", rpm:"samba3x~3.5.4~0.83.el5_7.2", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"samba3x-client", rpm:"samba3x-client~3.5.4~0.83.el5_7.2", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"samba3x-common", rpm:"samba3x-common~3.5.4~0.83.el5_7.2", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"samba3x-doc", rpm:"samba3x-doc~3.5.4~0.83.el5_7.2", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"samba3x-domainjoin-gui", rpm:"samba3x-domainjoin-gui~3.5.4~0.83.el5_7.2", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"samba3x-swat", rpm:"samba3x-swat~3.5.4~0.83.el5_7.2", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"samba3x-winbind", rpm:"samba3x-winbind~3.5.4~0.83.el5_7.2", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"samba3x-winbind-devel", rpm:"samba3x-winbind-devel~3.5.4~0.83.el5_7.2", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1241_ecryptfs-utils-75-5.el5__centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1241_ecryptfs-utils-75-5.el5__centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1241_ecryptfs-utils-75-5.el5__centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,141 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for ecryptfs-utils-75-5.el5_ CESA-2011:1241 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(880998);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "CESA", value: "2011:1241");
+  script_cve_id("CVE-2011-1831", "CVE-2011-1832", "CVE-2011-1834", "CVE-2011-1835", "CVE-2011-1837", "CVE-2011-3145", "CVE-2011-1833");
+  script_name("CentOS Update for ecryptfs-utils-75-5.el5_ CESA-2011:1241 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  eCryptfs is a stacked, cryptographic file system. It is transparent to the
+  underlying file system and provides per-file granularity. eCryptfs is
+  released as a Technology Preview for Red Hat Enterprise Linux 5 and 6.
+  
+  The setuid mount.ecryptfs_private utility allows users to mount an eCryptfs
+  file system. This utility can only be run by users in the &quot;ecryptfs&quot; group.
+  
+  A race condition flaw was found in the way mount.ecryptfs_private checked
+  the permissions of a requested mount point when mounting an encrypted file
+  system. A local attacker could possibly use this flaw to escalate their
+  privileges by mounting over an arbitrary directory. (CVE-2011-1831)
+  
+  A race condition flaw in umount.ecryptfs_private could allow a local
+  attacker to unmount an arbitrary file system. (CVE-2011-1832)
+  
+  It was found that mount.ecryptfs_private did not handle certain errors
+  correctly when updating the mtab (mounted file systems table) file,
+  allowing a local attacker to corrupt the mtab file and possibly unmount an
+  arbitrary file system. (CVE-2011-1834)
+  
+  An insecure temporary file use flaw was found in the ecryptfs-setup-private
+  script. A local attacker could use this script to insert their own key that
+  will subsequently be used by a new user, possibly giving the attacker
+  access to the user's encrypted data if existing file permissions allow
+  access. (CVE-2011-1835)
+  
+  A race condition flaw in mount.ecryptfs_private could allow a local
+  attacker to overwrite arbitrary files. (CVE-2011-1837)
+  
+  A race condition flaw in the way temporary files were accessed in
+  mount.ecryptfs_private could allow a malicious, local user to make
+  arbitrary modifications to the mtab file. (CVE-2011-3145)
+  
+  A race condition flaw was found in the way mount.ecryptfs_private checked
+  the permissions of the directory to mount. A local attacker could use this
+  flaw to mount (and then access) a directory they would otherwise not have
+  access to. Note: The fix for this issue is incomplete until a kernel-space
+  change is made. Future Red Hat Enterprise Linux 5 and 6 kernel updates
+  will correct this issue. (CVE-2011-1833)
+  
+  Red Hat would like to thank the Ubuntu Security Team for reporting these
+  issues. The Ubuntu Security Team acknowledges Vasiliy Kulikov of Openwall
+  and Dan Rosenberg as the original reporters of CVE-2011-1831,
+  CVE-2011-1832, and CVE-2011-1833; Dan Rosenberg and Marc Deslauriers as the
+  original reporters of CVE-2011-1834; Marc Deslauriers as the original
+  reporter of CVE-2011-1835; and Vasiliy Kulikov of Openwall as the original
+  reporter of CVE-2011-1837.
+  
+  Users of ecryptfs-utils are advised to upgrade to these updated packages,
+  which contain backported patches to correct these issues.
+
+
+  Affected Software/OS:
+  ecryptfs-utils-75-5.el5_ on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017811.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of ecryptfs-utils");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"ecryptfs-utils", rpm:"ecryptfs-utils~75-5.el5~7.2", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"ecryptfs-utils-devel", rpm:"ecryptfs-utils-devel~75-5.el5~7.2", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"ecryptfs-utils-gui", rpm:"ecryptfs-utils-gui~75-5.el5~7.2", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1242_xulrunner_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1242_xulrunner_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1242_xulrunner_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,97 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for xulrunner CESA-2011:1242 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(880986);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "CESA", value: "2011:1242");
+  script_name("CentOS Update for xulrunner CESA-2011:1242 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  Mozilla Firefox is an open source web browser. XULRunner provides the XUL
+  Runtime environment for Mozilla Firefox.
+  
+  It was found that a Certificate Authority (CA) issued a fraudulent HTTPS
+  certificate. This update renders any HTTPS certificates signed by that
+  CA as untrusted, except for a select few. The now untrusted certificates
+  that were issued before July 1, 2011 can be manually re-enabled and used
+  again at your own risk in Firefox; however, affected certificates issued
+  after this date cannot be re-enabled or used. (BZ#734316)
+  
+  All Firefox users should upgrade to these updated packages, which contain
+  a backported patch. After installing the update, Firefox must be restarted
+  for the changes to take effect.
+
+
+  Affected Software/OS:
+  xulrunner on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/018056.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of xulrunner");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"xulrunner", rpm:"xulrunner~1.9.2.20~3.el5_7", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"xulrunner-devel", rpm:"xulrunner-devel~1.9.2.20~3.el5_7", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1243_thunderbird_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1243_thunderbird_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1243_thunderbird_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,90 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for thunderbird CESA-2011:1243 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(881005);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "CESA", value: "2011:1243");
+  script_name("CentOS Update for thunderbird CESA-2011:1243 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  Mozilla Thunderbird is a standalone mail and newsgroup client.
+  
+  It was found that a Certificate Authority (CA) issued a fraudulent HTTPS
+  certificate. This update renders any HTTPS certificates signed by that
+  CA as untrusted, except for a select few. The now untrusted certificates
+  that were issued before July 1, 2011 can be manually re-enabled and used
+  again at your own risk in Thunderbird; however, affected certificates
+  issued after this date cannot be re-enabled or used. (BZ#734316)
+  
+  All Thunderbird users should upgrade to this updated package, which
+  resolves this issue. All running instances of Thunderbird must be
+  restarted for the update to take effect.
+
+
+  Affected Software/OS:
+  thunderbird on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/018008.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of thunderbird");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"thunderbird", rpm:"thunderbird~2.0.0.24~24.el5.centos", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1267_thunderbird_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1267_thunderbird_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1267_thunderbird_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,88 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for thunderbird CESA-2011:1267 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(880992);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "CESA", value: "2011:1267");
+  script_name("CentOS Update for thunderbird CESA-2011:1267 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  Mozilla Thunderbird is a standalone mail and newsgroup client.
+  
+  The RHSA-2011:1243 Thunderbird update rendered HTTPS certificates signed by
+  a certain Certificate Authority (CA) as untrusted, but made an exception
+  for a select few. This update removes that exception, rendering every HTTPS
+  certificate signed by that CA as untrusted. (BZ#735483)
+  
+  All Thunderbird users should upgrade to this updated package, which
+  resolves this issue. All running instances of Thunderbird must be
+  restarted for the update to take effect.
+
+
+  Affected Software/OS:
+  thunderbird on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/018044.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of thunderbird");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"thunderbird", rpm:"thunderbird~2.0.0.24~25.el5.centos", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1268_xulrunner_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1268_xulrunner_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1268_xulrunner_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,95 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for xulrunner CESA-2011:1268 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(881010);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "CESA", value: "2011:1268");
+  script_name("CentOS Update for xulrunner CESA-2011:1268 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  Mozilla Firefox is an open source web browser. XULRunner provides the XUL
+  Runtime environment for Mozilla Firefox.
+  
+  The RHSA-2011:1242 Firefox update rendered HTTPS certificates signed by a
+  certain Certificate Authority (CA) as untrusted, but made an exception for
+  a select few. This update removes that exception, rendering every HTTPS
+  certificate signed by that CA as untrusted. (BZ#735483)
+  
+  All Firefox users should upgrade to these updated packages, which contain
+  Firefox version 3.6.22. After installing the update, Firefox must be
+  restarted for the changes to take effect.
+
+
+  Affected Software/OS:
+  xulrunner on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/018058.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of xulrunner");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"xulrunner", rpm:"xulrunner~1.9.2.22~1.el5_7", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"xulrunner-devel", rpm:"xulrunner-devel~1.9.2.22~1.el5_7", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1282_nspr_centos4_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1282_nspr_centos4_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1282_nspr_centos4_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,126 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for nspr CESA-2011:1282 centos4 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(881011);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "CESA", value: "2011:1282");
+  script_name("CentOS Update for nspr CESA-2011:1282 centos4 i386");
+  desc = "
+
+  Vulnerability Insight:
+  Network Security Services (NSS) is a set of libraries designed to support
+  the cross-platform development of security-enabled client and server
+  applications.
+  
+  Netscape Portable Runtime (NSPR) provides platform independence for non-GUI
+  operating system facilities.
+  
+  It was found that a Certificate Authority (CA) issued fraudulent HTTPS
+  certificates. This update renders any HTTPS certificates signed by that CA
+  as untrusted. This covers all uses of the certificates, including SSL,
+  S/MIME, and code signing. (BZ#734316)
+  
+  Note: This fix only applies to applications using the NSS Builtin Object
+  Token. It does not render the certificates untrusted for applications that
+  use the NSS library, but do not use the NSS Builtin Object Token.
+  
+  These updated packages upgrade NSS to version 3.12.10 on Red Hat Enterprise
+  Linux 4 and 5. As well, they upgrade NSPR to version 4.8.8 on Red Hat
+  Enterprise Linux 4 and 5, as required by the NSS update. The packages for
+  Red Hat Enterprise Linux 6 include a backported patch.
+  
+  All NSS and NSPR users should upgrade to these updated packages, which
+  correct this issue. After installing the update, applications using NSS and
+  NSPR must be restarted for the changes to take effect.
+
+
+  Affected Software/OS:
+  nspr on CentOS 4
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/018068.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of nspr");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS4")
+{
+
+  if(isrpmvuln(pkg:"nspr", rpm:"nspr~4.8.8~1.el4", rls:"CentOS4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"nspr-devel", rpm:"nspr-devel~4.8.8~1.el4", rls:"CentOS4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"nss", rpm:"nss~3.12.10~4.el4", rls:"CentOS4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"nss-devel", rpm:"nss-devel~3.12.10~4.el4", rls:"CentOS4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"nss-tools", rpm:"nss-tools~3.12.10~4.el4", rls:"CentOS4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1282_nspr_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1282_nspr_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1282_nspr_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,108 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for nspr CESA-2011:1282 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(880984);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "CESA", value: "2011:1282");
+  script_name("CentOS Update for nspr CESA-2011:1282 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  Network Security Services (NSS) is a set of libraries designed to support
+  the cross-platform development of security-enabled client and server
+  applications.
+  
+  Netscape Portable Runtime (NSPR) provides platform independence for non-GUI
+  operating system facilities.
+  
+  It was found that a Certificate Authority (CA) issued fraudulent HTTPS
+  certificates. This update renders any HTTPS certificates signed by that CA
+  as untrusted. This covers all uses of the certificates, including SSL,
+  S/MIME, and code signing. (BZ#734316)
+  
+  Note: This fix only applies to applications using the NSS Builtin Object
+  Token. It does not render the certificates untrusted for applications that
+  use the NSS library, but do not use the NSS Builtin Object Token.
+  
+  These updated packages upgrade NSS to version 3.12.10 on Red Hat Enterprise
+  Linux 4 and 5. As well, they upgrade NSPR to version 4.8.8 on Red Hat
+  Enterprise Linux 4 and 5, as required by the NSS update. The packages for
+  Red Hat Enterprise Linux 6 include a backported patch.
+  
+  All NSS and NSPR users should upgrade to these updated packages, which
+  correct this issue. After installing the update, applications using NSS and
+  NSPR must be restarted for the changes to take effect.
+
+
+  Affected Software/OS:
+  nspr on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017913.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of nspr");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"nspr", rpm:"nspr~4.8.8~1.el5_7", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"nspr-devel", rpm:"nspr-devel~4.8.8~1.el5_7", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1317_cyrus-imapd_centos4_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1317_cyrus-imapd_centos4_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1317_cyrus-imapd_centos4_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,123 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for cyrus-imapd CESA-2011:1317 centos4 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(880978);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "CESA", value: "2011:1317");
+  script_cve_id("CVE-2011-3208");
+  script_name("CentOS Update for cyrus-imapd CESA-2011:1317 centos4 i386");
+  desc = "
+
+  Vulnerability Insight:
+  The cyrus-imapd packages contain a high-performance mail server with IMAP,
+  POP3, NNTP, and Sieve support.
+  
+  A buffer overflow flaw was found in the cyrus-imapd NNTP server, nntpd. A
+  remote user able to use the nntpd service could use this flaw to crash the
+  nntpd child process or, possibly, execute arbitrary code with the
+  privileges of the cyrus user. (CVE-2011-3208)
+  
+  Red Hat would like to thank Greg Banks for reporting this issue.
+  
+  Users of cyrus-imapd are advised to upgrade to these updated packages,
+  which contain a backported patch to correct this issue. After installing
+  the update, cyrus-imapd will be restarted automatically.
+
+
+  Affected Software/OS:
+  cyrus-imapd on CentOS 4
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/018066.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of cyrus-imapd");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS4")
+{
+
+  if(isrpmvuln(pkg:"cyrus-imapd", rpm:"cyrus-imapd~2.2.12~16.el4", rls:"CentOS4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"cyrus-imapd-devel", rpm:"cyrus-imapd-devel~2.2.12~16.el4", rls:"CentOS4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"cyrus-imapd-murder", rpm:"cyrus-imapd-murder~2.2.12~16.el4", rls:"CentOS4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"cyrus-imapd-nntp", rpm:"cyrus-imapd-nntp~2.2.12~16.el4", rls:"CentOS4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"cyrus-imapd-utils", rpm:"cyrus-imapd-utils~2.2.12~16.el4", rls:"CentOS4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"perl-Cyrus", rpm:"perl-Cyrus~2.2.12~16.el4", rls:"CentOS4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1317_cyrus-imapd_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1317_cyrus-imapd_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1317_cyrus-imapd_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,111 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for cyrus-imapd CESA-2011:1317 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(881007);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "CESA", value: "2011:1317");
+  script_cve_id("CVE-2011-3208");
+  script_name("CentOS Update for cyrus-imapd CESA-2011:1317 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  The cyrus-imapd packages contain a high-performance mail server with IMAP,
+  POP3, NNTP, and Sieve support.
+  
+  A buffer overflow flaw was found in the cyrus-imapd NNTP server, nntpd. A
+  remote user able to use the nntpd service could use this flaw to crash the
+  nntpd child process or, possibly, execute arbitrary code with the
+  privileges of the cyrus user. (CVE-2011-3208)
+  
+  Red Hat would like to thank Greg Banks for reporting this issue.
+  
+  Users of cyrus-imapd are advised to upgrade to these updated packages,
+  which contain a backported patch to correct this issue. After installing
+  the update, cyrus-imapd will be restarted automatically.
+
+
+  Affected Software/OS:
+  cyrus-imapd on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017746.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of cyrus-imapd");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"cyrus-imapd", rpm:"cyrus-imapd~2.3.7~12.el5_7.1", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"cyrus-imapd-devel", rpm:"cyrus-imapd-devel~2.3.7~12.el5_7.1", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"cyrus-imapd-perl", rpm:"cyrus-imapd-perl~2.3.7~12.el5_7.1", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"cyrus-imapd-utils", rpm:"cyrus-imapd-utils~2.3.7~12.el5_7.1", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1324_qt4_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1324_qt4_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1324_qt4_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,135 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for qt4 CESA-2011:1324 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(881004);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"4.3");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_xref(name: "CESA", value: "2011:1324");
+  script_cve_id("CVE-2007-0242", "CVE-2011-3193");
+  script_name("CentOS Update for qt4 CESA-2011:1324 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  Qt 4 is a software toolkit that simplifies the task of writing and
+  maintaining GUI (Graphical User Interface) applications for the X Window
+  System. HarfBuzz is an OpenType text shaping engine.
+  
+  A flaw in the way Qt 4 expanded certain UTF-8 characters could be used to
+  prevent a Qt 4 based application from properly sanitizing user input.
+  Depending on the application, this could allow an attacker to perform
+  directory traversal, or for web applications, a cross-site scripting (XSS)
+  attack. (CVE-2007-0242)
+  
+  A buffer overflow flaw was found in the harfbuzz module in Qt 4. If a user
+  loaded a specially-crafted font file with an application linked against Qt
+  4, it could cause the application to crash or, possibly, execute arbitrary
+  code with the privileges of the user running the application.
+  (CVE-2011-3193)
+  
+  Users of Qt 4 should upgrade to these updated packages, which contain
+  backported patches to correct these issues. All running applications linked
+  against Qt 4 libraries must be restarted for this update to take effect.
+
+
+  Affected Software/OS:
+  qt4 on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017754.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of qt4");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"qt4", rpm:"qt4~4.2.1~1.el5_7.1", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"qt4-devel", rpm:"qt4-devel~4.2.1~1.el5_7.1", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"qt4-doc", rpm:"qt4-doc~4.2.1~1.el5_7.1", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"qt4-mysql", rpm:"qt4-mysql~4.2.1~1.el5_7.1", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"qt4-odbc", rpm:"qt4-odbc~4.2.1~1.el5_7.1", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"qt4-postgresql", rpm:"qt4-postgresql~4.2.1~1.el5_7.1", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"qt4-sqlite", rpm:"qt4-sqlite~4.2.1~1.el5_7.1", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1325_evolution28-pango_centos4_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1325_evolution28-pango_centos4_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1325_evolution28-pango_centos4_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,98 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for evolution28-pango CESA-2011:1325 centos4 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(881009);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "CESA", value: "2011:1325");
+  script_cve_id("CVE-2011-3193");
+  script_name("CentOS Update for evolution28-pango CESA-2011:1325 centos4 i386");
+  desc = "
+
+  Vulnerability Insight:
+  Pango is a library used for the layout and rendering of internationalized
+  text.
+  
+  A buffer overflow flaw was found in HarfBuzz, an OpenType text shaping
+  engine used in Pango. If a user loaded a specially-crafted font file with
+  an application that uses Pango, it could cause the application to crash or,
+  possibly, execute arbitrary code with the privileges of the user running
+  the application. (CVE-2011-3193)
+  
+  Users of evolution28-pango are advised to upgrade to these updated
+  packages, which contain a backported patch to resolve this issue. After
+  installing this update, you must restart your system or restart the X
+  server for the update to take effect.
+
+
+  Affected Software/OS:
+  evolution28-pango on CentOS 4
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/018070.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of evolution28-pango");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS4")
+{
+
+  if(isrpmvuln(pkg:"evolution28-pango", rpm:"evolution28-pango~1.14.9~13.el4_11", rls:"CentOS4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"evolution28-pango-devel", rpm:"evolution28-pango-devel~1.14.9~13.el4_11", rls:"CentOS4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1326_pango_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1326_pango_centos5_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1326_pango_centos5_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,98 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for pango CESA-2011:1326 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(880999);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "CESA", value: "2011:1326");
+  script_cve_id("CVE-2011-3193");
+  script_name("CentOS Update for pango CESA-2011:1326 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  Pango is a library used for the layout and rendering of internationalized
+  text.
+  
+  A buffer overflow flaw was found in HarfBuzz, an OpenType text shaping
+  engine used in Pango. If a user loaded a specially-crafted font file with
+  an application that uses Pango, it could cause the application to crash or,
+  possibly, execute arbitrary code with the privileges of the user running
+  the application. (CVE-2011-3193)
+  
+  Users of pango are advised to upgrade to these updated packages, which
+  contain a backported patch to resolve this issue. After installing this
+  update, you must restart your system or restart the X server for the update
+  to take effect.
+
+
+  Affected Software/OS:
+  pango on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/017752.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of pango");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"pango", rpm:"pango~1.14.9~8.el5.centos.3", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"pango-devel", rpm:"pango-devel~1.14.9~8.el5.centos.3", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1327_frysk_centos4_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1327_frysk_centos4_i386.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1327_frysk_centos4_i386.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,95 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for frysk CESA-2011:1327 centos4 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(880997);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "CESA", value: "2011:1327");
+  script_cve_id("CVE-2011-3193");
+  script_name("CentOS Update for frysk CESA-2011:1327 centos4 i386");
+  desc = "
+
+  Vulnerability Insight:
+  frysk is an execution-analysis technology implemented using native Java and
+  C++. It provides developers and system administrators with the ability to
+  examine and analyze multi-host, multi-process, and multithreaded systems
+  while they are running. frysk is released as a Technology Preview for Red
+  Hat Enterprise Linux 4.
+  
+  A buffer overflow flaw was found in HarfBuzz, an OpenType text shaping
+  engine used in the embedded Pango library. If a frysk application were used
+  to debug or trace a process that uses HarfBuzz while it loaded a
+  specially-crafted font file, it could cause the application to crash or,
+  possibly, execute arbitrary code with the privileges of the user running
+  the application. (CVE-2011-3193)
+  
+  Users of frysk are advised to upgrade to this updated package, which
+  contains a backported patch to correct this issue. All running frysk
+  applications must be restarted for this update to take effect.
+
+
+  Affected Software/OS:
+  frysk on CentOS 4
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/018072.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of frysk");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS4")
+{
+
+  if(isrpmvuln(pkg:"frysk", rpm:"frysk~0.0.1.2007.08.03~8.el4", rls:"CentOS4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_RHSA-2011_1317-01_cyrus-imapd.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_RHSA-2011_1317-01_cyrus-imapd.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_RHSA-2011_1317-01_cyrus-imapd.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,169 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for cyrus-imapd RHSA-2011:1317-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(870489);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "RHSA", value: "2011:1317-01");
+  script_cve_id("CVE-2011-3208");
+  script_name("RedHat Update for cyrus-imapd RHSA-2011:1317-01");
+  desc = "
+
+  Vulnerability Insight:
+  The cyrus-imapd packages contain a high-performance mail server with IMAP,
+  POP3, NNTP, and Sieve support.
+  
+  A buffer overflow flaw was found in the cyrus-imapd NNTP server, nntpd. A
+  remote user able to use the nntpd service could use this flaw to crash the
+  nntpd child process or, possibly, execute arbitrary code with the
+  privileges of the cyrus user. (CVE-2011-3208)
+  
+  Red Hat would like to thank Greg Banks for reporting this issue.
+  
+  Users of cyrus-imapd are advised to upgrade to these updated packages,
+  which contain a backported patch to correct this issue. After installing
+  the update, cyrus-imapd will be restarted automatically.
+
+
+  Affected Software/OS:
+  cyrus-imapd on Red Hat Enterprise Linux (v. 5 server),
+  Red Hat Enterprise Linux AS version 4,
+  Red Hat Enterprise Linux ES version 4,
+  Red Hat Enterprise Linux WS version 4
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://www.redhat.com/archives/rhsa-announce/2011-September/msg00033.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of cyrus-imapd");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_5")
+{
+
+  if(isrpmvuln(pkg:"cyrus-imapd", rpm:"cyrus-imapd~2.3.7~12.el5_7.1", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"cyrus-imapd-debuginfo", rpm:"cyrus-imapd-debuginfo~2.3.7~12.el5_7.1", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"cyrus-imapd-devel", rpm:"cyrus-imapd-devel~2.3.7~12.el5_7.1", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"cyrus-imapd-perl", rpm:"cyrus-imapd-perl~2.3.7~12.el5_7.1", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"cyrus-imapd-utils", rpm:"cyrus-imapd-utils~2.3.7~12.el5_7.1", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "RHENT_4")
+{
+
+  if(isrpmvuln(pkg:"cyrus-imapd", rpm:"cyrus-imapd~2.2.12~16.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"cyrus-imapd-debuginfo", rpm:"cyrus-imapd-debuginfo~2.2.12~16.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"cyrus-imapd-devel", rpm:"cyrus-imapd-devel~2.2.12~16.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"cyrus-imapd-murder", rpm:"cyrus-imapd-murder~2.2.12~16.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"cyrus-imapd-nntp", rpm:"cyrus-imapd-nntp~2.2.12~16.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"cyrus-imapd-utils", rpm:"cyrus-imapd-utils~2.2.12~16.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"perl-Cyrus", rpm:"perl-Cyrus~2.2.12~16.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_RHSA-2011_1321-01_kernel.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_RHSA-2011_1321-01_kernel.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_RHSA-2011_1321-01_kernel.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,215 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for kernel RHSA-2011:1321-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(870491);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"7.8");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "RHSA", value: "2011:1321-01");
+  script_cve_id("CVE-2011-2723", "CVE-2010-3432");
+  script_name("RedHat Update for kernel RHSA-2011:1321-01");
+  desc = "
+
+  Vulnerability Insight:
+  The kernel packages contain the Linux kernel.
+  
+  Security fix:
+  
+  * A flaw in skb_gro_header_slow() in the Linux kernel could lead to GRO
+  (Generic Receive Offload) fields being left in an inconsistent state. An
+  attacker on the local network could use this flaw to trigger a denial of
+  service. (CVE-2011-2723, Moderate)
+  
+  Red Hat would like to thank Brent Meshier for reporting this issue.
+  
+  Bug fixes:
+  
+  * When reading a file from a subdirectory in /proc/bus/pci/ while
+  hot-unplugging the device related to that file, the system will crash. Now,
+  the kernel correctly handles the simultaneous removal of a device and
+  access to the representation of that device in the proc file system.
+  (BZ#713454)
+  
+  * RHSA-2011:0017 introduced a regression: Non-disk SCSI devices (except for
+  tape drives) such as enclosure or CD-ROM devices were hidden when attached
+  to a SAS based RAID controller that uses the megaraid_sas driver. With this
+  update, such devices are accessible, as expected. (BZ#726487)
+  
+  * The fix for CVE-2010-3432 provided in RHSA-2011:0004 introduced a
+  regression: Information in sctp_packet_config(), which was called before
+  appending data chunks to a packet, was not reset, causing considerably poor
+  SCTP (Stream Control Transmission Protocol) performance. With this update,
+  the packet information is reset after transmission. (BZ#727591)
+  
+  * Certain systems do not correctly set the ACPI FADT APIC mode bit. They
+  set the bit to &quot;cluster&quot; mode instead of &quot;physical&quot; mode which caused these
+  systems to boot without the TSC (Time Stamp Counter). With this update, the
+  ACPI FADT check has been removed due to its unreliability. (BZ#728162)
+  
+  * Performance when invalidating and rereading cached data as a glock moves
+  around the cluster with GFS2 is improved. (BZ#729082)
+  
+  * Performance issues occurred when multiple nodes attempted to call mmap()
+  on the same inode at the same time on a GFS2 file system, as it was using
+  an exclusive glock. With this update, a shared lock is used when &quot;noatime&quot;
+  is set on the mount, allowing mmap() operations to occur in parallel,
+  fixing this bug. Note that this issue only refers to mmap() system calls,
+  and not to subsequent page faults. (BZ#729090)
+  
+  * Some of the functions in the GFS2 file system were not reserving enough
+  space for the resource group header in a transaction and for resource
+  groups bit blocks that get added when a memory allocation is performed.
+  That resulted in failed write and allocation operations. With this update,
+  GFS2 makes s ... 
+
+  Description truncated, for more information please check the Reference URL
+
+  Affected Software/OS:
+  kernel on Red Hat Enterprise Linux (v. 5 server)
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://www.redhat.com/archives/rhsa-announce/2011-September/msg00034.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of kernel");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_5")
+{
+
+  if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.18~238.27.1.el5", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-PAE", rpm:"kernel-PAE~2.6.18~238.27.1.el5", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-PAE-debuginfo", rpm:"kernel-PAE-debuginfo~2.6.18~238.27.1.el5", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-PAE-devel", rpm:"kernel-PAE-devel~2.6.18~238.27.1.el5", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.18~238.27.1.el5", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.18~238.27.1.el5", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.18~238.27.1.el5", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.6.18~238.27.1.el5", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~2.6.18~238.27.1.el5", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.18~238.27.1.el5", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.18~238.27.1.el5", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.18~238.27.1.el5", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-xen-debuginfo", rpm:"kernel-xen-debuginfo~2.6.18~238.27.1.el5", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-xen-devel", rpm:"kernel-xen-devel~2.6.18~238.27.1.el5", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.18~238.27.1.el5", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_RHSA-2011_1324-01_qt4.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_RHSA-2011_1324-01_qt4.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_RHSA-2011_1324-01_qt4.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,141 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for qt4 RHSA-2011:1324-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(870493);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"4.3");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_xref(name: "RHSA", value: "2011:1324-01");
+  script_cve_id("CVE-2007-0242", "CVE-2011-3193");
+  script_name("RedHat Update for qt4 RHSA-2011:1324-01");
+  desc = "
+
+  Vulnerability Insight:
+  Qt 4 is a software toolkit that simplifies the task of writing and
+  maintaining GUI (Graphical User Interface) applications for the X Window
+  System. HarfBuzz is an OpenType text shaping engine.
+  
+  A flaw in the way Qt 4 expanded certain UTF-8 characters could be used to
+  prevent a Qt 4 based application from properly sanitizing user input.
+  Depending on the application, this could allow an attacker to perform
+  directory traversal, or for web applications, a cross-site scripting (XSS)
+  attack. (CVE-2007-0242)
+  
+  A buffer overflow flaw was found in the harfbuzz module in Qt 4. If a user
+  loaded a specially-crafted font file with an application linked against Qt
+  4, it could cause the application to crash or, possibly, execute arbitrary
+  code with the privileges of the user running the application.
+  (CVE-2011-3193)
+  
+  Users of Qt 4 should upgrade to these updated packages, which contain
+  backported patches to correct these issues. All running applications linked
+  against Qt 4 libraries must be restarted for this update to take effect.
+
+
+  Affected Software/OS:
+  qt4 on Red Hat Enterprise Linux (v. 5 server)
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://www.redhat.com/archives/rhsa-announce/2011-September/msg00036.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of qt4");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_5")
+{
+
+  if(isrpmvuln(pkg:"qt4", rpm:"qt4~4.2.1~1.el5_7.1", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"qt4-debuginfo", rpm:"qt4-debuginfo~4.2.1~1.el5_7.1", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"qt4-devel", rpm:"qt4-devel~4.2.1~1.el5_7.1", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"qt4-doc", rpm:"qt4-doc~4.2.1~1.el5_7.1", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"qt4-mysql", rpm:"qt4-mysql~4.2.1~1.el5_7.1", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"qt4-odbc", rpm:"qt4-odbc~4.2.1~1.el5_7.1", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"qt4-postgresql", rpm:"qt4-postgresql~4.2.1~1.el5_7.1", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"qt4-sqlite", rpm:"qt4-sqlite~4.2.1~1.el5_7.1", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_RHSA-2011_1325-01_evolution28-pango.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_RHSA-2011_1325-01_evolution28-pango.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_RHSA-2011_1325-01_evolution28-pango.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,106 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for evolution28-pango RHSA-2011:1325-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(870490);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "RHSA", value: "2011:1325-01");
+  script_cve_id("CVE-2011-3193");
+  script_name("RedHat Update for evolution28-pango RHSA-2011:1325-01");
+  desc = "
+
+  Vulnerability Insight:
+  Pango is a library used for the layout and rendering of internationalized
+  text.
+  
+  A buffer overflow flaw was found in HarfBuzz, an OpenType text shaping
+  engine used in Pango. If a user loaded a specially-crafted font file with
+  an application that uses Pango, it could cause the application to crash or,
+  possibly, execute arbitrary code with the privileges of the user running
+  the application. (CVE-2011-3193)
+  
+  Users of evolution28-pango are advised to upgrade to these updated
+  packages, which contain a backported patch to resolve this issue. After
+  installing this update, you must restart your system or restart the X
+  server for the update to take effect.
+
+
+  Affected Software/OS:
+  evolution28-pango on Red Hat Enterprise Linux AS version 4,
+  Red Hat Enterprise Linux ES version 4,
+  Red Hat Enterprise Linux WS version 4
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://www.redhat.com/archives/rhsa-announce/2011-September/msg00037.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of evolution28-pango");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_4")
+{
+
+  if(isrpmvuln(pkg:"evolution28-pango", rpm:"evolution28-pango~1.14.9~13.el4_11", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"evolution28-pango-debuginfo", rpm:"evolution28-pango-debuginfo~1.14.9~13.el4_11", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"evolution28-pango-devel", rpm:"evolution28-pango-devel~1.14.9~13.el4_11", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_RHSA-2011_1326-01_pango.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_RHSA-2011_1326-01_pango.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_RHSA-2011_1326-01_pango.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,104 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for pango RHSA-2011:1326-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(870492);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "RHSA", value: "2011:1326-01");
+  script_cve_id("CVE-2011-3193");
+  script_name("RedHat Update for pango RHSA-2011:1326-01");
+  desc = "
+
+  Vulnerability Insight:
+  Pango is a library used for the layout and rendering of internationalized
+  text.
+  
+  A buffer overflow flaw was found in HarfBuzz, an OpenType text shaping
+  engine used in Pango. If a user loaded a specially-crafted font file with
+  an application that uses Pango, it could cause the application to crash or,
+  possibly, execute arbitrary code with the privileges of the user running
+  the application. (CVE-2011-3193)
+  
+  Users of pango are advised to upgrade to these updated packages, which
+  contain a backported patch to resolve this issue. After installing this
+  update, you must restart your system or restart the X server for the update
+  to take effect.
+
+
+  Affected Software/OS:
+  pango on Red Hat Enterprise Linux (v. 5 server)
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://www.redhat.com/archives/rhsa-announce/2011-September/msg00038.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of pango");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_5")
+{
+
+  if(isrpmvuln(pkg:"pango", rpm:"pango~1.14.9~8.el5_7.3", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"pango-debuginfo", rpm:"pango-debuginfo~1.14.9~8.el5_7.3", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"pango-devel", rpm:"pango-devel~1.14.9~8.el5_7.3", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_RHSA-2011_1327-01_frysk.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_RHSA-2011_1327-01_frysk.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_RHSA-2011_1327-01_frysk.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,103 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for frysk RHSA-2011:1327-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(870488);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "RHSA", value: "2011:1327-01");
+  script_cve_id("CVE-2011-3193");
+  script_name("RedHat Update for frysk RHSA-2011:1327-01");
+  desc = "
+
+  Vulnerability Insight:
+  frysk is an execution-analysis technology implemented using native Java and
+  C++. It provides developers and system administrators with the ability to
+  examine and analyze multi-host, multi-process, and multithreaded systems
+  while they are running. frysk is released as a Technology Preview for Red
+  Hat Enterprise Linux 4.
+  
+  A buffer overflow flaw was found in HarfBuzz, an OpenType text shaping
+  engine used in the embedded Pango library. If a frysk application were used
+  to debug or trace a process that uses HarfBuzz while it loaded a
+  specially-crafted font file, it could cause the application to crash or,
+  possibly, execute arbitrary code with the privileges of the user running
+  the application. (CVE-2011-3193)
+  
+  Users of frysk are advised to upgrade to this updated package, which
+  contains a backported patch to correct this issue. All running frysk
+  applications must be restarted for this update to take effect.
+
+
+  Affected Software/OS:
+  frysk on Red Hat Enterprise Linux AS version 4,
+  Red Hat Enterprise Linux ES version 4,
+  Red Hat Enterprise Linux WS version 4
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://www.redhat.com/archives/rhsa-announce/2011-September/msg00039.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of frysk");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_4")
+{
+
+  if(isrpmvuln(pkg:"frysk", rpm:"frysk~0.0.1.2007.08.03~8.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"frysk-debuginfo", rpm:"frysk-debuginfo~0.0.1.2007.08.03~8.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12301_librsvg2_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12301_librsvg2_fc14.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12301_librsvg2_fc14.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,80 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for librsvg2 FEDORA-2011-12301
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863535);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-12301");
+  script_cve_id("CVE-2011-3146");
+  script_name("Fedora Update for librsvg2 FEDORA-2011-12301");
+  desc = "
+
+  Vulnerability Insight:
+  An SVG library based on cairo.
+
+
+  Affected Software/OS:
+  librsvg2 on Fedora 14
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066127.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of librsvg2");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC14")
+{
+
+  if(isrpmvuln(pkg:"librsvg2", rpm:"librsvg2~2.32.0~4.fc14", rls:"FC14"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12423_wireshark_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12423_wireshark_fc14.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12423_wireshark_fc14.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,86 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for wireshark FEDORA-2011-12423
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863533);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"2.6");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_xref(name: "FEDORA", value: "2011-12423");
+  script_cve_id("CVE-2011-3266");
+  script_name("Fedora Update for wireshark FEDORA-2011-12423");
+  desc = "
+
+  Vulnerability Insight:
+  Wireshark is a network traffic analyzer for Unix-ish operating systems.
+  
+  This package lays base for libpcap, a packet capture and filtering
+  library, contains command-line utilities, contains plugins and
+  documentation for wireshark. A graphical user interface is packaged
+  separately to GTK+ package.
+
+
+  Affected Software/OS:
+  wireshark on Fedora 14
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066140.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of wireshark");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC14")
+{
+
+  if(isrpmvuln(pkg:"wireshark", rpm:"wireshark~1.4.9~1.fc14", rls:"FC14"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12975_openttd_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12975_openttd_fc14.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12975_openttd_fc14.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,83 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for openttd FEDORA-2011-12975
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863534);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-12975");
+  script_cve_id("CVE-2011-3341", "CVE-2011-3342", "CVE-2011-3343", "CVE-2010-4168");
+  script_name("Fedora Update for openttd FEDORA-2011-12975");
+  desc = "
+
+  Vulnerability Insight:
+  OpenTTD is modeled after a popular transportation business simulation game
+  by Chris Sawyer and enhances the game experience dramatically. Many features
+  were inspired by TTDPatch while others are original.
+
+
+  Affected Software/OS:
+  openttd on Fedora 14
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066128.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of openttd");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC14")
+{
+
+  if(isrpmvuln(pkg:"openttd", rpm:"openttd~1.1.3~1.fc14", rls:"FC14"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1197_6.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1197_6.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1197_6.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,134 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for qt4-x11 USN-1197-6
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840751);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "USN", value: "1197-6");
+  script_name("Ubuntu Update for qt4-x11 USN-1197-6");
+  desc = "
+
+  Vulnerability Insight:
+
+  USN-1197-1 and USN-1197-3 addressed an issue in Firefox and Xulrunner
+  pertaining to the Dutch Certificate Authority DigiNotar mis-issuing
+  fraudulent certificates. This update provides an update
+  for Qt that blacklists the known fraudulent certificates.
+  
+  Original advisory details:
+  USN-1197-1
+  
+  It was discovered that Dutch Certificate Authority DigiNotar had
+  mis-issued multiple fraudulent certificates. These certificates could allow
+  an attacker to perform a &quot;man in the middle&quot; (MITM) attack which would make
+  the user believe their connection is secure, but is actually being
+  monitored.
+  
+  For the protection of its users, Mozilla has removed the DigiNotar
+  certificate. Sites using certificates issued by DigiNotar will need to seek
+  another certificate vendor.
+  
+  We are currently aware of a regression that blocks one of two Staat der
+  Nederlanden root certificates which are believed to still be secure. This
+  regression is being tracked at https://launchpad.net/bugs/838322gs/838322
+  
+  USN-1197-1 partially addressed an issue with Dutch Certificate Authority
+  DigiNotar mis-issuing fraudulent certificates. This update actively
+  distrusts the DigiNotar root certificate as well as several intermediary
+  certificates. Also included in this list of distrusted certificates are the
+  &quot;PKIOverheid&quot; (PKIGovernment) intermediates under DigiNotar's control that
+  did not chain to DigiNotar's root and were not previously blocked.
+
+  Affected Software/OS:
+  qt4-x11 on Ubuntu 11.04 ,
+  Ubuntu 10.10 ,
+  Ubuntu 10.04 LTS
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001425.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of qt4-x11");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU10.10")
+{
+
+  if(isdpkgvuln(pkg:"libqt4-network", ver:"4:4.7.0-0ubuntu4.4", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if(isdpkgvuln(pkg:"libqt4-network", ver:"4:4.6.2-0ubuntu5.3", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "UBUNTU11.04")
+{
+
+  if(isdpkgvuln(pkg:"libqt4-network", ver:"4:4.7.2-0ubuntu6.3", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1209_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1209_1.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1209_1.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,127 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for ffmpeg USN-1209-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840750);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "USN", value: "1209-1");
+  script_cve_id("CVE-2011-1196", "CVE-2011-1931", "CVE-2011-2161", "CVE-2011-3362");
+  script_name("Ubuntu Update for ffmpeg USN-1209-1");
+  desc = "
+
+  Vulnerability Insight:
+
+  It was discovered that FFmpeg incorrectly handled certain malformed ogg
+  files. If a user were tricked into opening a crafted ogg file, an attacker
+  could cause a denial of service via application crash, or possibly execute
+  arbitrary code with the privileges of the user invoking the program. This
+  issue only affected Ubuntu 10.10. (CVE-2011-1196)
+  
+  It was discovered that FFmpeg incorrectly handled certain malformed AMV
+  files. If a user were tricked into opening a crafted AMV file, an attacker
+  could cause a denial of service via application crash, or possibly execute
+  arbitrary code with the privileges of the user invoking the program. This
+  issue only affected Ubuntu 10.10. (CVE-2011-1931)
+  
+  It was discovered that FFmpeg incorrectly handled certain malformed APE
+  files. If a user were tricked into opening a crafted APE file, an attacker
+  could cause a denial of service via application crash. (CVE-2011-2161)
+  
+  Emmanouel Kellinis discovered that FFmpeg incorrectly handled certain
+  malformed CAVS files. If a user were tricked into opening a crafted CAVS
+  file, an attacker could cause a denial of service via application crash, or
+  possibly execute arbitrary code with the privileges of the user invoking
+  the program. (CVE-2011-3362)
+
+  Affected Software/OS:
+  ffmpeg on Ubuntu 10.10 ,
+  Ubuntu 10.04 LTS
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001419.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of ffmpeg");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if(isdpkgvuln(pkg:"libavcodec52", ver:"4:0.5.1-1ubuntu1.2", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"libavformat52", ver:"4:0.5.1-1ubuntu1.2", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "UBUNTU10.10")
+{
+
+  if(isdpkgvuln(pkg:"libavcodec52", ver:"4:0.6-2ubuntu6.2", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"libavformat52", ver:"4:0.6-2ubuntu6.2", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1209_2.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1209_2.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1209_2.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,103 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for libav USN-1209-2
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840747);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "USN", value: "1209-2");
+  script_cve_id("CVE-2011-1196", "CVE-2011-1931", "CVE-2011-3362");
+  script_name("Ubuntu Update for libav USN-1209-2");
+  desc = "
+
+  Vulnerability Insight:
+
+  It was discovered that Libav incorrectly handled certain malformed ogg
+  files. If a user were tricked into opening a crafted ogg file, an attacker
+  could cause a denial of service via application crash, or possibly execute
+  arbitrary code with the privileges of the user invoking the program.
+  (CVE-2011-1196)
+  
+  It was discovered that Libav incorrectly handled certain malformed AMV
+  files. If a user were tricked into opening a crafted AMV file, an attacker
+  could cause a denial of service via application crash, or possibly execute
+  arbitrary code with the privileges of the user invoking the program.
+  (CVE-2011-1931)
+  
+  Emmanouel Kellinis discovered that Libav incorrectly handled certain
+  malformed CAVS files. If a user were tricked into opening a crafted CAVS
+  file, an attacker could cause a denial of service via application crash, or
+  possibly execute arbitrary code with the privileges of the user invoking
+  the program. (CVE-2011-3362)
+
+  Affected Software/OS:
+  libav on Ubuntu 11.04
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001420.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of libav");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU11.04")
+{
+
+  if(isdpkgvuln(pkg:"libavcodec52", ver:"4:0.6.2-1ubuntu1.1", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"libavformat52", ver:"4:0.6.2-1ubuntu1.1", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1211_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1211_1.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1211_1.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,159 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux USN-1211-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840749);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"4.9");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_xref(name: "USN", value: "1211-1");
+  script_cve_id("CVE-2011-1020", "CVE-2011-1493", "CVE-2011-1833", "CVE-2011-2492", "CVE-2011-2689", "CVE-2011-2699", "CVE-2011-2918");
+  script_name("Ubuntu Update for linux USN-1211-1");
+  desc = "
+
+  Vulnerability Insight:
+
+  It was discovered that the /proc filesystem did not correctly handle
+  permission changes when programs executed. A local attacker could hold open
+  files to examine details about programs running with higher privileges,
+  potentially increasing the chances of exploiting additional
+  vulnerabilities. (CVE-2011-1020)
+  
+  Dan Rosenberg discovered that the X.25 Rose network stack did not correctly
+  handle certain fields. If a system was running with Rose enabled, a remote
+  attacker could send specially crafted traffic to gain root privileges.
+  (CVE-2011-1493)
+  
+  Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not
+  correctly check the origin of mount points. A local attacker could exploit
+  this to trick the system into unmounting arbitrary mount points, leading to
+  a denial of service. (CVE-2011-1833)
+  
+  It was discovered that Bluetooth l2cap and rfcomm did not correctly
+  initialize structures. A local attacker could exploit this to read portions
+  of the kernel stack, leading to a loss of privacy. (CVE-2011-2492)
+  
+  It was discovered that GFS2 did not correctly check block sizes. A local
+  attacker could exploit this to crash the system, leading to a denial of
+  service. (CVE-2011-2689)
+  
+  Fernando Gont discovered that the IPv6 stack used predictable fragment
+  identification numbers. A remote attacker could exploit this to exhaust
+  network resources, leading to a denial of service. (CVE-2011-2699)
+  
+  The performance counter subsystem did not correctly handle certain
+  counters. A local attacker could exploit this to crash the system, leading
+  to a denial of service. (CVE-2011-2918)
+
+  Affected Software/OS:
+  linux on Ubuntu 11.04
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001421.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of linux");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU11.04")
+{
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.38-11-generic", ver:"2.6.38-11.50", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.38-11-generic-pae", ver:"2.6.38-11.50", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.38-11-omap", ver:"2.6.38-11.50", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.38-11-powerpc", ver:"2.6.38-11.50", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.38-11-powerpc-smp", ver:"2.6.38-11.50", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.38-11-powerpc64-smp", ver:"2.6.38-11.50", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.38-11-server", ver:"2.6.38-11.50", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.38-11-versatile", ver:"2.6.38-11.50", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.38-11-virtual", ver:"2.6.38-11.50", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1212_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1212_1.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1212_1.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,133 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux-ti-omap4 USN-1212-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840748);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"7.8");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "USN", value: "1212-1");
+  script_cve_id("CVE-2011-0463", "CVE-2011-1017", "CVE-2011-1020", "CVE-2011-1078", "CVE-2011-1079", "CVE-2011-1080", "CVE-2011-1160", "CVE-2011-1170", "CVE-2011-1171", "CVE-2011-1172", "CVE-2011-2534", "CVE-2011-1173", "CVE-2011-1180", "CVE-2011-1182", "CVE-2011-1493", "CVE-2011-1494", "CVE-2011-1495", "CVE-2011-1577", "CVE-2011-1581", "CVE-2011-1593", "CVE-2011-1598", "CVE-2011-1748", "CVE-2011-1745", "CVE-2011-2022", "CVE-2011-1746", "CVE-2011-1770", "CVE-2011-1771", "CVE-2011-1833", "CVE-2011-2484", "CVE-2011-2492", "CVE-2011-2493", "CVE-2011-2689", "CVE-2011-2699", "CVE-2011-2918");
+  script_name("Ubuntu Update for linux-ti-omap4 USN-1212-1");
+  desc = "
+
+  Vulnerability Insight:
+
+  Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly
+  clear memory when writing certain file holes. A local attacker could
+  exploit this to read uninitialized data from the disk, leading to a loss of
+  privacy. (CVE-2011-0463)
+  
+  Timo Warns discovered that the LDM disk partition handling code did not
+  correctly handle certain values. By inserting a specially crafted disk
+  device, a local attacker could exploit this to gain root privileges.
+  (CVE-2011-1017)
+  
+  It was discovered that the /proc filesystem did not correctly handle
+  permission changes when programs executed. A local attacker could hold open
+  files to examine details about programs running with higher privileges,
+  potentially increasing the chances of exploiting additional
+  vulnerabilities. (CVE-2011-1020)
+  
+  Vasiliy Kulikov discovered that the Bluetooth stack did not correctly clear
+  memory. A local attacker could exploit this to read kernel stack memory,
+  leading to a loss of privacy. (CVE-2011-1078)
+  
+  Vasiliy Kulikov discovered that the Bluetooth stack did not correctly check
+  that device name strings were NULL terminated. A local attacker could
+  exploit this to crash the system, leading to a denial of service, or leak
+  contents of kernel stack memory, leading to a loss of privacy.
+  (CVE-2011-1079)
+  
+  Vasiliy Kulikov discovered that bridge network filtering did not check that
+  name fields were NULL terminated. A local attacker could exploit this to
+  leak contents of kernel stack memory, leading to a loss of privacy.
+  (CVE-2011-1080)
+  
+  Peter Huewe discovered that the TPM device did not correctly initialize
+  memory. A local attacker could exploit this to read kernel heap memory
+  contents, leading to a loss of privacy. (CVE-2011-1160)
+  
+  Vasiliy Kulikov discovered that the netfilter code did not check certain
+  strings copied from userspace. A local attacker with netfilter access could
+  exploit this to read kernel memory or crash the system, leading to a denial
+  of service. (CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-2534)
+  
+  Vasiliy Kulikov discovered that the Acorn Universal Networking driver did
+  not correctly initialize memory. A remote attacker could send specially
+  crafted traffic to read kernel stack memory, leading to a loss of privacy.
+  (CVE-2011-1173)
+  
+  Dan Rosenberg discovered that the IRDA subsystem did not correctly check
+  certain field sizes. If a system was using IRDA, a remote attacker could
+  send specially crafted traffic to crash the system or gain root privileges.
+  (CVE-2011-1180)
+  
+  Julien Tinnes discovered that the kernel d ... 
+
+  Description truncated, for more information please check the Reference URL
+
+  Affected Software/OS:
+  linux-ti-omap4 on Ubuntu 11.04
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001422.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of linux-ti-omap4");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU11.04")
+{
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.38-1209-omap4", ver:"2.6.38-1209.15", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1214_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1214_1.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1214_1.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,112 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for gimp USN-1214-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840753);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"5.1");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "USN", value: "1214-1");
+  script_cve_id("CVE-2011-2896");
+  script_name("Ubuntu Update for gimp USN-1214-1");
+  desc = "
+
+  Vulnerability Insight:
+
+  Tomas Hoger discovered that GIMP incorrectly handled malformed LZW streams.
+  If a user were tricked into opening a specially crafted GIF image file, an
+  attacker could cause GIMP to crash, or possibly execute arbitrary code with
+  the user's privileges.
+
+  Affected Software/OS:
+  gimp on Ubuntu 11.04 ,
+  Ubuntu 10.10 ,
+  Ubuntu 10.04 LTS
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001423.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of gimp");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU10.10")
+{
+
+  if(isdpkgvuln(pkg:"gimp", ver:"2.6.10-1ubuntu3.4", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if(isdpkgvuln(pkg:"gimp", ver:"2.6.8-2ubuntu1.4", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "UBUNTU11.04")
+{
+
+  if(isdpkgvuln(pkg:"gimp", ver:"2.6.11-1ubuntu6.2", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1215_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1215_1.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1215_1.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,126 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for apt USN-1215-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840752);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "USN", value: "1215-1");
+  script_name("Ubuntu Update for apt USN-1215-1");
+  desc = "
+
+  Vulnerability Insight:
+
+  It was discovered that the apt-key utility incorrectly verified GPG
+  keys when downloaded via the net-update option. If a remote attacker were
+  able to perform a man-in-the-middle attack, this flaw could potentially be
+  used to install altered packages. This update corrects the issue by
+  disabling the net-update option completely. A future update will re-enable
+  the option with corrected verification.
+
+  Affected Software/OS:
+  apt on Ubuntu 11.04 ,
+  Ubuntu 10.10 ,
+  Ubuntu 10.04 LTS ,
+  Ubuntu 8.04 LTS
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001424.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of apt");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU10.10")
+{
+
+  if(isdpkgvuln(pkg:"apt", ver:"0.8.3ubuntu7.2", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if(isdpkgvuln(pkg:"apt", ver:"0.7.25.3ubuntu9.7", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "UBUNTU11.04")
+{
+
+  if(isdpkgvuln(pkg:"apt", ver:"0.8.13.2ubuntu4.2", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "UBUNTU8.04 LTS")
+{
+
+  if(isdpkgvuln(pkg:"apt", ver:"0.7.9ubuntu17.3", rls:"UBUNTU8.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Modified: trunk/openvas-plugins/scripts/gb_win_xp_chm_dos_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_win_xp_chm_dos_vuln.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/gb_win_xp_chm_dos_vuln.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -4,6 +4,9 @@
 #
 # Microsoft Windows XP SP3 denial of service vulnerability.
 #
+# Updated By: Antu Sanadi <santu at secpod.com> on 2011-09-22
+#  Updated the version check for itss.dll
+#
 # Authors:
 # Nikita MR <rnikita at secpod.com>
 #
@@ -27,14 +30,13 @@
 if(description)
 {
   script_id(800504);
-  script_version("$Revision: 1.0 $");
+  script_version("$Revision: 1.1$");
   script_tag(name:"cvss_base", value:"10.0");
   script_tag(name:"risk_factor", value:"Critical");
   script_cve_id("CVE-2009-0119");
   script_bugtraq_id(33204);
   script_name("Microsoft Windows XP SP3 denial of service vulnerability");
   desc = "
-
   Overview: The host is running Microsoft Windows XP which is prone to
   denial of service vulnerability.
 
@@ -47,25 +49,20 @@
   unauthorized disclosure of information and disruption of service by
   executing arbitrary code.
 
-  Impact Level: System/Network
+  Impact Level: System
 
   Affected Software/OS:
   Microsoft Windows XP SP3 and prior.
 
-  Fix: No solution or patch is available as on 19th January, 2009. Information
+  Fix: No solution or patch is available as on 22th September, 2011. Information
   regarding this issue will be updated once the solution details are available.
   For updates refer, http://www.securityfocus.com/bid/33204/solution
 
   References:
   http://www.milw0rm.com/exploits/7720
   http://web.nvd.nist.gov/view/vuln/detail?execution=e3s1
-  http://www.security-database.com/detail.php?alert=CVE-2009-0119
+  http://www.security-database.com/detail.php?alert=CVE-2009-0119 ";
 
-  CVSS Score:
-    CVSS Base Score     : 10.0 (AV:N/AC:L/Au:NR/C:C/I:C/A:C)
-    CVSS Temporal Score : 9.0
-  Risk factor : Critical";
-
   script_description(desc);
   script_summary("Check for the version of Microsoft Windows");
   script_category(ACT_GATHER_INFO);
@@ -78,12 +75,33 @@
 }
 
 
+include("smb_nt.inc");
 include("secpod_reg.inc");
+include("version_func.inc");
+include("secpod_smb_func.inc");
 
-if("5.1" != get_kb_item("SMB/WindowsVersion")){
+## Confirm the windows platform
+if(!get_kb_item("SMB/WindowsVersion")){
   exit(0);
 }
 
-if(hotfix_check_sp(xp:4)){
- security_hole(0);
+## Confirm the windows XP
+if(hotfix_check_sp(xp:4) <= 0){
+  exit(0);
 }
+
+## Get System Path
+sysPath = smb_get_systemroot();
+if(!sysPath ){
+  exit(0);
+}
+
+## Get Version from itss.dll
+dllVer = fetch_file_version(sysPath, file_name:"system32\itss.dll");
+if(!dllVer){
+  exit(0);
+}
+
+if(version_is_less_equal(version:dllVer, test_version:"5.2.3790.4186")){
+  security_hole(0);
+}

Modified: trunk/openvas-plugins/scripts/misc_func.inc
===================================================================
--- trunk/openvas-plugins/scripts/misc_func.inc	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/misc_func.inc	2011-09-23 14:39:49 UTC (rev 11681)
@@ -5,6 +5,9 @@
 # Authors:
 # Michel Arboi <arboi at alussinan.org>
 #
+# Veerendra G.G <veerendragg at secpod.com>
+# Added new construct_rpc_packet() function to construct rpc packet
+#
 # Copyright:
 # Copyright (C) 2002 Michel Arboi <arboi at alussinan.org>
 #
@@ -342,6 +345,59 @@
   }
 }
 
+## This function will construct rpc packet
+function construct_rpc_packet(program, prog_ver, procedure, data, udp, credentials, verifier)
+{
+
+  ## Add 0 If credentials are not passed
+  if(isnull(credentials)){
+    credentials[0] = 0;
+    credentials[1] = 0;
+  }
+
+  ## Add 0 If Verified are not passed
+  if(isnull(verifier)){
+    verifier[0] = 0;
+    verifier[1] = 0;
+  }
+
+  ## Random XID
+  xid = rand();
+
+  ## Construct complete RPC Rstat Request
+  header  = mkdword(xid);                       ## XID
+  header += mkdword(0);                         ## Message Type: Call (0)
+  header += mkdword(2);                         ## RPC Version: 2
+  header += mkdword(program);                   ## Prgram
+  header += mkdword(prog_ver);                  ## Prgram Version
+  header += mkdword(procedure);                 ## Procedure
+
+  ## Credentials
+  cred_data = mkdword(credentials[0]);          ## Flavor
+  cred_data += mkdword(strlen(credentials[1])); ## Length
+
+  ## Verifier
+  verifier_data = mkdword(verifier[0]);          ## Flavor
+  verifier_data += mkdword(strlen(verifier[1])); ## Length
+
+  rpc_packet = header + cred_data + verifier_data + data;
+
+  ## Add Fragment header if it's not UDP protocol
+  if(udp != "udp" || udp == FALSE)
+  {
+    ## Fragment Length
+    data_len = strlen(header + cred_data + verifier_data + data);
+
+    ## Fragment Header
+    frag_header  = mkbyte (0x80);               ## Last Fragment
+    frag_header  += mkbyte (0);                 ##
+    frag_header  += mkdword(data_len);          ## Fragment Length
+    rpc_packet = frag_header + rpc_packet;
+  }
+
+  return(rpc_packet);
+}
+
 #
 function rand_str(length, charset)
 {
@@ -441,8 +497,6 @@
 
 
 
-
-
 function base64_decode(str)
 {
  local_var len, i, j, k, ret, base64, b64, a,b,c,o;

Added: trunk/openvas-plugins/scripts/secpod_acdsee_fotoslate_mult_bof_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_acdsee_fotoslate_mult_bof_vuln.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/secpod_acdsee_fotoslate_mult_bof_vuln.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,111 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_acdsee_fotoslate_mult_bof_vuln.nasl 17130 2011-09-23 13:25:24Z sep $
+#
+# ACDSee FotoSlate Multiple Buffer Overflow Vulnerabilities
+#
+# Authors:
+# Madhuri D <dmadhuri at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(902732);
+  script_version("$Revision: 1.0$");
+  script_cve_id("CVE-2011-2595");
+  script_bugtraq_id(49558);
+  script_tag(name:"cvss_base", value:"10.0");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("ACDSee FotoSlate PLP Multiple Buffer Overflow Vulnerabilities");
+  desc = "
+  Overview: This host is installed with ACDSee FotoSlate and is prone to
+  multiple buffer overflow vulnerabilities.
+
+  Vulnerability Insight:
+  The flaws are caused due to boundary error when processing the 'id' parameter
+  of a '<String>' or '<Int>' tag in a FotoSlate Project (PLP) file. This can be
+  exploited to cause a stack-based buffer overflow via an overly long string
+  assigned to the parameter.
+
+  Impact:
+  Successful exploitation will allow remote attackers to execute arbitrary
+  code in the context of the application.
+
+  Impact Level: System/Application
+
+  Affected Software :
+  ACDSee Fotoslate version 4.0 Build 146
+
+  Fix: No solution or patch is available as on 23rd September 2011. Information
+  regarding this issue will be updated once the solution details are available.
+  For updates refer, http://store.acdsee.com/store/acd/DisplayProductDetailsPage/productID.69650700/Locale.en_US/Currency.USD?resid=TnsbEQoHArEAAG62J0EAAAAt&rests=1316765102137
+
+  References:
+  http://osvdb.org/show/osvdb/75425
+  http://secunia.com/advisories/44722 ";
+
+  script_description(desc);
+  script_summary("Check for the version of ACDSee Fotoslate");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2011 SecPod");
+  script_family("Buffer overflow");
+  script_dependencies("secpod_reg_enum.nasl");
+  script_require_keys("SMB/WindowsVersion");
+  exit(0);
+}
+
+
+include("smb_nt.inc");
+include("version_func.inc");
+include("secpod_smb_func.inc");
+
+if(!get_kb_item("SMB/WindowsVersion")){
+  exit(0);
+}
+
+## Check FotoSlate is installed
+if(!registry_key_exists(key:"SOFTWARE\ACD Systems\FotoSlate")){
+  exit(0);
+}
+
+key = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\";
+if(!registry_key_exists(key:key)){
+  exit(0);
+}
+
+foreach item (registry_enum_keys(key:key))
+{
+  ## Check for FotoSlate DisplayName
+  fotoName = registry_get_sz(key:key + item, item:"DisplayName");
+  if("FotoSlate" >< fotoName)
+  {
+    ## Check for FotoSlate DisplayVersion
+    fotoVer = registry_get_sz(key:key + item, item:"DisplayVersion");
+    if(!fotoVer){
+      exit(0);
+    }
+
+    ## Check for FotoSlate version equals to 4.0 Build 146 => '4.0.146'
+    if(version_is_equal(version:fotoVer, test_version:"4.0.146"))
+    {
+        security_hole(0) ;
+        exit(0);
+    }
+  }
+}

Added: trunk/openvas-plugins/scripts/secpod_authenex_asas_server_sql_inj_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_authenex_asas_server_sql_inj_vuln.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/secpod_authenex_asas_server_sql_inj_vuln.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,101 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_authenex_asas_server_sql_inj_vuln.nasl 17338 2011-09-23 16:05:33Z sep $
+#
+# ASAS Server End User Self Service (EUSS) SQL Injection Vulnerability
+#
+# Authors:
+# Antu Sanadi <santu at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(902476);
+  script_version("$Revision: 1.0$");
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("ASAS Server End User Self Service (EUSS) SQL Injection Vulnerability");
+  desc = "
+  Overview: The host is running Authenex ASAS and is prone to SQL injection
+  vulnerability.
+
+  Vulnerability Insight:
+  The flaw is caused due to an input passed to the 'rgstcode' parameter in
+  'akeyActivationLogin.do', is not properly sanitised before being used in
+  SQL queries.
+
+  Impact:
+  Successful exploitation will let attackers to authenex database, dump all
+  the OTP tokens, users information including credentials.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  Authenex ASAS version 3.1.0.3 and prior.
+
+  Fix: Apply the patc from below link,
+  http://support.authenex.com/
+
+  *****
+  NOTE: Ignore this warning, if above mentioned patch is manually applied.
+  *****
+
+  References:
+  http://www.securelist.com/en/advisories/46103
+  http://packetstormsecurity.org/files/view/105287/authenex-sql.txt
+  http://support.authenex.com/index.php?_m=downloads&_a=viewdownload&downloaditemid=125 ";
+
+  script_description(desc);
+  script_summary("Check for the version of Authenex ASAS");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2011 SecPod");
+  script_family("Web application abuses");
+  script_require_ports("Services/www", 5080);
+  exit(0);
+}
+
+
+include("http_func.inc");
+include("version_func.inc");
+
+## Get the HTTP Port
+asPort = get_http_port(default:5080);
+if(!asPort){
+  exit(0);
+}
+
+## Get request
+sndReq = http_get(item:"/initial.do", port:asPort);
+rcvRes = http_send_recv(port:asPort, data:sndReq);
+
+## Confirm the application
+if('ASAS Web Management Console Login' >< rcvRes)
+{
+  ## grep for the version
+  asVer = eregmatch(pattern:"ASAS Web Management Console v([0-9.]+)",
+                    string:rcvRes);
+
+  if(!isnull(asVer[1]))
+  {
+    ## Check for version is less equal 3.1.0.3
+    if(version_is_less_equal(version:asVer[1], test_version:"3.1.0.3")){
+      security_hole(asPort);
+    }
+  }
+}

Added: trunk/openvas-plugins/scripts/secpod_colasoft_capsa_snmp_dos_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_colasoft_capsa_snmp_dos_vuln.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/secpod_colasoft_capsa_snmp_dos_vuln.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,96 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_colasoft_capsa_snmp_dos_vuln.nasl 17098 2011-09-22 11:11:11Z sep $
+#
+# Colasoft Capsa Malformed SNMP V1 Packet Remote Denial of Service Vulnerability
+#
+# Authors:
+# Sooraj KS <kssooraj at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(902570);
+  script_version("$Revision: 1.0$");
+  script_bugtraq_id(49621);
+  script_tag(name:"cvss_base", value:"9.3");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("Colasoft Capsa Malformed SNMP V1 Packet Remote Denial of Service Vulnerability");
+  desc = "
+  Overview: This host is installed with Colasoft Capsa and is prone to denial
+  of service vulnerability.
+
+  Vulnerability Insight:
+  The flaw is caused due to an unspecified error within the SNMPv1 protocol
+  dissector and can be exploited to cause a crash via a specially crafted
+  packet.
+
+  Impact:
+  Successful exploitation could allow remote attackers to crash the affected
+  application, denying service to legitimate users.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  Colasoft Capsa Version 7.2.1 and prior.
+
+  Fix: No solution or patch is available as on 22rd September, 2011. Information
+  regarding this issue will be updated once the solution details are available.
+  For updates refer, http://www.colasoft.com/download/products/download_capsa.php
+
+  References:
+  http://secunia.com/advisories/46034
+  http://www.securityfocus.com/archive/1/519630
+  http://archives.neohapsis.com/archives/bugtraq/2011-09/0088.html ";
+
+  script_description(desc);
+  script_summary("Check for the version of Colasoft Capsa");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2011 SecPod");
+  script_family("Denial of Service");
+  script_dependencies("secpod_reg_enum.nasl");
+  script_require_keys("SMB/WindowsVersion");
+  script_require_ports(139, 445);
+  exit(0);
+}
+
+
+include("smb_nt.inc");
+include("version_func.inc");
+
+## Confirm Windows
+if(!get_kb_item("SMB/WindowsVersion")){
+  exit(0);
+}
+
+## Confirm Colasoft Capsa
+key = "SOFTWARE\Colasoft\Colasoft Capsa 7 Enterprise Demo Edition";
+if(!registry_key_exists(key:key)) {
+  exit(0);
+}
+
+## Get Version From Registry
+version = registry_get_sz(key:key, item:"Version");
+if(version)
+{
+ ## Check for Colasoft Capsa Version 7.2.1 and prior
+ if(version_is_less_equal(version:version, test_version:"7.2.1.2299")) {
+    security_hole(0);
+  }
+}

Added: trunk/openvas-plugins/scripts/secpod_dotproject_sql_inj_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_dotproject_sql_inj_vuln.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/secpod_dotproject_sql_inj_vuln.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,88 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_dotproject_sql_inj_vuln.nasl 17054 2011-09-22 16:05:33Z sep $
+#
+# dotProject 'index.php' SQL Injection Vulnerability.
+#
+# Authors:
+# Madhuri D <dmadhuri at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(902731);
+  script_version("$Revision: 1.0$");
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("dotProject 'index.php' SQL Injection Vulnerability");
+  desc = "
+  Overview: The host is running dotProject and is prone to SQL injection
+  vulnerability.
+
+  Vulnerability Insight:
+  The flaw is caused due to an input passed to the 'ticket' parameter in
+  'index.php' is not properly sanitised before being used in SQL queries.
+
+  Impact:
+  Successful exploitation will let attackers to compromise the application,
+  access or modify data, or exploit latent vulnerabilities in the underlying
+  database.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  dotProject version prior to 2.1.5
+
+  Fix: No solution or patch is available as on 22nd September, 2011. Information
+  regarding this issue will be updated once the solution details are available.
+  For updates refer, http://www.dotproject.net
+
+  References:
+  http://www.exploit-db.com/exploits/17829/ ";
+
+  script_description(desc);
+  script_summary("Check for the version of dotProject");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2011 SecPod");
+  script_family("Web application abuses");
+  script_dependencies("gb_dotproject_detect.nasl");
+  script_require_ports("Services/www", 80);
+  exit(0);
+}
+
+
+include("http_func.inc");
+include("version_func.inc");
+
+## Get the HTTP Port
+dpPort = get_http_port(default:80);
+if(!dpPort){
+  exit(0);
+}
+
+## Get the version from KB
+dotVer = get_version_from_kb(port:dpPort,app:"dotProject");
+if(!dotVer){
+  exit(0);
+}
+
+## Check for dotProject version 2.1.5
+if(version_is_equal(version:dotVer, test_version:"2.1.5")){
+  security_hole(dpPort);
+}

Added: trunk/openvas-plugins/scripts/secpod_ea_gbook_inc_ordner_parameter_lfi_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ea_gbook_inc_ordner_parameter_lfi_vuln.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/secpod_ea_gbook_inc_ordner_parameter_lfi_vuln.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,130 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_ea_gbook_inc_ordner_parameter_lfi_vuln.nasl 17116 2011-09-21 11:00:01Z sep $
+#
+# ea-gBook 'inc_ordner' Parameter Local File Inclusion Vulnerability
+#
+# Authors:
+# Rachana Shetty <srachana at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(901207);
+  script_version("$Revision: 1.0$");
+  script_cve_id("CVE-2009-5095");
+  script_bugtraq_id(33774);
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("ea-gBook 'inc_ordner' Parameter Local File Inclusion Vulnerability");
+  desc = "
+  Overview: This host is running ea-gBook and is prone to local file inclusion
+  vulnerability.
+
+  Vulnerability Insight:
+  The flaw is caused due to improper validation of input passed via
+  'inc_ordner' parameter to 'index_inc.php' script, which allows attackers to
+  read arbitrary files.
+
+  Impact:
+  Successful exploitation could allow an attacker to gain sensitive
+  information.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  ea-gBook version 0.1.4 and prior.
+
+  Fix: No solution or patch is available as on 21th September, 2011. Information
+  regarding this issue will be updated once the solution details are available
+  For updates refer, http://www.ea-style.de/
+
+  References:
+  http://secunia.com/advisories/33927
+  http://xforce.iss.net/xforce/xfdb/48759
+  http://www.exploit-db.com/exploits/8052/ ";
+
+  script_description(desc);
+  script_summary("Check for local file inclusion vulnerability in ea-gBook");
+  script_category(ACT_ATTACK);
+  script_copyright("Copyright (C) 2011 SecPod");
+  script_family("Web application abuses");
+  script_dependencies("http_version.nasl");
+  script_require_ports("Services/www", 80);
+  exit(0);
+}
+
+include("http_func.inc");
+include("host_details.inc");
+include("http_keepalive.inc");
+
+## Get HTTP Port
+port = get_http_port(default:80);
+if(!port){
+  exit(0);
+}
+
+## Check Host Supports PHP
+if(!can_host_php(port:port)){
+  exit(0);
+}
+
+# Get the host name
+host = get_host_name();
+if(!host){
+  exit(0);
+}
+
+## Check for each possible path
+foreach dir (make_list("/ea-gBook", "/gbuch", "/gb", "/guestbook",
+                       "/Gaestebuch", cgi_dirs()))
+{
+  ## Send and Receive the response
+  req=string(
+        "GET ", dir, "/index.php?seite=0 HTTP/1.1\r\n",
+        "Host: ", host, "\r\n",
+        "Cookie: PHPSESSID=i8djnvh2m2dobtp9ujktolpcq6\r\n",
+        "Cache-Control: max-age=0\r\n\r\n");
+  res = http_keepalive_send_recv(port:port,data:req);
+
+  ## Confirm the application
+  if("<title>ea-gBook" >< res && "ea-style.de" >< res)
+  {
+    files = traversal_files();
+
+    foreach file (keys(files))
+    {
+      ## Construct exploit string
+      req=string(
+        "GET ", dir, "/index_inc.php?inc_ordner=/", files[file]," HTTP/1.1\r\n",
+        "Host: ", host, "\r\n",
+        "Cookie: PHPSESSID=i8djnvh2m2dobtp9ujktolpcq6\r\n",
+        "Cache-Control: max-age=0\r\n\r\n");
+
+      res = http_keepalive_send_recv(port:port, data:req);
+
+      ## Confirm exploit worked properly or not
+      if(egrep(pattern:".*root:.*:0:[01]:.*|\[boot loader\]", string:res))
+      {
+        security_hole(port:port);
+        exit(0);
+      }
+    }
+  }
+}

Added: trunk/openvas-plugins/scripts/secpod_google_chrome_mult_vuln_sep11_lin.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_google_chrome_mult_vuln_sep11_lin.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/secpod_google_chrome_mult_vuln_sep11_lin.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,89 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_google_chrome_mult_vuln_sep11_lin.nasl 17308 2011-09-22 11:29:14 sep $
+#
+# Google Chrome Multiple Vulnerabilities - Sep11 (Lin)
+#
+# Authors:
+# Rachana Shetty <srachana at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(902628);
+  script_version("$Revision: 1.0$");
+  script_cve_id("CVE-2011-2834", "CVE-2011-2835", "CVE-2011-2836", "CVE-2011-2838",
+                "CVE-2011-2839", "CVE-2011-2840", "CVE-2011-2841", "CVE-2011-2843",
+                "CVE-2011-2844", "CVE-2011-2846", "CVE-2011-2847", "CVE-2011-2848",
+                "CVE-2011-2849", "CVE-2011-2850", "CVE-2011-2851", "CVE-2011-2852",
+                "CVE-2011-2853", "CVE-2011-2854", "CVE-2011-2855", "CVE-2011-2856",
+                "CVE-2011-2857", "CVE-2011-2858", "CVE-2011-2859", "CVE-2011-2860",
+                "CVE-2011-2861", "CVE-2011-2862", "CVE-2011-2864", "CVE-2011-2874",
+                "CVE-2011-2875", "CVE-2011-3234", "CVE-2011-2837");
+  script_bugtraq_id(49658);
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Google Chrome Multiple Vulnerabilities - Sep11 (Lin)");
+  desc = "
+  Overview: The host is running Google Chrome and is prone to multiple
+  vulnerabilities.
+
+  Vulnerability Insight:
+  For more information on the vulnerabilities refer to the links below.
+
+  Impact:
+  Successful exploitation could allow attackers to execute arbitrary code in
+  the context of the browser, inject scripts, bypass certain security
+  restrictions, or cause a denial-of-service condition.
+
+  Impact Level: System/Application
+
+  Affected Software/OS:
+  Google Chrome version prior to 14.0.835.163 on Linux.
+
+  Fix: Upgrade to the Google Chrome 14.0.835.163 or later,
+  For updates refer, http://www.google.com/chrome
+
+  References:
+  http://secunia.com/advisories/46049
+  http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html ";
+
+  script_description(desc);
+  script_copyright("Copyright (c) 2011 SecPod");
+  script_summary("Check the version of Google Chrome");
+  script_category(ACT_GATHER_INFO);
+  script_family("General");
+  script_dependencies("gb_google_chrome_detect_lin.nasl");
+  script_require_keys("Google-Chrome/Linux/Ver");
+  exit(0);
+}
+
+
+include("version_func.inc");
+
+## Get the version from KB
+chromeVer = get_kb_item("Google-Chrome/Linux/Ver");
+if(!chromeVer){
+  exit(0);
+}
+
+## Check for Google Chrome Version less than 14.0.835.163
+if(version_is_less(version:chromeVer, test_version:"14.0.835.163")){
+  security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/secpod_google_chrome_mult_vuln_sep11_macosx.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_google_chrome_mult_vuln_sep11_macosx.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/secpod_google_chrome_mult_vuln_sep11_macosx.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,89 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_google_chrome_mult_vuln_sep11_macosx.nasl 17308 2011-09-22 11:29:14 sep $
+#
+# Google Chrome Multiple Vulnerabilities - Sep11 (Mac OS X)
+#
+# Authors:
+# Rachana Shetty <srachana at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(902629);
+  script_version("$Revision: 1.0$");
+  script_cve_id("CVE-2011-2834", "CVE-2011-2835", "CVE-2011-2836", "CVE-2011-2838",
+                "CVE-2011-2839", "CVE-2011-2840", "CVE-2011-2841", "CVE-2011-2843",
+                "CVE-2011-2844", "CVE-2011-2846", "CVE-2011-2847", "CVE-2011-2848",
+                "CVE-2011-2849", "CVE-2011-2850", "CVE-2011-2851", "CVE-2011-2852",
+                "CVE-2011-2853", "CVE-2011-2854", "CVE-2011-2855", "CVE-2011-2856",
+                "CVE-2011-2857", "CVE-2011-2858", "CVE-2011-2859", "CVE-2011-2860",
+                "CVE-2011-2861", "CVE-2011-2862", "CVE-2011-2864", "CVE-2011-2874",
+                "CVE-2011-2875", "CVE-2011-3234", "CVE-2011-2842");
+  script_bugtraq_id(49658);
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Google Chrome Multiple Vulnerabilities - Sep11 (Mac OS X)");
+  desc = "
+  Overview: The host is running Google Chrome and is prone to multiple
+  vulnerabilities.
+
+  Vulnerability Insight:
+  For more information on the vulnerabilities refer to the links below.
+
+  Impact:
+  Successful exploitation could allow attackers to execute arbitrary code in
+  the context of the browser, inject scripts, bypass certain security
+  restrictions, or cause a denial-of-service condition.
+
+  Impact Level: System/Application
+
+  Affected Software/OS:
+  Google Chrome version prior to 14.0.835.163 on Mac OS X.
+
+  Fix: Upgrade to the Google Chrome 14.0.835.163 or later,
+  For updates refer, http://www.google.com/chrome
+
+  References:
+  http://secunia.com/advisories/46049
+  http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html ";
+
+  script_description(desc);
+  script_copyright("Copyright (c) 2011 SecPod");
+  script_summary("Check the version of Google Chrome");
+  script_category(ACT_GATHER_INFO);
+  script_family("General");
+  script_dependencies("gb_google_chrome_detect_macosx.nasl");
+  script_require_keys("GoogleChrome/MacOSX/Version");
+  exit(0);
+}
+
+
+include("version_func.inc");
+
+## Get the version from KB
+chromeVer = get_kb_item("GoogleChrome/MacOSX/Version");
+if(!chromeVer){
+  exit(0);
+}
+
+## Check for Google Chrome Version less than 14.0.835.163
+if(version_is_less(version:chromeVer, test_version:"14.0.835.163")){
+  security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/secpod_google_chrome_mult_vuln_sep11_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_google_chrome_mult_vuln_sep11_win.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/secpod_google_chrome_mult_vuln_sep11_win.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,89 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_google_chrome_mult_vuln_sep11_win.nasl 17308 2011-09-22 11:29:14 sep $
+#
+# Google Chrome Multiple Vulnerabilities - Sep11 (Win)
+#
+# Authors:
+# Rachana Shetty <srachana at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(902627);
+  script_version("$Revision: 1.0$");
+  script_cve_id("CVE-2011-2834", "CVE-2011-2835", "CVE-2011-2836", "CVE-2011-2838",
+                "CVE-2011-2839", "CVE-2011-2840", "CVE-2011-2841", "CVE-2011-2843",
+                "CVE-2011-2844", "CVE-2011-2846", "CVE-2011-2847", "CVE-2011-2848",
+                "CVE-2011-2849", "CVE-2011-2850", "CVE-2011-2851", "CVE-2011-2852",
+                "CVE-2011-2853", "CVE-2011-2854", "CVE-2011-2855", "CVE-2011-2856",
+                "CVE-2011-2857", "CVE-2011-2858", "CVE-2011-2859", "CVE-2011-2860",
+                "CVE-2011-2861", "CVE-2011-2862", "CVE-2011-2864", "CVE-2011-2874",
+                "CVE-2011-2875", "CVE-2011-3234");
+  script_bugtraq_id(49658);
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Google Chrome Multiple Vulnerabilities - Sep11 (Win)");
+  desc = "
+  Overview: The host is running Google Chrome and is prone to multiple
+  vulnerabilities.
+
+  Vulnerability Insight:
+  For more information on the vulnerabilities refer to the links below.
+
+  Impact:
+  Successful exploitation could allow attackers to execute arbitrary code in
+  the context of the browser, inject scripts, bypass certain security
+  restrictions, or cause a denial-of-service condition.
+
+  Impact Level: System/Application
+
+  Affected Software/OS:
+  Google Chrome version prior to 14.0.835.163 on Windows.
+
+  Fix: Upgrade to the Google Chrome 14.0.835.163 or later,
+  For updates refer, http://www.google.com/chrome
+
+  References:
+  http://secunia.com/advisories/46049
+  http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html ";
+
+  script_description(desc);
+  script_copyright("Copyright (c) 2011 SecPod");
+  script_summary("Check the version of Google Chrome");
+  script_category(ACT_GATHER_INFO);
+  script_family("General");
+  script_dependencies("gb_google_chrome_detect_win.nasl");
+  script_require_keys("GoogleChrome/Win/Ver");
+  exit(0);
+}
+
+
+include("version_func.inc");
+
+## Get the version from KB
+chromeVer = get_kb_item("GoogleChrome/Win/Ver");
+if(!chromeVer){
+  exit(0);
+}
+
+## Check for Google Chrome Version less than 14.0.835.163
+if(version_is_less(version:chromeVer, test_version:"14.0.835.163")){
+  security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/secpod_ibm_lotus_domino_xss_n_bof_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ibm_lotus_domino_xss_n_bof_vuln.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/secpod_ibm_lotus_domino_xss_n_bof_vuln.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,93 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_ibm_lotus_domino_xss_n_bof_vuln.nasl 17309 2011-09-23 12:12:12Z sep $
+#
+# IBM Lotus Domino Cross Site Scripting and Buffer Overflow Vulnerabilities
+#
+# Authors:
+# Sooraj KS <kssooraj at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(902572);
+  script_version("$Revision: 1.0$");
+  script_bugtraq_id(49701, 49705);
+  script_cve_id("CVE-2011-3575", "CVE-2011-3576");
+  script_tag(name:"cvss_base", value:"9.0");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("IBM Lotus Domino Cross Site Scripting and Buffer Overflow Vulnerabilities");
+  desc = "
+  Overview: The host is running IBM Lotus Domino Server and is prone to cross
+  site scripting and buffer overflow vulnerabilities.
+
+  Vulnerability Insight:
+  - Input passed via the 'PanelIcon' parameter in an fmpgPanelHeader ReadForm
+    action to WebAdmin.nsf is not properly sanitised before being returned to
+    the user. This can be exploited to execute arbitrary HTML and script code
+    in a user's browser session in context of an affected site.
+  - Stack-based buffer overflow error in the NSFComputeEvaluateExt function
+    in Nnotes.dll allows remote authenticated users to execute arbitrary code
+    via a long 'tHPRAgentName' parameter in an fmHttpPostRequest OpenForm
+    action to WebAdmin.nsf.
+
+  Impact:
+  Successful exploitation may allow remote attackers to execute arbitrary code
+  with system-level privileges or steal cookie-based authentication credentials
+  and launch other attacks.
+
+  Impact Level: System/Application
+
+  Affected Software/OS:
+  IBM Lotus Domino Versions 8.5.2 and prior.
+
+  Fix: No solution or patch is available as on 23rd September, 2011. Information
+  regarding this issue will be updated once the solution details are available.
+  For updates refer, http://www-01.ibm.com/software/lotus/products/domino/
+
+  References:
+  http://xforce.iss.net/xforce/xfdb/69802
+  http://www.research.reversingcode.com/index.php/advisories/73-ibm-ssd-1012211
+  http://www.research.reversingcode.com/exploits/IBMLotusDomino_StackOverflowPoC ";
+
+  script_description(desc);
+  script_summary("Check for the version of IBM Lotus Domino");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2011 SecPod");
+  script_family("General");
+  script_dependencies("gb_lotus_domino_detect.nasl");
+  exit(0);
+}
+
+
+include("version_func.inc");
+
+## Get Lotus Domino Version from KB
+domVer = get_kb_item("Domino/Version");
+domPort = get_kb_item("Domino/Port/");
+if(!domVer || !domPort){
+  exit(0);
+}
+
+domVer = ereg_replace(pattern:"FP", string:domVer, replace: ".FP");
+
+## Check for Vulnerable Lotus Domino Versions
+if(version_is_less_equal(version:domVer, test_version:"8.5.2")) {
+  security_hole(domPort);
+}

Added: trunk/openvas-plugins/scripts/secpod_macosx_keychain_impl_sec_bypass_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_macosx_keychain_impl_sec_bypass_vuln.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/secpod_macosx_keychain_impl_sec_bypass_vuln.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,96 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_macosx_keychain_impl_sec_bypass_vuln.nasl 17118 2011-09-22 11:29:14 sep $
+#
+# Apple Mac OS X Keychain Certificate Settings Security Bypass Vulnerability
+#
+# Authors:
+# Antu Sanadi <santu at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(902474);
+  script_version("$Revision: 1.0$");
+  script_cve_id("CVE-2011-3422");
+  script_bugtraq_id(49429);
+  script_tag(name:"cvss_base", value:"4.3");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Apple Mac OS X Keychain Certificate Settings Security Bypass Vulnerability");
+  desc = "
+  Overview: This host is installed with Mac OS X and is prone to the security
+  bypass vulnerability.
+
+  Vulnerability Insight:
+  The flaw is caused due to an error in the implementation of Certificate Trust
+  Policy, which allows attacker to bypass KeyChain security settings to accept
+  an Extended Validation certificate as valid.
+
+  Impact:
+  Successful exploitation could allow attackers to bypass security restrictions
+  and launch further attacks on the system.
+
+  Impact Level: System
+
+  Affected Software/OS:
+  Mac OS X version 10.6 to 10.6.8 and
+  Mac OS X Server version 10.6 to 10.6.8
+
+  Fix: No solution or patch is available as on 22th September 2011. Information
+  regarding this issue will be updated once the solution details are available.
+  For updates refer, http://support.apple.com/downloads/
+
+  References:
+  http://xforce.iss.net/xforce/xfdb/69556
+  http://www.securitytracker.com/id?1026002 ";
+
+  script_description(desc);
+  script_copyright("Copyright (c) 2011 SecPod");
+  script_summary("Checks for Mac OS X/Server version");
+  script_category(ACT_GATHER_INFO);
+  script_family("Mac OS X Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_ports("Services/ssh", 22);
+  exit(0);
+}
+
+
+include("pkg-lib-macosx.inc");
+include("version_func.inc");
+
+## Get the OS name
+osName = get_kb_item("ssh/login/osx_name");
+if(!osName){
+  exit (0);
+}
+
+## Get the OS Version
+osVer = get_kb_item("ssh/login/osx_version");
+if(!osVer){
+ exit(0);
+}
+
+## Check for the Mac OS X
+if("Mac OS X" >< osName || "Mac OS X Server" >< osName)
+{
+  ## Check the affected OS versions
+  if(version_in_range(version:osVer, test_version:"10.6.0", test_version2:"10.6.8")){
+    security_warning(0);
+  }
+}

Added: trunk/openvas-plugins/scripts/secpod_nam_carportal_sql_inj_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_nam_carportal_sql_inj_vuln.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/secpod_nam_carportal_sql_inj_vuln.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,111 @@
+##############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_nam_carportal_sql_inj_vuln.nasl 17228 2011-09-22 10:50:29 sep $
+#
+# NetArt Media Car Portal SQL injection Vulnerability
+#
+# Authors:
+# Antu Sanadi <santu at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(902475);
+  script_version("$Revision : 1.0$");
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("NetArt Media Car Portal SQL injection Vulnerability");
+  desc = "
+  Overview: This host is running NetArt Media Car Portal and is prone SQL
+  injection vulnerability.
+
+  Vulnerability Insight:
+  The flaw exists due to the error in 'loginaction.php', which fails to
+  sufficiently sanitize user-supplied data in 'Email' and 'Password'
+  parameters.
+
+  Impact:
+  Successful exploitation will allow remote attackers to bypass the security
+  restrictions or view, add, modify back-end database.
+
+  Impact Level: Application
+
+  Affected Software :
+  NetArt Media Car Portal Version 2.0
+
+  Fix: No solution or patch is available as on 22nd September 2011. Information
+  regarding this issue will be updated once the solution details are available.
+  For updates refer, http://www.netartmedia.net/carsportal/
+
+  References:
+  http://securityreason.com/wlb_show/WLB-2011090081
+  http://packetstormsecurity.org/files/view/105210/carportal20-sqlbypass.txt ";
+
+  script_description(desc);
+  script_summary("Determine the SQL Injection vulnerability in Car Portal");
+  script_category(ACT_ATTACK);
+  script_copyright("Copyright (c) 2011 SecPod");
+  script_family("Web application abuses");
+  script_require_ports("Services/www", 80);
+  exit(0);
+}
+
+
+include("http_func.inc");
+include("http_keepalive.inc");
+
+cpPort = get_http_port(default:80);
+if(!cpPort){
+  exit(0);
+}
+
+## Check host supports PHP
+if(!can_host_php(port:port)){
+  exit(0);
+}
+
+## Iterate over the possible paths
+foreach dir (make_list("/autoportal1", "/carportal", "/", cgi_dirs()))
+{
+  sndReq = http_get(item:string(dir, "/index.php"), port:cpPort);
+  rcvRes = http_send_recv(port:cpPort, data:sndReq);
+
+  ## Confirm the application
+  if('">Car Portal<' >< rcvRes && 'netartmedia' >< rcvRes)
+  {
+    filename = string(dir + "/loginaction.php");
+    authVariables ="Email=%27or%27+1%3D1&Password=%27or%27+1%3D1";
+
+    ## Construct post request
+    sndReq = string("POST ", filename, " HTTP/1.1\r\n",
+                    "Host: ", get_host_name(), "\r\n",
+                    "User-Agent: SQL Injection Test\r\n",
+                    "Content-Type: application/x-www-form-urlencoded\r\n",
+                    "Content-Length: ", strlen(authVariables), "\r\n\r\n",
+                    authVariables);
+    rcvRes = http_keepalive_send_recv(port:cpPort, data:sndReq);
+
+    ## Check the Response and confirm the exploit
+    if("Location: DEALERS/index.php" >< rcvRes)
+    {
+      security_hole(cpPort);
+      exit(0);
+    }
+  }
+}

Added: trunk/openvas-plugins/scripts/secpod_rpc_rstatd.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_rpc_rstatd.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/secpod_rpc_rstatd.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,132 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_rpc_rstatd.nasl 16466 2011-09-23 14:11:11Z sep $
+#
+# Check RPC rstatd Service Running
+#
+# Authors:
+# Veerendra G.G <veerendragg at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(901206);
+  script_version("$Revision: 1.0$");
+  script_cve_id("CVE-1999-0624");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Check RPC rstatd Service Running");
+  desc = "
+  Overview: This remote host is running rstatd service.
+
+  Vulnerability Insight:
+  rstatd service an rpc server which provides remotely monitorable statistics
+  obtained from the kernel such as,
+  - system uptime
+  - cpu usage
+  - disk usage
+  - network usage
+  - load averages
+  - and more
+
+  Impact Level: System
+
+  Fix: Disable rstatd service, If not needed.
+
+  References:
+  http://xforce.iss.net/xforce/xfdb/115
+  http://en.wikipedia.org/wiki/Remote_procedure_call
+  http://www.iss.net/security_center/advice/Services/SunRPC/rpc.rstatd/default.htm
+  ";
+
+  script_description(desc);
+  script_summary("Check for RPC rstatd Service");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2011 SecPod");
+  script_dependencies("find_service.nes");
+  script_family("Useless services");
+  script_dependencies("secpod_rpc_portmap.nasl");
+  script_require_keys("rpc/portmap");
+  exit(0);
+}
+
+##
+## The script code starts here
+##
+
+include("misc_func.inc");
+include("byte_func.inc");
+
+## RPC rstatd Program ID
+RPC_PROG = 100001;
+
+## Default protocol is UDP
+proto = "udp";
+
+## Get rstatd udp port, if not tcp port
+port = get_rpc_port(program:RPC_PROG, protocol:IPPROTO_UDP);
+if(!port){
+  port = get_rpc_port(program:RPC_PROG, protocol:IPPROTO_TCP);
+  proto = "tcp";
+}
+
+## Exit if it's not listening
+if(!port){
+  exit(0);
+}
+
+## Open UDP socket if it's UDP, else open TCP socket
+if(proto == "udp"){
+  soc = open_sock_udp(port);
+}else{
+  soc = open_sock_tcp(port);
+}
+
+data = NULL;
+## Construct RPC Packet
+rpc_paket = construct_rpc_packet(program:RPC_PROG, prog_ver:3,
+                           procedure:1, data:data, udp:proto);
+
+## Send and Receive response
+send(socket:soc, data:rpc_paket);
+resp = recv(socket:soc, length:4096);
+
+## Close Scoket
+close(soc);
+
+## It's not a proper response, If response length < 100 and > 130
+if(strlen(resp) < 100 || strlen(resp) > 150){
+  exit(0);
+}
+
+## Accept state position
+pos = 20;
+
+## If protocol is TCP then replay will
+## be having 4 bytes of Fragment header
+if(proto == "tcp"){
+  pos = 20 + 4;
+}
+
+## Confirm rstat response by
+## Checking Accept State: RPC executed successfully (0)
+if(ord(resp[pos]) == 0 && ord(resp[pos+1]) == 0 &&
+   ord(resp[pos+2]) == 0 && ord(resp[pos+3]) == 0){
+  security_warning(port);
+  exit(0);
+}

Added: trunk/openvas-plugins/scripts/secpod_scriptftp_cmd_bof_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_scriptftp_cmd_bof_vuln.nasl	2011-09-23 14:00:32 UTC (rev 11680)
+++ trunk/openvas-plugins/scripts/secpod_scriptftp_cmd_bof_vuln.nasl	2011-09-23 14:39:49 UTC (rev 11681)
@@ -0,0 +1,104 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_scriptftp_cmd_bof_vuln.nasl 17307 2011-09-23 15:15:15Z sep $
+#
+# ScriptFTP 'GETLIST' or 'GETFILE' Commands Remote Buffer Overflow Vulnerability
+#
+# Authors:
+# Sooraj KS <kssooraj at secpod.com>
+#
+# Copyright:
+# Copyright (c) 2011 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(902571);
+  script_version("$Revision: 1.0$");
+  script_bugtraq_id(49707);
+  script_tag(name:"cvss_base", value:"10.0");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("ScriptFTP 'GETLIST' or 'GETFILE' Commands Remote Buffer Overflow Vulnerability");
+  desc = "
+  Overview: This host is installed with ScriptFTP and is prone to buffer
+  overflow vulnerability.
+
+  Vulnerability Insight:
+  The flaw is caused due to a boundary error when processing filenames within
+  a directory listing. This can be exploited to cause a stack-based buffer
+  overflow via a specially crafted FTP LIST command response.
+
+  Impact:
+  Successful exploitation could allow remote attackers to execute arbitrary
+  code within the context of the application. Failed attacks may cause a
+  denial of service condition.
+
+  Impact Level: System/Application
+
+  Affected Software/OS:
+  ScriptFTP version 3.3 and prior.
+
+  Fix: No solution or patch is available as on 23rd September, 2011. Information
+  regarding this issue will be updated once the solution details are available.
+  For updates refer, http://www.scriptftp.com/download.php
+
+  References:
+  http://secunia.com/advisories/46099/
+  http://www.exploit-db.com/exploits/17876/
+  http://www.digital-echidna.org/2011/09/scriptftp-3-3-remote-buffer-overflow-exploit-0day/ ";
+
+  script_description(desc);
+  script_summary("Check for the version of ScriptFTP");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2011 SecPod");
+  script_family("Buffer overflow");
+  script_dependencies("secpod_reg_enum.nasl");
+  script_require_keys("SMB/WindowsVersion");
+  script_require_ports(139, 445);
+  exit(0);
+}
+
+
+include("smb_nt.inc");
+include("version_func.inc");
+include("secpod_smb_func.inc");
+
+## Confirm Windows
+if(!get_kb_item("SMB/WindowsVersion")){
+  exit(0);
+}
+
+## Confirm ScriptFTP
+key = "SOFTWARE\ScriptFTP";
+if(!registry_key_exists(key:key)) {
+  exit(0);
+}
+
+## Get Installed Path
+path = registry_get_sz(key:key, item:"Install_Dir");
+if(!path){
+  exit(0);
+}
+
+## Get Version from ScriptFTP.exe
+version = fetch_file_version(sysPath:path, file_name:"ScriptFTP.exe");
+if(version)
+{
+  ## Check for ScriptFTP version 3.3 and prior.
+  if(version_is_less_equal(version:version, test_version:"3.3")) {
+    security_hole(0);
+  }
+}



More information about the Openvas-commits mailing list